Add more ranks, remove module warnings
../vmware_mount.rb Rank = Excellent Exploit uses check code for target availability, the vulnerability does not require user action, and the exploit uses privilege escalation to run arbitrary executables ../movabletype_upgrade_exec.rb Rank = ExcellentRanking Exploit utilizes code injection, has a check for availability ../uptime_file_upload_2.rb Rank = ExcellentRanking Exploit allows execution of arbitrary commands, has a check for availability ../zpanel_information_disclosure_rce.rb Rank = ExcellentRanking Exploit allows remote code execution, implements version check for pChart ../spip_connect_exec.rb Rank = ExcellentRanking Exploit utilizes code injection, has a check for availability ../wp_optimizepress_upload.rb Rank = ExcellentRanking Exploit allows execution of arbitrary code, has a check for availability ../wing_ftp_admin_exec.rb Rank = ExcellentRanking Exploit allows execution of arbitrary commands, has a check for availability ../novell_mdm_lfi.rb Rank = ExcellentRanking Exploit allows execution of arbitrary code, has a check for availability ../run_as.rb Rank = ExcellentRanking Exploit utilizes command injection, checks system type, and does not require user actionbug/bundler_fix
parent
494711ee65
commit
88bef00f61
|
@ -3,10 +3,8 @@
|
|||
# Current source: https://github.com/rapid7/metasploit-framework
|
||||
##
|
||||
|
||||
require 'msf/core'
|
||||
require 'rex'
|
||||
|
||||
class MetasploitModule < Msf::Exploit::Local
|
||||
Rank = ExcellentRanking
|
||||
|
||||
include Msf::Exploit::EXE
|
||||
include Msf::Post::File
|
||||
|
@ -55,7 +53,7 @@ class MetasploitModule < Msf::Exploit::Local
|
|||
))
|
||||
register_options([
|
||||
OptString.new("WRITABLEDIR", [ true, "A directory where you can write files.", "/tmp" ]),
|
||||
], self.class)
|
||||
])
|
||||
end
|
||||
|
||||
def check
|
||||
|
|
|
@ -3,9 +3,8 @@
|
|||
# Current source: https://github.com/rapid7/metasploit-framework
|
||||
##
|
||||
|
||||
require 'msf/core'
|
||||
|
||||
class MetasploitModule < Msf::Exploit::Remote
|
||||
Rank = ExcellentRanking
|
||||
|
||||
include Exploit::Remote::HttpClient
|
||||
|
||||
|
@ -65,7 +64,7 @@ class MetasploitModule < Msf::Exploit::Remote
|
|||
register_options(
|
||||
[
|
||||
OptString.new('TARGETURI', [true, 'The URI path of the Movable Type installation', '/mt'])
|
||||
], self.class)
|
||||
])
|
||||
end
|
||||
|
||||
def check
|
||||
|
|
|
@ -3,10 +3,10 @@
|
|||
# Current source: https://github.com/rapid7/metasploit-framework
|
||||
##
|
||||
|
||||
require 'msf/core'
|
||||
require 'nokogiri'
|
||||
|
||||
class MetasploitModule < Msf::Exploit::Remote
|
||||
Rank = ExcellentRanking
|
||||
|
||||
include Msf::Exploit::Remote::HttpClient
|
||||
include Msf::Exploit::PhpEXE
|
||||
|
@ -52,14 +52,14 @@ class MetasploitModule < Msf::Exploit::Remote
|
|||
Opt::RPORT(9999),
|
||||
OptString.new('USERNAME', [true, 'The username to authenticate as', 'sample']),
|
||||
OptString.new('PASSWORD', [true, 'The password to authenticate with', 'sample'])
|
||||
], self.class)
|
||||
])
|
||||
|
||||
register_advanced_options(
|
||||
[
|
||||
OptString.new('UptimeWindowsDirectory', [true, 'Uptime installation path for Windows', 'C:\\Program Files\\uptime software\\']),
|
||||
OptString.new('UptimeLinuxDirectory', [true, 'Uptime installation path for Linux', '/usr/local/uptime/']),
|
||||
OptString.new('CmdPath', [true, 'Path to cmd.exe', 'c:\\windows\\system32\\cmd.exe'])
|
||||
], self.class)
|
||||
])
|
||||
end
|
||||
|
||||
def print_status(msg='')
|
