From 97a4ca07521492f7c2ec7e1cc1d294a570ac7c2d Mon Sep 17 00:00:00 2001 From: Tod Beardsley Date: Wed, 30 Oct 2013 11:36:16 -0500 Subject: [PATCH 1/5] Update references for FOSS modules --- modules/exploits/multi/http/ispconfig_php_exec.rb | 5 +++++ modules/exploits/multi/http/moodle_cmd_exec.rb | 6 ++++-- modules/exploits/multi/http/nas4free_php_exec.rb | 1 + modules/exploits/multi/http/openbravo_xxe.rb | 5 +++++ modules/exploits/multi/http/openmediavault_cmd_exec.rb | 1 + modules/exploits/multi/http/vtiger_php_exec.rb | 1 + modules/exploits/multi/http/zabbix_script_exec.rb | 1 + 7 files changed, 18 insertions(+), 2 deletions(-) diff --git a/modules/exploits/multi/http/ispconfig_php_exec.rb b/modules/exploits/multi/http/ispconfig_php_exec.rb index a40953a240..b89061d7de 100644 --- a/modules/exploits/multi/http/ispconfig_php_exec.rb +++ b/modules/exploits/multi/http/ispconfig_php_exec.rb @@ -24,6 +24,11 @@ class Metasploit4 < Msf::Exploit::Remote [ 'Brandon Perry ' # Discovery / msf module ], + 'References' => + [ + ['URL', 'https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats'], + ['CVE', '2013-3629'] + ], 'License' => MSF_LICENSE, 'References' => [ diff --git a/modules/exploits/multi/http/moodle_cmd_exec.rb b/modules/exploits/multi/http/moodle_cmd_exec.rb index 1befde8ea5..331847147a 100644 --- a/modules/exploits/multi/http/moodle_cmd_exec.rb +++ b/modules/exploits/multi/http/moodle_cmd_exec.rb @@ -35,8 +35,10 @@ class Metasploit4 < Msf::Exploit::Remote ], 'References' => [ - ['URL', 'http://www.exploit-db.com/exploits/28174/'], #xss vuln allowing sesskey of admins to be stolen - ['CVE', '2013-3630'] + ['EDB', '28174'], #xss vuln allowing sesskey of admins to be stolen + ['CVE', '2013-3630'], + ['URL', 'https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats'] + ], ], 'Payload' => { diff --git a/modules/exploits/multi/http/nas4free_php_exec.rb b/modules/exploits/multi/http/nas4free_php_exec.rb index f4831d2b45..b04ca56e71 100644 --- a/modules/exploits/multi/http/nas4free_php_exec.rb +++ b/modules/exploits/multi/http/nas4free_php_exec.rb @@ -26,6 +26,7 @@ class Metasploit4 < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + ['URL', 'https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats'], ['CVE', '2013-3631'] ], 'Payload' => diff --git a/modules/exploits/multi/http/openbravo_xxe.rb b/modules/exploits/multi/http/openbravo_xxe.rb index 1f8ea24444..83b91cd3e6 100644 --- a/modules/exploits/multi/http/openbravo_xxe.rb +++ b/modules/exploits/multi/http/openbravo_xxe.rb @@ -27,6 +27,11 @@ class Metasploit4 < Msf::Auxiliary [ 'Brandon Perry ' # Discovery / msf module ], + 'References' => + [ + ['URL', 'https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats'], + ['CVE', '2013-3617'] + ], 'License' => MSF_LICENSE, 'DisclosureDate' => 'Oct 30 2013' )) diff --git a/modules/exploits/multi/http/openmediavault_cmd_exec.rb b/modules/exploits/multi/http/openmediavault_cmd_exec.rb index a3eda8ec16..b5b6a7f1de 100644 --- a/modules/exploits/multi/http/openmediavault_cmd_exec.rb +++ b/modules/exploits/multi/http/openmediavault_cmd_exec.rb @@ -25,6 +25,7 @@ class Metasploit3 < Msf::Exploit::Remote ], 'References' => [ + ['URL', 'https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats'], ['CVE', '2013-3632'] ], 'Privileged' => true, diff --git a/modules/exploits/multi/http/vtiger_php_exec.rb b/modules/exploits/multi/http/vtiger_php_exec.rb index 511139eab7..02419cbe2c 100644 --- a/modules/exploits/multi/http/vtiger_php_exec.rb +++ b/modules/exploits/multi/http/vtiger_php_exec.rb @@ -27,6 +27,7 @@ class Metasploit3 < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + ['URL', 'https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats'] ], 'Privileged' => false, 'Platform' => ['php'], diff --git a/modules/exploits/multi/http/zabbix_script_exec.rb b/modules/exploits/multi/http/zabbix_script_exec.rb index 767f9626c6..30e5eb937e 100644 --- a/modules/exploits/multi/http/zabbix_script_exec.rb +++ b/modules/exploits/multi/http/zabbix_script_exec.rb @@ -27,6 +27,7 @@ class Metasploit4 < Msf::Exploit::Remote ], 'References' => [ + ['URL', 'https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats'], ['CVE', '2013-3628'] ], 'Payload' => From 0d480f3a7d1a9e9187d111bd957dae880e1c1ad8 Mon Sep 17 00:00:00 2001 From: Tod Beardsley Date: Wed, 30 Oct 2013 11:38:04 -0500 Subject: [PATCH 2/5] Typo fix --- modules/exploits/multi/http/moodle_cmd_exec.rb | 1 - 1 file changed, 1 deletion(-) diff --git a/modules/exploits/multi/http/moodle_cmd_exec.rb b/modules/exploits/multi/http/moodle_cmd_exec.rb index 331847147a..808fa2c215 100644 --- a/modules/exploits/multi/http/moodle_cmd_exec.rb +++ b/modules/exploits/multi/http/moodle_cmd_exec.rb @@ -38,7 +38,6 @@ class Metasploit4 < Msf::Exploit::Remote ['EDB', '28174'], #xss vuln allowing sesskey of admins to be stolen ['CVE', '2013-3630'], ['URL', 'https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats'] - ], ], 'Payload' => { From 17d796296ca5e6c7b173ce11688ee292d0ae735d Mon Sep 17 00:00:00 2001 From: Tod Beardsley Date: Wed, 30 Oct 2013 12:03:35 -0500 Subject: [PATCH 3/5] Un-dupe References for ispconfig --- modules/exploits/multi/http/ispconfig_php_exec.rb | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/modules/exploits/multi/http/ispconfig_php_exec.rb b/modules/exploits/multi/http/ispconfig_php_exec.rb index b89061d7de..d2bc3c3065 100644 --- a/modules/exploits/multi/http/ispconfig_php_exec.rb +++ b/modules/exploits/multi/http/ispconfig_php_exec.rb @@ -24,14 +24,10 @@ class Metasploit4 < Msf::Exploit::Remote [ 'Brandon Perry ' # Discovery / msf module ], - 'References' => - [ - ['URL', 'https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats'], - ['CVE', '2013-3629'] - ], 'License' => MSF_LICENSE, 'References' => [ + ['URL', 'https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats'], ['CVE', '2013-3629'] ], 'Privileged' => false, From 32794f9d37e6c74138781e685ab40051528033a5 Mon Sep 17 00:00:00 2001 From: Tod Beardsley Date: Wed, 30 Oct 2013 12:20:04 -0500 Subject: [PATCH 4/5] Move OpenBravo to aux module land --- modules/{exploits/multi => auxiliary/admin}/http/openbravo_xxe.rb | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename modules/{exploits/multi => auxiliary/admin}/http/openbravo_xxe.rb (100%) diff --git a/modules/exploits/multi/http/openbravo_xxe.rb b/modules/auxiliary/admin/http/openbravo_xxe.rb similarity index 100% rename from modules/exploits/multi/http/openbravo_xxe.rb rename to modules/auxiliary/admin/http/openbravo_xxe.rb From 344413b74df9304c528661dec49e9aa39310a098 Mon Sep 17 00:00:00 2001 From: Tod Beardsley Date: Wed, 30 Oct 2013 12:25:55 -0500 Subject: [PATCH 5/5] Reorder refs for some reason. --- modules/auxiliary/admin/http/openbravo_xxe.rb | 4 ++-- modules/exploits/multi/http/ispconfig_php_exec.rb | 4 ++-- modules/exploits/multi/http/moodle_cmd_exec.rb | 2 +- modules/exploits/multi/http/nas4free_php_exec.rb | 4 ++-- modules/exploits/multi/http/openmediavault_cmd_exec.rb | 4 ++-- modules/exploits/multi/http/zabbix_script_exec.rb | 4 ++-- 6 files changed, 11 