infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Land #3751, @wchen-r7's [FixRM #8836] Use windows\\win.ini vs boot.ini

bug/bundler_fix
jvazquez-r7 2014-09-07 01:47:10 -05:00
parent 422d6bd2e4 c86d01a667
commit 28aa7429ed
No known key found for this signature in database
GPG Key ID: 38D99152B9352D83
24 changed files with 25 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
modules/auxiliary/admin/backupexec/dump.rb
View File

@ -57,7 +57,7 @@ class Metasploit3 < Msf::Auxiliary
[
true,
"The remote filesystem path to download",
"C:\\boot.ini"
"C:\\Windows\\win.ini"
]
),
OptString.new('LPATH',

2
modules/auxiliary/admin/http/axigen_file_access.rb
View File

@ -46,7 +46,7 @@ class Metasploit3 < Msf::Auxiliary
OptString.new('TARGETURI',[ true, 'Path to Axigen WebAdmin', '/' ]),
OptString.new('USERNAME', [ true, 'The user to authenticate as', 'admin' ]),
OptString.new('PASSWORD', [ true, 'The password to authenticate with' ]),
OptString.new('PATH', [ true, 'The file to read or delete', "\\boot.ini" ])
OptString.new('PATH', [ true, 'The file to read or delete', "\\windows\\win.ini" ])
], self.class)
end

4
modules/auxiliary/admin/officescan/tmlisten_traversal.rb
View File

@ -40,7 +40,7 @@ class Metasploit3 < Msf::Auxiliary
res = send_request_raw(
{
'uri' => '/activeupdate/../../../../../../../../../../../boot.ini',
'uri' => '/activeupdate/../../../../../../../../../../../windows\\win.ini',
'method' => 'GET',
}, 20)
@ -52,7 +52,7 @@ class Metasploit3 < Msf::Auxiliary
http_fingerprint({ :response => res })
if (res.code >= 200)
if (res.body =~ /boot/)
if (res.body =~ /for 16-bit app support/)
vuln = "vulnerable."
else
vuln = "not vulnerable."

2
modules/auxiliary/admin/scada/ge_proficy_substitute_traversal.rb
View File

@ -38,7 +38,7 @@ class Metasploit3 < Msf::Auxiliary
[
Opt::RPORT(80),
OptString.new('TARGETURI',[true, 'Path to CimWeb', '/CimWeb']),
OptString.new('FILEPATH', [true, 'The name of the file to download', '/boot.ini']),
OptString.new('FILEPATH', [true, 'The name of the file to download', '/windows\\win.ini']),
# By default gefebt.exe installed on C:\Program Files\GE Fanuc\Proficy CIMPLICITY\WebPages\CimWeb
OptInt.new('DEPTH', [true, 'Traversal depth', 5])
], self.class)

2
modules/auxiliary/scanner/ftp/titanftp_xcrc_traversal.rb
View File

@ -45,7 +45,7 @@ class Metasploit3 < Msf::Auxiliary
[
Opt::RPORT(21),
OptString.new('TRAVERSAL', [ true, "String to traverse to the drive's root directory", "..\\..\\" ]),
OptString.new('PATH', [ true, "Path to the file to disclose, releative to the root dir.", 'boot.ini'])
OptString.new('PATH', [ true, "Path to the file to disclose, releative to the root dir.", 'windows\\win.ini'])
], self.class)
end

2
modules/auxiliary/scanner/http/apache_activemq_traversal.rb
View File

@ -37,7 +37,7 @@ class Metasploit3 < Msf::Auxiliary
register_options(
[
Opt::RPORT(8161),
OptString.new('FILEPATH', [true, 'The name of the file to download', '/boot.ini']),
OptString.new('FILEPATH', [true, 'The name of the file to download', '/windows\\win.ini']),
OptInt.new('DEPTH', [false, 'Traversal depth if absolute is set to false', 4])
], self.class)
end

2
modules/auxiliary/scanner/http/groupwise_agents_http_traversal.rb
View File

@ -38,7 +38,7 @@ class Metasploit3 < Msf::Auxiliary
register_options(
[
Opt::RPORT(7181), # Also 7180 can be used
OptString.new('FILEPATH', [true, 'The name of the file to download', '/boot.ini']),
OptString.new('FILEPATH', [true, 'The name of the file to download', '/windows\\win.ini']),
OptInt.new('DEPTH', [true, 'Traversal depth if absolute is set to false', 10])
], self.class)
end

2
modules/auxiliary/scanner/http/hp_imc_bims_downloadservlet_traversal.rb
View File

