infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Final changes

unstable
sinn3r 2012-12-07 14:44:41 -06:00
parent bae5442ca6
commit 78b4233b56
1 changed files with 6 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
modules/exploits/windows/ftp/freefloatftp_wbem.rb
View File

@ -20,9 +20,11 @@ class Metasploit3 < Msf::Exploit::Remote
super(update_info(info,
'Name' => "FreeFloat FTP Server Arbitrary File Upload",
'Description' => %q{
This module abuses a lack of authentication and authorization on FreeFloat FTP
Server to upload arbitrary files to the remote filesystem. This module uses the
Windows Management Instrumentation service to execute the payload uploaded.
This module abuses multiple issues in FreeFloat: 1. No credential is actually
needed to login; 2. User's default path is in C:\, and this cannot be changed;
3. User can write to anywhere on the server's file system. As a result of these
poor implementations, a malicious user can just log in and then upload files,
and let WMI (Management Instrumentation service) to execute the payload uploaded.
},
'License' => MSF_LICENSE,
'Author' =>
@ -37,7 +39,7 @@ class Metasploit3 < Msf::Exploit::Remote
'Platform' => 'win',
'Targets' =>
[
['FreeFloat', {}],
['FreeFloat', {}]
],
'Privileged' => true,
'DisclosureDate' => "Dec 7 2012",
@ -58,7 +60,6 @@ class Metasploit3 < Msf::Exploit::Remote
disconnect
if banner =~ /FreeFloat/
# Yup, you're f*cked
return Exploit::CheckCode::Vulnerable
else
return Exploit::CheckCode::Safe