Land #10276, Update missing CVE references for auxiliary modules
commit
226d2c608d
|
@ -23239,6 +23239,43 @@
|
||||||
"is_install_path": true,
|
"is_install_path": true,
|
||||||
"ref_name": "scanner/smb/impacket/dcomexec"
|
"ref_name": "scanner/smb/impacket/dcomexec"
|
||||||
},
|
},
|
||||||
|
"auxiliary_scanner/smb/impacket/secretsdump": {
|
||||||
|
"name": "DCOM Exec",
|
||||||
|
"full_name": "auxiliary/scanner/smb/impacket/secretsdump",
|
||||||
|
"rank": 300,
|
||||||
|
"disclosure_date": null,
|
||||||
|
"type": "auxiliary",
|
||||||
|
"author": [
|
||||||
|
"Alberto Solino",
|
||||||
|
"Spencer McIntyre"
|
||||||
|
],
|
||||||
|
"description": "Performs various techniques to dump hashes from the remote machine\n without executing any agent there. For SAM and LSA Secrets (including\n cached creds) we try to read as much as we can from the registry and\n then we save the hives in the target system (%SYSTEMROOT%\\Temp dir) and\n read the rest of the data from there.",
|
||||||
|
"references": [
|
||||||
|
"URL-https://github.com/gentilkiwi/kekeo/tree/master/dcsync",
|
||||||
|
"URL-http://moyix.blogspot.com.ar/2008/02/syskey-and-sam.html",
|
||||||
|
"URL-http://moyix.blogspot.com.ar/2008/02/decrypting-lsa-secrets.html",
|
||||||
|
"URL-http://moyix.blogspot.com.ar/2008/02/cached-domain-credentials.html",
|
||||||
|
"URL-http://www.quarkslab.com/en-blog+read+13",
|
||||||
|
"URL-https://code.google.com/p/creddump/",
|
||||||
|
"URL-http://lab.mediaservice.net/code/cachedump.rb",
|
||||||
|
"URL-http://insecurety.net/?p=768",
|
||||||
|
"URL-http://www.beginningtoseethelight.org/ntsecurity/index.htm",
|
||||||
|
"URL-http://www.ntdsxtract.com/downloads/ActiveDirectoryOfflineHashDumpAndForensics.pdf",
|
||||||
|
"URL-http://www.passcape.com/index.php?section=blog&cmd=details&id=15",
|
||||||
|
"URL-https://github.com/CoreSecurity/impacket/blob/master/examples/secretsdump.py",
|
||||||
|
"AKA-secretsdump.py"
|
||||||
|
],
|
||||||
|
"is_server": false,
|
||||||
|
"is_client": false,
|
||||||
|
"platform": "",
|
||||||
|
"arch": "",
|
||||||
|
"rport": "",
|
||||||
|
"targets": null,
|
||||||
|
"mod_time": "2018-05-27 17:12:06 +0000",
|
||||||
|
"path": "/modules/auxiliary/scanner/smb/impacket/secretsdump.py",
|
||||||
|
"is_install_path": true,
|
||||||
|
"ref_name": "scanner/smb/impacket/secretsdump"
|
||||||
|
},
|
||||||
"auxiliary_scanner/smb/impacket/wmiexec": {
|
"auxiliary_scanner/smb/impacket/wmiexec": {
|
||||||
"name": "WMI Exec",
|
"name": "WMI Exec",
|
||||||
"full_name": "auxiliary/scanner/smb/impacket/wmiexec",
|
"full_name": "auxiliary/scanner/smb/impacket/wmiexec",
|
||||||
|
@ -35412,7 +35449,7 @@
|
||||||
"name": "HID discoveryd command_blink_on Unauthenticated RCE",
|
"name": "HID discoveryd command_blink_on Unauthenticated RCE",
|
||||||
"full_name": "exploit/linux/misc/hid_discoveryd_command_blink_on_unauth_rce",
|
"full_name": "exploit/linux/misc/hid_discoveryd_command_blink_on_unauth_rce",
|
||||||
"rank": 600,
|
"rank": 600,
|
||||||
"disclosure_date": "2016-03-28",
|
"disclosure_date": "2016-03-28 00:00:00 +0000",
|
||||||
"type": "exploit",
|
"type": "exploit",
|
||||||
"author": [
|
"author": [
|
||||||
"Ricky \"HeadlessZeke\" Lawshae",
|
"Ricky \"HeadlessZeke\" Lawshae",
|
||||||
|
@ -39782,7 +39819,7 @@
|
||||||
