Land #10276, Update missing CVE references for auxiliary modules

GSoC/Meterpreter_Web_Console
Jacob Robles 2018-07-09 12:58:25 -05:00
commit 226d2c608d
No known key found for this signature in database
GPG Key ID: 3EC9F18F2B12401C
7 changed files with 46 additions and 3 deletions

View File

@ -23239,6 +23239,43 @@
"is_install_path": true, "is_install_path": true,
"ref_name": "scanner/smb/impacket/dcomexec" "ref_name": "scanner/smb/impacket/dcomexec"
}, },
"auxiliary_scanner/smb/impacket/secretsdump": {
"name": "DCOM Exec",
"full_name": "auxiliary/scanner/smb/impacket/secretsdump",
"rank": 300,
"disclosure_date": null,
"type": "auxiliary",
"author": [
"Alberto Solino",
"Spencer McIntyre"
],
"description": "Performs various techniques to dump hashes from the remote machine\n without executing any agent there. For SAM and LSA Secrets (including\n cached creds) we try to read as much as we can from the registry and\n then we save the hives in the target system (%SYSTEMROOT%\\Temp dir) and\n read the rest of the data from there.",
"references": [
"URL-https://github.com/gentilkiwi/kekeo/tree/master/dcsync",
"URL-http://moyix.blogspot.com.ar/2008/02/syskey-and-sam.html",
"URL-http://moyix.blogspot.com.ar/2008/02/decrypting-lsa-secrets.html",
"URL-http://moyix.blogspot.com.ar/2008/02/cached-domain-credentials.html",
"URL-http://www.quarkslab.com/en-blog+read+13",
"URL-https://code.google.com/p/creddump/",
"URL-http://lab.mediaservice.net/code/cachedump.rb",
"URL-http://insecurety.net/?p=768",
"URL-http://www.beginningtoseethelight.org/ntsecurity/index.htm",
"URL-http://www.ntdsxtract.com/downloads/ActiveDirectoryOfflineHashDumpAndForensics.pdf",
"URL-http://www.passcape.com/index.php?section=blog&cmd=details&id=15",
"URL-https://github.com/CoreSecurity/impacket/blob/master/examples/secretsdump.py",
"AKA-secretsdump.py"
],
"is_server": false,
"is_client": false,
"platform": "",
"arch": "",
"rport": "",
"targets": null,
"mod_time": "2018-05-27 17:12:06 +0000",
"path": "/modules/auxiliary/scanner/smb/impacket/secretsdump.py",
"is_install_path": true,
"ref_name": "scanner/smb/impacket/secretsdump"
},
"auxiliary_scanner/smb/impacket/wmiexec": { "auxiliary_scanner/smb/impacket/wmiexec": {
"name": "WMI Exec", "name": "WMI Exec",
"full_name": "auxiliary/scanner/smb/impacket/wmiexec", "full_name": "auxiliary/scanner/smb/impacket/wmiexec",
@ -35412,7 +35449,7 @@
"name": "HID discoveryd command_blink_on Unauthenticated RCE", "name": "HID discoveryd command_blink_on Unauthenticated RCE",
"full_name": "exploit/linux/misc/hid_discoveryd_command_blink_on_unauth_rce", "full_name": "exploit/linux/misc/hid_discoveryd_command_blink_on_unauth_rce",
"rank": 600, "rank": 600,
"disclosure_date": "2016-03-28", "disclosure_date": "2016-03-28 00:00:00 +0000",
"type": "exploit", "type": "exploit",
"author": [ "author": [
"Ricky \"HeadlessZeke\" Lawshae", "Ricky \"HeadlessZeke\" Lawshae",
@ -39782,7 +39819,7 @@
"name": "GitList v0.6.0 Argument Injection Vulnerability", "name": "GitList v0.6.0 Argument Injection Vulnerability",
"full_name": "exploit/multi/http/gitlist_arg_injection", "full_name": "exploit/multi/http/gitlist_arg_injection",
"rank": 600, "rank": 600,
"disclosure_date": "2018-04-26", "disclosure_date": "2018-04-26 00:00:00 +0000",
"type": "exploit", "type": "exploit",
"author": [ "author": [
"Kacper Szurek", "Kacper Szurek",

View File

@ -17,7 +17,8 @@ class MetasploitModule < Msf::Auxiliary
}, },
'References' => 'References' =>
[ [
['OSVDB', '60035'], ['CVE', '2009-4655'],
['OSVDB', '60035']
], ],
'Author' => 'hdm', 'Author' => 'hdm',
'License' => MSF_LICENSE 'License' => MSF_LICENSE

View File

@ -29,6 +29,7 @@ class MetasploitModule < Msf::Auxiliary
'License' => MSF_LICENSE, 'License' => MSF_LICENSE,
'References' => 'References' =>
[ [
[ 'CVE', '2007-4915' ],
[ 'BID', '25676'], [ 'BID', '25676'],
[ 'PACKETSTORM', '59347'] [ 'PACKETSTORM', '59347']
], ],

View File

@ -20,6 +20,7 @@ class MetasploitModule < Msf::Auxiliary
[ 'Unknown' ], [ 'Unknown' ],
'References' => 'References' =>
[ [
[ 'CVE', '2014-5208' ],
[ 'URL', 'https://community.rapid7.com/community/metasploit/blog/2014/08/09/r7-2014-10-disclosure-yokogawa-centum-cs3000-bkbcopydexe-file-system-access'] [ 'URL', 'https://community.rapid7.com/community/metasploit/blog/2014/08/09/r7-2014-10-disclosure-yokogawa-centum-cs3000-bkbcopydexe-file-system-access']
], ],
'Actions' => 'Actions' =>

View File

@ -32,6 +32,7 @@ class MetasploitModule < Msf::Auxiliary
'License' => MSF_LICENSE, 'License' => MSF_LICENSE,
'References' => 'References' =>
[ [
[ 'CVE', '2010-2426' ],
[ 'OSVDB', '65533'], [ 'OSVDB', '65533'],
[ 'URL', 'http://seclists.org/bugtraq/2010/Jun/160' ] [ 'URL', 'http://seclists.org/bugtraq/2010/Jun/160' ]
], ],

View File

@ -23,6 +23,7 @@ class MetasploitModule < Msf::Auxiliary
'Author' => 'xistence <xistence[at]0x90.nl>', # Discovery, Metasploit module 'Author' => 'xistence <xistence[at]0x90.nl>', # Discovery, Metasploit module
'References' => 'References' =>
[ [
['CVE', '2014-100002'],
['EDB', '31262'], ['EDB', '31262'],
['OSVDB', '102656'], ['OSVDB', '102656'],
['BID', '65199'], ['BID', '65199'],

View File

@ -17,6 +17,7 @@ class MetasploitModule < Msf::Auxiliary
}, },
'References' => 'References' =>
[ [
['CVE','2014-4862'],
['URL', 'https://community.rapid7.com/community/metasploit/blog/2014/08/21/more-snmp-information-leaks-cve-2014-4862-and-cve-2014-4863'] ['URL', 'https://community.rapid7.com/community/metasploit/blog/2014/08/21/more-snmp-information-leaks-cve-2014-4862-and-cve-2014-4863']
], ],
'Author' => ['Deral "Percent_X" Heiland'], 'Author' => ['Deral "Percent_X" Heiland'],