@ -40,7 +40,7 @@ class Metasploit3 < Msf::Auxiliary
[
Opt::RPORT(8080),
OptString.new('TARGETURI', [true, 'Path to HP Intelligent Management Center', '/imc']),
OptString.new('FILEPATH', [true, 'The name of the file to download', '/boot.ini']),
OptString.new('FILEPATH', [true, 'The name of the file to download', '/windows\\win.ini']),
# By default files downloaded from C:\Program Files\iMC\client\web\apps\imc\
OptInt.new('DEPTH', [true, 'Traversal depth', 6])
], self.class)

2
modules/auxiliary/scanner/http/hp_imc_faultdownloadservlet_traversal.rb
View File

@ -39,7 +39,7 @@ class Metasploit3 < Msf::Auxiliary
[
Opt::RPORT(8080),
OptString.new('TARGETURI', [true, 'Path to HP Intelligent Management Center', '/imc']),
OptString.new('FILEPATH', [true, 'The name of the file to download', '/boot.ini']),
OptString.new('FILEPATH', [true, 'The name of the file to download', '/windows\\win.ini']),
# By default files downloaded from C:\Program Files\iMC\client\web\apps\imc\tmp\
OptInt.new('DEPTH', [true, 'Traversal depth', 7])
], self.class)

2
modules/auxiliary/scanner/http/hp_imc_ictdownloadservlet_traversal.rb
View File

@ -39,7 +39,7 @@ class Metasploit3 < Msf::Auxiliary
[
Opt::RPORT(8080),
OptString.new('TARGETURI', [true, 'Path to HP Intelligent Management Center', '/imc']),
OptString.new('FILEPATH', [true, 'The name of the file to download', '/boot.ini']),
OptString.new('FILEPATH', [true, 'The name of the file to download', '/windows\\win.ini']),
# By default files downloaded from C:\Program Files\iMC\client\web\apps\imc\tmp\
OptInt.new('DEPTH', [true, 'Traversal depth', 7])
], self.class)

2
modules/auxiliary/scanner/http/hp_imc_reportimgservlt_traversal.rb
View File

@ -39,7 +39,7 @@ class Metasploit3 < Msf::Auxiliary
[
Opt::RPORT(8080),
OptString.new('TARGETURI', [true, 'Path to HP Intelligent Management Center', '/imc']),
OptString.new('FILEPATH', [true, 'The name of the file to download', '/boot.ini']),
OptString.new('FILEPATH', [true, 'The name of the file to download', '/windows\\win.ini']),
# By default files downloaded from C:\Program Files\iMC\client\bin\
OptInt.new('DEPTH', [true, 'Traversal depth', 4])
], self.class)

2
modules/auxiliary/scanner/http/hp_imc_som_file_download.rb
View File

@ -39,7 +39,7 @@ class Metasploit3 < Msf::Auxiliary
[
Opt::RPORT(8080),
OptString.new('TARGETURI', [true, 'Path to HP Intelligent Management Center', '/imc']),
OptString.new('FILEPATH', [true, 'The path of the file to download', 'c:\\boot.ini'])
OptString.new('FILEPATH', [true, 'The path of the file to download', 'c:\\windows\\win.ini'])
], self.class)
end

2
modules/auxiliary/scanner/http/hp_sitescope_getfileinternal_fileaccess.rb
View File

@ -38,7 +38,7 @@ class Metasploit4 < Msf::Auxiliary
register_options(
[
Opt::RPORT(8080),
OptString.new('RFILE', [true, 'Remote File', 'c:\\boot.ini']),
OptString.new('RFILE', [true, 'Remote File', 'c:\\windows\\win.ini']),
OptString.new('TARGETURI', [true, 'Path to SiteScope', '/SiteScope/'])
], self.class)

2
modules/auxiliary/scanner/http/hp_sitescope_loadfilecontent_fileaccess.rb
View File

@ -38,7 +38,7 @@ class Metasploit4 < Msf::Auxiliary
register_options(
[
Opt::RPORT(8080),
OptString.new('RFILE', [true, 'Remote File', 'c:\\boot.ini']),
OptString.new('RFILE', [true, 'Remote File', 'c:\\windows\\win.ini']),
OptString.new('TARGETURI', [true, 'Path to SiteScope', '/SiteScope/']),
], self.class)

2
modules/auxiliary/scanner/http/http_traversal.rb
View File

@ -106,7 +106,7 @@ class Metasploit3 < Msf::Auxiliary
# Initialize the default file(s) we should try to read during fuzzing
if datastore['FILE'].empty?
file_to_read = ['etc/passwd', 'boot.ini']
file_to_read = ['etc/passwd', 'boot.ini', 'windows\\win.ini']
else
file_to_read = [datastore['FILE']]
end