insertions(+), 11 deletions(-) diff --git a/modules/auxiliary/admin/http/openbravo_xxe.rb b/modules/auxiliary/admin/http/openbravo_xxe.rb index 83b91cd3e6..1927673680 100644 --- a/modules/auxiliary/admin/http/openbravo_xxe.rb +++ b/modules/auxiliary/admin/http/openbravo_xxe.rb @@ -29,8 +29,8 @@ class Metasploit4 < Msf::Auxiliary ], 'References' => [ - ['URL', 'https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats'], - ['CVE', '2013-3617'] + ['CVE', '2013-3617'], + ['URL', 'https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats'] ], 'License' => MSF_LICENSE, 'DisclosureDate' => 'Oct 30 2013' diff --git a/modules/exploits/multi/http/ispconfig_php_exec.rb b/modules/exploits/multi/http/ispconfig_php_exec.rb index d2bc3c3065..8c81bbf63d 100644 --- a/modules/exploits/multi/http/ispconfig_php_exec.rb +++ b/modules/exploits/multi/http/ispconfig_php_exec.rb @@ -27,8 +27,8 @@ class Metasploit4 < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ - ['URL', 'https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats'], - ['CVE', '2013-3629'] + ['CVE', '2013-3629'], + ['URL', 'https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats'] ], 'Privileged' => false, 'Platform' => ['php'], diff --git a/modules/exploits/multi/http/moodle_cmd_exec.rb b/modules/exploits/multi/http/moodle_cmd_exec.rb index 808fa2c215..b73d0ecb50 100644 --- a/modules/exploits/multi/http/moodle_cmd_exec.rb +++ b/modules/exploits/multi/http/moodle_cmd_exec.rb @@ -35,8 +35,8 @@ class Metasploit4 < Msf::Exploit::Remote ], 'References' => [ - ['EDB', '28174'], #xss vuln allowing sesskey of admins to be stolen ['CVE', '2013-3630'], + ['EDB', '28174'], #xss vuln allowing sesskey of admins to be stolen ['URL', 'https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats'] ], 'Payload' => diff --git a/modules/exploits/multi/http/nas4free_php_exec.rb b/modules/exploits/multi/http/nas4free_php_exec.rb index b04ca56e71..43699753d9 100644 --- a/modules/exploits/multi/http/nas4free_php_exec.rb +++ b/modules/exploits/multi/http/nas4free_php_exec.rb @@ -26,8 +26,8 @@ class Metasploit4 < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ - ['URL', 'https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats'], - ['CVE', '2013-3631'] + ['CVE', '2013-3631'], + ['URL', 'https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats'] ], 'Payload' => { diff --git a/modules/exploits/multi/http/openmediavault_cmd_exec.rb b/modules/exploits/multi/http/openmediavault_cmd_exec.rb index b5b6a7f1de..2cd82930e9 100644 --- a/modules/exploits/multi/http/openmediavault_cmd_exec.rb +++ b/modules/exploits/multi/http/openmediavault_cmd_exec.rb @@ -25,8 +25,8 @@ class Metasploit3 < Msf::Exploit::Remote ], 'References' => [ - ['URL', 'https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats'], - ['CVE', '2013-3632'] + ['CVE', '2013-3632'], + ['URL', 'https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats'] ], 'Privileged' => true, 'DefaultOptions' => { 'WfsDelay' => 60 }, diff --git a/modules/exploits/multi/http/zabbix_script_exec.rb b/modules/exploits/multi/http/zabbix_script_exec.rb index 30e5eb937e..53bc8c0528 100644 --- a/modules/exploits/multi/http/zabbix_script_exec.rb +++ b/modules/exploits/multi/http/zabbix_script_exec.rb @@ -27,8 +27,8 @@ class Metasploit4 < Msf::Exploit::Remote ], 'References' => [ - ['URL', 'https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats'], - ['CVE', '2013-3628'] + ['CVE', '2013-3628'], + ['URL', 'https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats'] ], 'Payload' => {