Correct OSX naming. See ticket #7182
sinn3r
parent
0e4e7dc903
commit
6a0271fb11
|
|
@ -21,13 +21,13 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
super(update_info(info,
|
||||
'Name' => "Apple Safari file:// Arbitrary Code Execution",
|
||||
'Description' => %q{
|
||||
This module exploits a vulnerability found in Apple Safari on OSX platform.
|
||||
This module exploits a vulnerability found in Apple Safari on OS X platform.
|
||||
A policy issue in the handling of file:// URLs may allow arbitrary remote code
|
||||
execution under the context of the user.
|
||||
|
||||
In order to trigger arbitrary remote code execution, the best way seems to
|
||||
be opening a share on the victim machine first (this can be SMB/WebDav/FTP, or
|
||||
a fileformat that OSX might automount), and then execute it in /Volumes/[share].
|
||||
a fileformat that OS X might automount), and then execute it in /Volumes/[share].
|
||||
If there's some kind of bug that leaks the victim machine's current username,
|
||||
then it's also possible to execute the payload in /Users/[username]/Downloads/,
|
||||
or else bruteforce your way to getting that information.
|
||||
|
|
@ -60,8 +60,8 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
'Arch' => [ ARCH_CMD, ARCH_JAVA ],
|
||||
'Targets' =>
|
||||
[
|
||||
[ 'Safari 5.1 on OSX', {} ],
|
||||
[ 'Safari 5.1 on OSX with Java', {} ]
|
||||
[ 'Safari 5.1 on OS X', {} ],
|
||||
[ 'Safari 5.1 on OS X with Java', {} ]
|
||||
],
|
||||
'Privileged' => true,
|
||||
'DisclosureDate' => "Oct 12 2011", #Blog date
|
||||
|
|
|
|||
|
|
@ -22,7 +22,7 @@ module Metasploit3
|
|||
|
||||
def initialize(info = {})
|
||||
super(merge_info(info,
|
||||
'Name' => 'OSX Command Shell, Bind TCP Inline',
|
||||
'Name' => 'OS X Command Shell, Bind TCP Inline',
|
||||
'Version' => '$Revision$',
|
||||
'Description' => 'Listen for a connection and spawn a command shell',
|
||||
'Author' => 'hdm',
|
||||
|
|
|
|||
|
|
@ -22,7 +22,7 @@ module Metasploit3
|
|||
|
||||
def initialize(info = {})
|
||||
super(merge_info(info,
|
||||
'Name' => 'OSX Command Shell, Reverse TCP Inline',
|
||||
'Name' => 'OS X Command Shell, Reverse TCP Inline',
|
||||
'Version' => '$Revision$',
|
||||
'Description' => 'Connect back to attacker and spawn a command shell',
|
||||
'Author' => 'hdm',
|
||||
|
|
|
|||
|
|
@ -22,7 +22,7 @@ module Metasploit3
|
|||
|
||||
def initialize(info = {})
|
||||
super(merge_info(info,
|
||||
'Name' => 'OSX Command Shell, Bind TCP Inline',
|
||||
'Name' => 'OS X Command Shell, Bind TCP Inline',
|
||||
'Version' => '$Revision$',
|
||||
'Description' => 'Listen for a connection and spawn a command shell',
|
||||
'Author' => 'hdm',
|
||||
|
|
|
|||
|
|
@ -22,7 +22,7 @@ module Metasploit3
|
|||
|
||||
def initialize(info = {})
|
||||
super(merge_info(info,
|
||||
'Name' => 'OSX Command Shell, Reverse TCP Inline',
|
||||
'Name' => 'OS X Command Shell, Reverse TCP Inline',
|
||||
'Version' => '$Revision$',
|
||||
'Description' => 'Connect back to attacker and spawn a command shell',
|
||||
'Author' => 'hdm',
|
||||
|
|
|
|||
|
|
@ -18,7 +18,7 @@ module Metasploit3
|
|||
|
||||
def initialize(info = {})
|
||||
super(merge_info(info,
|
||||
'Name' => 'OSX x64 Execute Command',
|
||||
'Name' => 'OS X x64 Execute Command',
|
||||