2
modules/auxiliary/scanner/http/manageengine_deviceexpert_traversal.rb
View File

@ -39,7 +39,7 @@ class Metasploit3 < Msf::Auxiliary
[
Opt::RPORT(6060),
OptBool.new('SSL', [true, 'Use SSL', true]),
OptString.new('FILEPATH', [true, 'The name of the file to download', 'boot.ini'])
OptString.new('FILEPATH', [true, 'The name of the file to download', 'windows\\win.ini'])
], self.class)
deregister_options('RHOST')

2
modules/auxiliary/scanner/http/novell_file_reporter_fsfui_fileaccess.rb
View File

@ -38,7 +38,7 @@ class Metasploit4 < Msf::Auxiliary
[
Opt::RPORT(3037),
OptBool.new('SSL', [true, 'Use SSL', true]),
OptString.new('RFILE', [true, 'Remote File', 'boot.ini']),
OptString.new('RFILE', [true, 'Remote File', 'windows\\win.ini']),
OptInt.new('DEPTH', [true, 'Traversal depth', 6])
], self.class)

2
modules/auxiliary/scanner/http/novell_file_reporter_srs_fileaccess.rb
View File

@ -38,7 +38,7 @@ class Metasploit4 < Msf::Auxiliary
[
Opt::RPORT(3037),
OptBool.new('SSL', [true, 'Use SSL', true]),
OptString.new('RFILE', [true, 'Remote File', 'c:\\boot.ini'])
OptString.new('RFILE', [true, 'Remote File', 'c:\\windows\\win.ini'])
], self.class)
register_autofilter_ports([ 3037 ])

2
modules/auxiliary/scanner/http/simple_webserver_traversal.rb
View File

@ -35,7 +35,7 @@ class Metasploit3 < Msf::Auxiliary
register_options(
[
OptString.new('FILEPATH', [true, 'The name of the file to download', 'boot.ini']),
OptString.new('FILEPATH', [true, 'The name of the file to download', 'windows\\win.ini']),
OptInt.new('DEPTH', [true, 'The max traversal depth', 8])
], self.class)

2
modules/auxiliary/scanner/http/vmware_update_manager_traversal.rb
View File

@ -38,7 +38,7 @@ class Metasploit3 < Msf::Auxiliary
[
Opt::RPORT(9084),
OptString.new('URIPATH', [true, 'URI path to the downloads', '/vci/downloads/']),
OptString.new('FILE', [true, 'Define the remote file to download', 'boot.ini'])
OptString.new('FILE', [true, 'Define the remote file to download', 'windows\\win.ini'])
], self.class)
end

2
modules/auxiliary/scanner/http/yaws_traversal.rb
View File

@ -37,7 +37,7 @@ class Metasploit3 < Msf::Auxiliary
register_options(
[
Opt::RPORT(8080),
OptString.new('FILEPATH', [false, 'The name of the file to download', 'boot.ini'])
OptString.new('FILEPATH', [false, 'The name of the file to download', 'windows\\win.ini'])
], self.class)
deregister_options('RHOST')

2
modules/auxiliary/scanner/scada/indusoft_ntwebserver_fileaccess.rb
View File

@ -37,7 +37,7 @@ class Metasploit4 < Msf::Auxiliary
register_options(
[
OptString.new('RFILE', [true, 'Remote File', '/boot.ini']),
OptString.new('RFILE', [true, 'Remote File', '/windows\\win.ini']),
OptInt.new('DEPTH', [true, 'Traversal depth', 3])
], self.class)

2
modules/auxiliary/scanner/tftp/ipswitch_whatsupgold_tftp.rb
View File

@ -37,7 +37,7 @@ class Metasploit3 < Msf::Auxiliary
register_options(
[
Opt::RPORT(69),
OptString.new('FILENAME', [false, 'The file to loot', 'boot.ini']),
OptString.new('FILENAME', [false, 'The file to loot', 'windows\\win.ini']),
OptBool.new('SAVE', [false, 'Save the downloaded file to disk', 'false'])
], self.class)
end

2
modules/auxiliary/scanner/tftp/netdecision_tftp.rb
View File

@ -36,7 +36,7 @@ class Metasploit3 < Msf::Auxiliary
[
Opt::RPORT(69),
OptInt.new('DEPTH', [false, "Levels to reach base directory",1]),
OptString.new('FILENAME', [false, 'The file to loot', 'boot.ini']),
OptString.new('FILENAME', [false, 'The file to loot', 'windows\\win.ini']),
], self.class)
end