infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Ora XID HTTP needn't edit DBUSER (@cellabosm) 

Looks like copypasta artifacts. DBUSER and DBPASS aren't ever set as
options in the module, and the module doesn't include MC's
Exploit::ORACLE mixin. It's also from four years ago and doesn't
report_auth or anything useful like that, but that's out of scope for
this branch.
bug/bundler_fix
Tod Beardsley 2014-05-23 15:18:54 -05:00
parent efffbf751a
commit 7f59cf5035
No known key found for this signature in database
GPG Key ID: 1EFFB682ADB9F193
1 changed files with 6 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
modules/auxiliary/scanner/oracle/xdb_sid_brute.rb
View File

@ -32,7 +32,6 @@ class Metasploit3 < Msf::Auxiliary
OptString.new('CSVFILE', [ false, 'The file that contains a list of default accounts.', File.join(Msf::Config.install_root, 'data', 'wordlists', 'oracle_default_passwords.csv')]),
Opt::RPORT(8080),
], self.class)
deregister_options('DBUSER','DBPASS')
end
def run_host(ip)
@ -57,9 +56,9 @@ class Metasploit3 < Msf::Auxiliary
fd = CSV.foreach(list) do |brute|
datastore['DBUSER'] = brute[2].downcase
datastore['DBPASS'] = brute[3].downcase
user_pass = "#{datastore['DBUSER']}:#{datastore['DBPASS']}"
dbuser = brute[2].downcase
dbpass = brute[3].downcase
user_pass = "#{dbuser}:#{dbpass}"
res = send_request_raw({
'uri' => '/oradb/PUBLIC/GLOBAL_NAME',
@ -72,7 +71,7 @@ class Metasploit3 < Msf::Auxiliary
}, 10)
if( not res )
vprint_error("Unable to retrieve SID for #{ip}:#{datastore['RPORT']} with #{datastore['DBUSER']} / #{datastore['DBPASS']}...")
vprint_error("Unable to retrieve SID for #{ip}:#{datastore['RPORT']} with #{dbuser} / #{dbpass}...")
next
end
if (res.code == 200)
@ -89,10 +88,10 @@ class Metasploit3 < Msf::Auxiliary
:data => sid,
:update => :unique_data
)
print_good("Discovered SID: '#{sid[0]}' for host #{ip}:#{datastore['RPORT']} with #{datastore['DBUSER']} / #{datastore['DBPASS']}")
print_good("Discovered SID: '#{sid[0]}' for host #{ip}:#{datastore['RPORT']} with #{dbuser} / #{dbpass}")
users.push(user_pass)
else
vprint_error("Unable to retrieve SID for #{ip}:#{datastore['RPORT']} with #{datastore['DBUSER']} / #{datastore['DBPASS']}...")
vprint_error("Unable to retrieve SID for #{ip}:#{datastore['RPORT']} with #{dbuser} / #{dbpass}...")
end
end #fd.each