"name": "GitList v0.6.0 Argument Injection Vulnerability",
|
"name": "GitList v0.6.0 Argument Injection Vulnerability",
|
||||||
"full_name": "exploit/multi/http/gitlist_arg_injection",
|
"full_name": "exploit/multi/http/gitlist_arg_injection",
|
||||||
"rank": 600,
|
"rank": 600,
|
||||||
"disclosure_date": "2018-04-26",
|
"disclosure_date": "2018-04-26 00:00:00 +0000",
|
||||||
"type": "exploit",
|
"type": "exploit",
|
||||||
"author": [
|
"author": [
|
||||||
"Kacper Szurek",
|
"Kacper Szurek",
|
||||||
|
|
|
@ -17,7 +17,8 @@ class MetasploitModule < Msf::Auxiliary
|
||||||
},
|
},
|
||||||
'References' =>
|
'References' =>
|
||||||
[
|
[
|
||||||
['OSVDB', '60035'],
|
['CVE', '2009-4655'],
|
||||||
|
['OSVDB', '60035']
|
||||||
],
|
],
|
||||||
'Author' => 'hdm',
|
'Author' => 'hdm',
|
||||||
'License' => MSF_LICENSE
|
'License' => MSF_LICENSE
|
||||||
|
|
|
@ -29,6 +29,7 @@ class MetasploitModule < Msf::Auxiliary
|
||||||
'License' => MSF_LICENSE,
|
'License' => MSF_LICENSE,
|
||||||
'References' =>
|
'References' =>
|
||||||
[
|
[
|
||||||
|
[ 'CVE', '2007-4915' ],
|
||||||
[ 'BID', '25676'],
|
[ 'BID', '25676'],
|
||||||
[ 'PACKETSTORM', '59347']
|
[ 'PACKETSTORM', '59347']
|
||||||
],
|
],
|
||||||
|
|
|
@ -20,6 +20,7 @@ class MetasploitModule < Msf::Auxiliary
|
||||||
[ 'Unknown' ],
|
[ 'Unknown' ],
|
||||||
'References' =>
|
'References' =>
|
||||||
[
|
[
|
||||||
|
[ 'CVE', '2014-5208' ],
|
||||||
[ 'URL', 'https://community.rapid7.com/community/metasploit/blog/2014/08/09/r7-2014-10-disclosure-yokogawa-centum-cs3000-bkbcopydexe-file-system-access']
|
[ 'URL', 'https://community.rapid7.com/community/metasploit/blog/2014/08/09/r7-2014-10-disclosure-yokogawa-centum-cs3000-bkbcopydexe-file-system-access']
|
||||||
],
|
],
|
||||||
'Actions' =>
|
'Actions' =>
|
||||||
|
|
|
@ -32,6 +32,7 @@ class MetasploitModule < Msf::Auxiliary
|
||||||
'License' => MSF_LICENSE,
|
'License' => MSF_LICENSE,
|
||||||
'References' =>
|
'References' =>
|
||||||
[
|
[
|
||||||
|
[ 'CVE', '2010-2426' ],
|
||||||
[ 'OSVDB', '65533'],
|
[ 'OSVDB', '65533'],
|
||||||
[ 'URL', 'http://seclists.org/bugtraq/2010/Jun/160' ]
|
[ 'URL', 'http://seclists.org/bugtraq/2010/Jun/160' ]
|
||||||
],
|
],
|
||||||
|
|
|
@ -23,6 +23,7 @@ class MetasploitModule < Msf::Auxiliary
|
||||||
'Author' => 'xistence <xistence[at]0x90.nl>', # Discovery, Metasploit module
|
'Author' => 'xistence <xistence[at]0x90.nl>', # Discovery, Metasploit module
|
||||||
'References' =>
|
'References' =>
|
||||||
[
|
[
|
||||||
|
['CVE', '2014-100002'],
|
||||||
['EDB', '31262'],
|
['EDB', '31262'],
|
||||||
['OSVDB', '102656'],
|
['OSVDB', '102656'],
|
||||||
['BID', '65199'],
|
['BID', '65199'],
|
||||||
|
|
|
@ -17,6 +17,7 @@ class MetasploitModule < Msf::Auxiliary
|
||||||
},
|
},
|
||||||
'References' =>
|
'References' =>
|
||||||
[
|
[
|
||||||
|
['CVE','2014-4862'],
|
||||||
['URL', 'https://community.rapid7.com/community/metasploit/blog/2014/08/21/more-snmp-information-leaks-cve-2014-4862-and-cve-2014-4863']
|
['URL', 'https://community.rapid7.com/community/metasploit/blog/2014/08/21/more-snmp-information-leaks-cve-2014-4862-and-cve-2014-4863']
|
||||||
],
|
],
|
||||||
'Author' => ['Deral "Percent_X" Heiland'],
|
'Author' => ['Deral "Percent_X" Heiland'],
|
||||||
|
|
Loading…
Reference in New Issue