Ora XID HTTP needn't edit DBUSER (@cellabosm)
Looks like copypasta artifacts. DBUSER and DBPASS aren't ever set as options in the module, and the module doesn't include MC's Exploit::ORACLE mixin. It's also from four years ago and doesn't report_auth or anything useful like that, but that's out of scope for this branch.bug/bundler_fix
parent
efffbf751a
commit
7f59cf5035
|
@ -32,7 +32,6 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
OptString.new('CSVFILE', [ false, 'The file that contains a list of default accounts.', File.join(Msf::Config.install_root, 'data', 'wordlists', 'oracle_default_passwords.csv')]),
|
OptString.new('CSVFILE', [ false, 'The file that contains a list of default accounts.', File.join(Msf::Config.install_root, 'data', 'wordlists', 'oracle_default_passwords.csv')]),
|
||||||
Opt::RPORT(8080),
|
Opt::RPORT(8080),
|
||||||
], self.class)
|
], self.class)
|
||||||
deregister_options('DBUSER','DBPASS')
|
|
||||||
end
|
end
|
||||||
|
|
||||||
def run_host(ip)
|
def run_host(ip)
|
||||||
|
@ -57,9 +56,9 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
|
|
||||||
fd = CSV.foreach(list) do |brute|
|
fd = CSV.foreach(list) do |brute|
|
||||||
|
|
||||||
datastore['DBUSER'] = brute[2].downcase
|
dbuser = brute[2].downcase
|
||||||
datastore['DBPASS'] = brute[3].downcase
|
dbpass = brute[3].downcase
|
||||||
user_pass = "#{datastore['DBUSER']}:#{datastore['DBPASS']}"
|
user_pass = "#{dbuser}:#{dbpass}"
|
||||||
|
|
||||||
res = send_request_raw({
|
res = send_request_raw({
|
||||||
'uri' => '/oradb/PUBLIC/GLOBAL_NAME',
|
'uri' => '/oradb/PUBLIC/GLOBAL_NAME',
|
||||||
|
@ -72,7 +71,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
}, 10)
|
}, 10)
|
||||||
|
|
||||||
if( not res )
|
if( not res )
|
||||||
vprint_error("Unable to retrieve SID for #{ip}:#{datastore['RPORT']} with #{datastore['DBUSER']} / #{datastore['DBPASS']}...")
|
vprint_error("Unable to retrieve SID for #{ip}:#{datastore['RPORT']} with #{dbuser} / #{dbpass}...")
|
||||||
next
|
next
|
||||||
end
|
end
|
||||||
if (res.code == 200)
|
if (res.code == 200)
|
||||||
|
@ -89,10 +88,10 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
:data => sid,
|
:data => sid,
|
||||||
:update => :unique_data
|
:update => :unique_data
|
||||||
)
|
)
|
||||||
print_good("Discovered SID: '#{sid[0]}' for host #{ip}:#{datastore['RPORT']} with #{datastore['DBUSER']} / #{datastore['DBPASS']}")
|
print_good("Discovered SID: '#{sid[0]}' for host #{ip}:#{datastore['RPORT']} with #{dbuser} / #{dbpass}")
|
||||||
users.push(user_pass)
|
users.push(user_pass)
|
||||||
else
|
else
|
||||||
vprint_error("Unable to retrieve SID for #{ip}:#{datastore['RPORT']} with #{datastore['DBUSER']} / #{datastore['DBPASS']}...")
|
vprint_error("Unable to retrieve SID for #{ip}:#{datastore['RPORT']} with #{dbuser} / #{dbpass}...")
|
||||||
end
|
end
|
||||||
end #fd.each
|
end #fd.each
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue