infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add CVE; clarify vuln name

GSoC/Meterpreter_Web_Console
Jon Hart 2018-03-04 07:13:28 -08:00
parent 83430f858e
commit 2edb2dd8d0
No known key found for this signature in database
GPG Key ID: 2FA9F0A3AFA8E9D3
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
modules/auxiliary/scanner/memcached/memcached_amp.rb
View File

@ -11,7 +11,7 @@ class MetasploitModule < Msf::Auxiliary
def initialize def initialize
super( super(
'Name' => 'Memcached Amplification Scanner', 'Name' => 'Memcached Stats Amplification Scanner',
'Description' => %q{ 'Description' => %q{
This module can be used to discover Memcached servers which expose the This module can be used to discover Memcached servers which expose the
unrestricted UDP port 11211. A basic "stats" request is executed to check unrestricted UDP port 11211. A basic "stats" request is executed to check
@ -26,7 +26,8 @@ class MetasploitModule < Msf::Auxiliary
'License' => MSF_LICENSE, 'License' => MSF_LICENSE,
'References' => 'References' =>
[ [
['URL', 'https://blog.cloudflare.com/memcrashed-major-amplification-attacks-from-port-11211/'] ['URL', 'https://blog.cloudflare.com/memcrashed-major-amplification-attacks-from-port-11211/'],
['CVE', '2018-100015']
] ]
) )
@ -67,7 +68,7 @@ class MetasploitModule < Msf::Auxiliary
peer = "#{host}:#{rport}" peer = "#{host}:#{rport}"
vulnerable, proof = prove_amplification(response_map) vulnerable, proof = prove_amplification(response_map)
what = 'MEMCACHED amplification' what = 'memcached stats amplification'
if vulnerable if vulnerable
print_good("#{peer} - Vulnerable to #{what}: #{proof}") print_good("#{peer} - Vulnerable to #{what}: #{proof}")
report_vuln({ report_vuln({