infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

List the vulnerable application and versions affected + cleaner cleanup script.

GSoC/Meterpreter_Web_Console
Quentin Kaiser 2018-12-24 13:54:02 +01:00
parent 18c844623a
commit 53a3caba2b
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
documentation/modules/exploit/multi/misc/consul_rexec_exec.md
View File

@ -1,5 +1,7 @@
## Vulnerable Application ## Vulnerable Application
[HashiCorp Consul][https://www.consul.io/] with `disable_remote_exec` configuration flag set to false (default configuration up to version 0.8, opt-in since version 0.9).
### Description ### Description
This module exploits a feature of Hashicorp Consul named rexec. This module exploits a feature of Hashicorp Consul named rexec.
@ -43,11 +45,11 @@ Node Address Status Type Build Protocol DC Segment
d28e7cf476ff 172.17.0.2:8301 alive client 1.4.0 2 dc1 <default> d28e7cf476ff 172.17.0.2:8301 alive client 1.4.0 2 dc1 <default>
``` ```
The following bash script can be used to stop and destroy **all your running docker containers** (so be careful if you use docker containers for other things at the same time): The following bash script can be used to stop and destroy **all your consul containers** (so be careful if you use consul containers for other things at the same time):
``` ```
#!/bin/sh #!/bin/sh
for h in `sudo docker ps -a| grep -v CONTAINER | cut -d' ' -f1`; do sudo docker stop $h && sudo docker rm $h; done for h in `sudo docker ps -a | grep consul | cut -d' ' -f1`; do docker stop $h && docker rm $h; done
``` ```
## Verification Steps ## Verification Steps