infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Description

bug/bundler_fix
wchen-r7 2015-05-25 17:24:41 -05:00
parent 3102741157
commit a0e0e3d360
1 changed files with 37 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
modules/exploits/multi/browser/autopwn.rb
View File

@ -12,9 +12,40 @@ class Metasploit3 < Msf::Exploit::Remote
def initialize(info={})
super(update_info(info,
'Name' => "HTTP Client Automatic Exploiter",
'Name' => "HTTP Client Automatic Exploiter (Browser Autopwn)",
'Description' => %q{
Place holder
This module will automatically serve browser exploits. Here are the options you can
configure:
The Include option allows you to specify the kind of exploits to be loaded. For example,
if you wish to load just Adobe Flash exploits, then you can set Include to 'adobe_flash'.
The Exclude option will ignore exploits. For example, if you don't want any Adobe Flash
exploits, you can set this. Also note that the Exclude option will always be evaludated
after the Include option.
The MaxExploits option specifies the max number of exploits to load by Browser Autopwn.
By default, 20 will be loaded. But note that the client will probably not be vulnerable
to all 20 of them, so only some will actually be served to the client.
The Content option allows you to provide a basic webpage. This is what the user behind
the vulnerable browser will see. You can simply set a string, or you can do the file://
syntax to load an HTML file. Note this option might break exploits so try to keep it
as simple as possible.
The WhiteList option can be used to avoid visitors that are outside the scope of your
pentest engagement. IPs that are not on the list will not be attacked.
The MaxSessions option is used to limit how many sessions Browser Autopwn is allowed to
get. The default -1 means unlimited. Combining this with other options such as RealList
and Custom404, you can get information about which visitors (IPs) clicked on your malicious
link, what exploits they might be vulnerable to, redirect them to your own internal
training website without actually attacking them.
The RealList is an option that will list what exploits the client might be vulnerable to
based on basic browser information. If possible, you can run the exploits for validation.
For more information about Browser Autopwn, please see the reference link.
},
'License' => MSF_LICENSE,
'Author' => [ 'sinn3r' ],
@ -23,6 +54,10 @@ class Metasploit3 < Msf::Exploit::Remote
'Privileged' => false,
'DisclosureDate' => "Feb 5 2014",
'Targets' => [ [ 'Automatic', {} ] ],
'References' =>
[
[ 'URL', 'https://github.com/rapid7/metasploit-framework/wiki' ]
],
'DefaultTarget' => 0))
@ -30,7 +65,6 @@ class Metasploit3 < Msf::Exploit::Remote
register_options(
[
OptEnum.new('Action', [false, 'Action', 'WebServer', ['WebServer','DefangedDetection'], 'WebServer']),
OptRegexp.new('Include', [false, 'Pattern search to include specific modules']),
OptRegexp.new('Exclude', [false, 'Pattern search to exclude specific modules']),
OptInt.new('MaxExploits', [false, 'Number of browser exploits to load', 20]),