Added references and MSB to unicode bypass modules.
git-svn-id: file:///home/svn/framework3/trunk@6914 4d416f70-5f16-0410-b530-b9f4589650daunstable
parent
0b9412536c
commit
9080dd1f0d
|
@ -17,16 +17,24 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
|
|
||||||
def initialize(info = {})
|
def initialize(info = {})
|
||||||
super(update_info(info,
|
super(update_info(info,
|
||||||
'Name' => 'MS09-XXX 0day IIS6 WebDAV Unicode Auth Bypass',
|
'Name' => 'MS09-020 IIS6 WebDAV Unicode Auth Bypass',
|
||||||
'Description' => %q{
|
'Description' => %q{
|
||||||
Simplified version of MS09-XXX 0day IIS6 WebDAV Unicode Auth Bypass scanner. It attempts
|
Simplified version of MS09-020 IIS6 WebDAV Unicode Auth Bypass scanner. It attempts
|
||||||
to bypass authentication using the WebDAV IIS6 Unicode vulnerability
|
to bypass authentication using the WebDAV IIS6 Unicode vulnerability
|
||||||
discovered by Kingcope. The vulnerability appears to be exploitable
|
discovered by Kingcope. The vulnerability appears to be exploitable
|
||||||
where WebDAV is enabled on the IIS6 server, and any protected folder
|
where WebDAV is enabled on the IIS6 server, and any protected folder
|
||||||
requires either Basic, Digest or NTLM authentication.
|
requires either Basic, Digest or NTLM authentication.
|
||||||
},
|
},
|
||||||
'Author' => [ 'patrick' ],
|
'Author' => [ 'et', 'patrick' ],
|
||||||
'License' => MSF_LICENSE,
|
'License' => MSF_LICENSE,
|
||||||
|
'References' =>
|
||||||
|
[
|
||||||
|
[ 'MSB', 'MS09-020' ],
|
||||||
|
[ 'CVE', '2009-1535' ],
|
||||||
|
[ 'CVE', '2009-1122' ],
|
||||||
|
[ 'OSVDB', '54555' ],
|
||||||
|
[ 'BID', '34993' ],
|
||||||
|
],
|
||||||
'Version' => '$Revision: 6580 $'))
|
'Version' => '$Revision: 6580 $'))
|
||||||
|
|
||||||
register_options(
|
register_options(
|
|
@ -21,7 +21,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
|
|
||||||
def initialize(info = {})
|
def initialize(info = {})
|
||||||
super(update_info(info,
|
super(update_info(info,
|
||||||
'Name' => 'MS09-XXX 0day IIS6 WebDAV Unicode Auth Bypass Directory Scanner',
|
'Name' => 'MS09-020 IIS6 WebDAV Unicode Auth Bypass Directory Scanner',
|
||||||
'Description' => %q{
|
'Description' => %q{
|
||||||
This module is based on et's HTTP Directory Scanner module,
|
This module is based on et's HTTP Directory Scanner module,
|
||||||
with one exception. Where authentication is required, it attempts
|
with one exception. Where authentication is required, it attempts
|
||||||
|
@ -32,6 +32,14 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
},
|
},
|
||||||
'Author' => [ 'patrick' ],
|
'Author' => [ 'patrick' ],
|
||||||
'License' => MSF_LICENSE,
|
'License' => MSF_LICENSE,
|
||||||
|
'References' =>
|
||||||
|
[
|
||||||
|
[ 'MSB', 'MS09-020' ],
|
||||||
|
[ 'CVE', '2009-1535' ],
|
||||||
|
[ 'CVE', '2009-1122' ],
|
||||||
|
[ 'OSVDB', '54555' ],
|
||||||
|
[ 'BID', '34993' ],
|
||||||
|
],
|
||||||
'Version' => '$Revision$'))
|
'Version' => '$Revision$'))
|
||||||
|
|
||||||
register_options(
|
register_options(
|
||||||
|
|
Loading…
Reference in New Issue