'Version' => '$Revision$',
|
||||
'Description' => 'Execute an arbitrary command',
|
||||
'Author' => 'argp <argp[at]census-labs.com>',
|
||||
|
|
|
|||
|
|
@ -27,7 +27,7 @@ module Metasploit3
|
|||
|
||||
def initialize(info = {})
|
||||
super(merge_info(info,
|
||||
'Name' => 'OSX Execute Command',
|
||||
'Name' => 'OS X Execute Command',
|
||||
'Version' => '$Revision$',
|
||||
'Description' => 'Execute an arbitrary command',
|
||||
'Author' => [ 'snagg <snagg[at]openssl.it>', 'argp <argp[at]census-labs.com>' ],
|
||||
|
|
|
|||
|
|
@ -22,7 +22,7 @@ module Metasploit3
|
|||
|
||||
def initialize(info = {})
|
||||
super(merge_info(info,
|
||||
'Name' => 'OSX Command Shell, Bind TCP Inline',
|
||||
'Name' => 'OS X Command Shell, Bind TCP Inline',
|
||||
'Version' => '$Revision$',
|
||||
'Description' => 'Listen for a connection and spawn a command shell',
|
||||
'Author' => 'ramon',
|
||||
|
|
|
|||
|
|
@ -22,7 +22,7 @@ module Metasploit3
|
|||
|
||||
def initialize(info = {})
|
||||
super(merge_info(info,
|
||||
'Name' => 'OSX Command Shell, Find Port Inline',
|
||||
'Name' => 'OS X Command Shell, Find Port Inline',
|
||||
'Version' => '$Revision$',
|
||||
'Description' => 'Spawn a shell on an established connection',
|
||||
'Author' => 'ramon',
|
||||
|
|
|
|||
|
|
@ -22,7 +22,7 @@ module Metasploit3
|
|||
|
||||
def initialize(info = {})
|
||||
super(merge_info(info,
|
||||
'Name' => 'OSX Command Shell, Reverse TCP Inline',
|
||||
'Name' => 'OS X Command Shell, Reverse TCP Inline',
|
||||
'Version' => '$Revision$',
|
||||
'Description' => 'Connect back to attacker and spawn a command shell',
|
||||
'Author' => 'ramon',
|
||||
|
|
|
|||
|
|
@ -22,7 +22,7 @@ module Metasploit3
|
|||
|
||||
def initialize(info = {})
|
||||
super(merge_info(info,
|
||||
'Name' => 'OSX (vfork) Command Shell, Bind TCP Inline',
|
||||
'Name' => 'OS X (vfork) Command Shell, Bind TCP Inline',
|
||||
'Version' => '$Revision$',
|
||||
'Description' => 'Listen for a connection, vfork if necessary, and spawn a command shell',
|
||||
'Author' => 'ddz',
|
||||
|
|
|
|||
|
|
@ -22,7 +22,7 @@ module Metasploit3
|
|||
|
||||
def initialize(info = {})
|
||||
super(merge_info(info,
|
||||
'Name' => 'OSX (vfork) Command Shell, Reverse TCP Inline',
|
||||
'Name' => 'OS X (vfork) Command Shell, Reverse TCP Inline',
|
||||
'Version' => '$Revision$',
|
||||
'Description' => 'Connect back to attacker, vfork if necessary, and spawn a command shell',
|
||||
'Author' => 'ddz',
|
||||
|
|
|
|||
|
|
@ -19,7 +19,7 @@ module Metasploit3
|
|||
|
||||
def initialize(info = {})
|
||||
super(merge_info(info,
|
||||
'Name' => 'OSX Write and Execute Binary',
|
||||
'Name' => 'OS X Write and Execute Binary',
|
||||
'Version' => '$Revision$',
|
||||
'Description' => 'Spawn a command shell (staged)',
|
||||
'Author' => 'hdm',
|
||||
|
|
|
|||
|
|
@ -19,7 +19,7 @@ module Metasploit3
|
|||
|
||||
def initialize(info = {})
|
||||
super(merge_info(info,
|
||||
'Name' => 'OSX Command Shell',
|
||||
'Name' => 'OS X Command Shell',
|
||||
'Version' => '$Revision$',
|
||||
'Description' => 'Spawn a command shell (staged)',
|
||||
'Author' => 'hdm',
|
||||
|
|
|
|||
|
|
@ -19,7 +19,7 @@ module Metasploit3
|
|||
|
||||
def initialize(info = {})
|
||||
super(merge_info(info,
|
||||
'Name' => 'OSX Command Shell',
|
||||