||||
|
|
|
@ -3,12 +3,12 @@
|
|||
# Current source: https://github.com/rapid7/metasploit-framework
|
||||
##
|
||||
|
||||
require 'msf/core'
|
||||
require 'msf/core/exploit/php_exe'
|
||||
require 'nokogiri'
|
||||
require 'uri'
|
||||
|
||||
class MetasploitModule < Msf::Exploit::Remote
|
||||
Rank = ExcellentRanking
|
||||
|
||||
include Msf::Exploit::Remote::HttpClient
|
||||
include Msf::Exploit::FileDropper
|
||||
|
@ -62,7 +62,7 @@ class MetasploitModule < Msf::Exploit::Remote
|
|||
register_options(
|
||||
[
|
||||
OptString.new('TARGETURI', [true, 'The base path to Zpanel', '/zpanel'])
|
||||
], self.class)
|
||||
])
|
||||
end
|
||||
|
||||
def get_setting(res, setting_name)
|
||||
|
|
|
@ -3,9 +3,8 @@
|
|||
# Current source: https://github.com/rapid7/metasploit-framework
|
||||
##
|
||||
|
||||
require 'msf/core'
|
||||
|
||||
class MetasploitModule < Msf::Exploit::Remote
|
||||
Rank = ExcellentRanking
|
||||
|
||||
include Msf::Exploit::Remote::HttpClient
|
||||
|
||||
|
@ -46,7 +45,7 @@ class MetasploitModule < Msf::Exploit::Remote
|
|||
register_options(
|
||||
[
|
||||
OptString.new('TARGETURI', [true, 'The base path to SPIP application', '/']),
|
||||
], self.class)
|
||||
])
|
||||
end
|
||||
|
||||
def check
|
||||
|
|
|
@ -3,10 +3,10 @@
|
|||
# Current source: https://github.com/rapid7/metasploit-framework
|
||||
##
|
||||
|
||||
require 'msf/core'
|
||||
require 'uri'
|
||||
|
||||
class MetasploitModule < Msf::Exploit::Remote
|
||||
Rank = ExcellentRanking
|
||||
|
||||
include Msf::Exploit::Remote::HTTP::Wordpress
|
||||
include Msf::Exploit::Remote::HttpClient
|
||||
|
|
|
@ -3,9 +3,8 @@
|
|||
# Current source: https://github.com/rapid7/metasploit-framework
|
||||
##
|
||||
|
||||
require 'msf/core'
|
||||
|
||||
class MetasploitModule < Msf::Exploit::Remote
|
||||
Rank = ExcellentRanking
|
||||
include Msf::Exploit::CmdStager
|
||||
include Msf::Exploit::Remote::HttpClient
|
||||
|
||||
|
|
|
@ -3,9 +3,8 @@
|
|||
# Current source: https://github.com/rapid7/metasploit-framework
|
||||
##
|
||||
|
||||
require 'msf/core'
|
||||
|
||||
class MetasploitModule < Msf::Exploit::Remote
|
||||
Rank = ExcellentRanking
|
||||
|
||||
include Msf::Exploit::Remote::HttpClient
|
||||
include Msf::Exploit::EXE
|
||||
|
@ -44,11 +43,11 @@ class MetasploitModule < Msf::Exploit::Remote
|
|||
register_options([
|
||||
OptString.new('TARGETURI', [true, 'Path to the Novell Zenworks MDM install', '/']),
|
||||
OptInt.new('RPORT', [true, "Default remote port", 80])
|
||||
], self.class)
|
||||
])
|
||||
|
||||
register_advanced_options([
|
||||
OptBool.new('SSL', [true, "Negotiate SSL connection", false])
|
||||
], self.class)
|
||||
])
|
||||
end
|
||||
|
||||
def get_version
|
||||
|
|
|
@ -3,10 +3,8 @@
|
|||
# Current source: https://github.com/rapid7/metasploit-framework
|
||||
##
|
||||
|
||||
require 'msf/core'
|
||||
require 'rex'
|
||||
|
||||
class MetasploitModule < Msf::Exploit::Local
|
||||
Rank = ExcellentRanking
|
||||
include Msf::Post::Windows::Runas
|
||||
include Msf::Post::Windows::Priv
|
||||
|
||||
|
@ -46,7 +44,7 @@ class MetasploitModule < Msf::Exploit::Local
|
|||
OptString.new('APPLICATION_NAME', [false, 'Application to be executed (lpApplicationName)', nil ]),
|
||||
OptString.new('COMMAND_LINE', [false, 'Command line to execute (lpCommandLine)', nil ]),
|
||||
OptBool.new('USE_CUSTOM_COMMAND', [true, 'Specify custom APPLICATION_NAME and COMMAND_LINE', false ])
|
||||
], self.class)
|
||||
])
|
||||
end
|
||||
|
||||
def exploit
|
||||
|
|
Loading…
Reference in New Issue