'Name' => 'OS X Command Shell',
|
||||
'Version' => '$Revision$',
|
||||
'Description' => 'Spawn a command shell (staged)',
|
||||
'Author' => 'hdm',
|
||||
|
|
|
|||
|
|
@ -19,7 +19,7 @@ module Metasploit3
|
|||
|
||||
def initialize(info = {})
|
||||
super(merge_info(info,
|
||||
'Name' => 'OSX (vfork) Command Shell',
|
||||
'Name' => 'OS X (vfork) Command Shell',
|
||||
'Version' => '$Revision$',
|
||||
'Description' => 'Call vfork() if necessary and spawn a command shell (staged)',
|
||||
'Author' => 'ddz',
|
||||
|
|
|
|||
|
|
@ -14,7 +14,7 @@ class Metasploit3 < Msf::Post
|
|||
|
||||
def initialize(info={})
|
||||
super( update_info( info,
|
||||
'Name' => "OSX Text to Speech Utility",
|
||||
'Name' => "OS X Text to Speech Utility",
|
||||
'Description' => %q{
|
||||
This module will speak whatever is in the 'TEXT' option on the victim machine.
|
||||
},
|
||||
|
|
|
|||
|
|
@ -18,7 +18,7 @@ class Metasploit3 < Msf::Post
|
|||
|
||||
def initialize(info={})
|
||||
super(update_info(info,
|
||||
'Name' => 'OSX Gather Adium Enumeration',
|
||||
'Name' => 'OS X Gather Adium Enumeration',
|
||||
'Description' => %q{
|
||||
This module will collect Adium's account plist files and chat logs from the
|
||||
victim's machine. There are three different actions you may choose: ACCOUNTS,
|
||||
|
|
|
|||
|
|
@ -14,9 +14,9 @@ class Metasploit3 < Msf::Post
|
|||
|
||||
def initialize(info={})
|
||||
super(update_info(info,
|
||||
'Name' => 'OSX Gather Airport Wireless Preferences',
|
||||
'Name' => 'OS X Gather Airport Wireless Preferences',
|
||||
'Description' => %q{
|
||||
This module will download OSX Airport Wireless preferences from the victim
|
||||
This module will download OS X Airport Wireless preferences from the victim
|
||||
machine. The preferences file (which is a plist) contains information such as:
|
||||
SSID, Channels, Security Type, Password ID, etc.
|
||||
},
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@ class Metasploit3 < Msf::Post
|
|||
|
||||
def initialize(info={})
|
||||
super(update_info(info,
|
||||
'Name' => 'OSX Gather Chicken of the VNC Profile',
|
||||
'Name' => 'OS X Gather Chicken of the VNC Profile',
|
||||
'Description' => %q{
|
||||
This module will download the "Chicken of the VNC" client application's
|
||||
profile file, which is used to store other VNC servers' information such
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@ class Metasploit3 < Msf::Post
|
|||
|
||||
def initialize(info={})
|
||||
super(update_info(info,
|
||||
'Name' => 'OSX Gather Colloquy Enumeration',
|
||||
'Name' => 'OS X Gather Colloquy Enumeration',
|
||||
'Description' => %q{
|
||||
This module will collect Colloquy's info plist file and chat logs from the
|
||||
victim's machine. There are three actions you may choose: INFO, CHATS, and
|
||||
|
|
|
|||
|
|
@ -14,7 +14,7 @@ class Metasploit3 < Msf::Post
|
|||
|
||||
def initialize(info={})
|
||||
super(update_info(info,
|
||||
'Name' => 'OSX Gather Keychain Enumeration',
|
||||
'Name' => 'OS X Gather Keychain Enumeration',
|
||||
'Description' => %q{
|
||||
This module presents a way to quickly go through the current users keychains and
|
||||
collect data such as email accounts, servers, and other services. Please note:
|
||||
|
|
|
|||
Loading…
Reference in New Issue