more updates, 465 more pages to go
h00die
parent
3420633f29
commit
bd7ea1f90d
|
|
@ -21,7 +21,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
(self.signed) version using the information from the remote version. The module
|
||||
then Outputs (PEM|DER) format private key / certificate and a combined version
|
||||
for use in Apache or other Metasploit modules requiring SSLCert Inputs for private
|
||||
key / CA cert have been provided for those with diginator certs hanging about!
|
||||
key / CA cert have been provided for those with DigiNotar certs hanging about!
|
||||
}
|
||||
))
|
||||
|
||||
|
|
|
|||
|
|
@ -11,7 +11,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
super(update_info(info,
|
||||
'Name' => 'Kerberos Domain User Enumeration',
|
||||
'Description' => %q(
|
||||
This module will enumerate valid Domain Users via Kerberos from an unauthenticated perspective. It utilises
|
||||
This module will enumerate valid Domain Users via Kerberos from an unauthenticated perspective. It utilizes
|
||||
the different responses returned by the service for valid and invalid users.
|
||||
),
|
||||
'Author' =>
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'Name' => 'Shodan Search',
|
||||
'Description' => %q{
|
||||
This module uses the Shodan API to search Shodan. Accounts are free
|
||||
and an API key is required to used this module. Output from the module
|
||||
and an API key is required to use this module. Output from the module
|
||||
is displayed to the screen and can be saved to a file or the MSF database.
|
||||
NOTE: SHODAN filters (i.e. port, hostname, os, geo, city) can be used in
|
||||
queries, but there are limitations when used with a free API key. Please
|
||||
|
|
|
|||
|
|
@ -20,7 +20,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'Description' => %q{
|
||||
This module will search remote file shares for unattended installation files that may contain
|
||||
domain credentials. This is often used after discovering domain credentials with the
|
||||
auxilliary/scanner/dcerpc/windows_deployment_services module or in cases where you already
|
||||
auxiliary/scanner/dcerpc/windows_deployment_services module or in cases where you already
|
||||
have domain credentials. This module will connect to the RemInst share and any Microsoft
|
||||
Deployment Toolkit shares indicated by the share name comments.
|
||||
},
|
||||
|
|
|
|||
|
|
@ -13,9 +13,9 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'Name' => 'WordPress W3-Total-Cache Plugin 0.9.2.4 (or before) Username and Hash Extract',
|
||||
'Description' =>
|
||||
"The W3-Total-Cache Wordpress Plugin <= 0.9.2.4 can cache database statements
|
||||
and it's results in files for fast access. Version 0.9.2.4 has been fixed afterwards
|
||||
and its results in files for fast access. Version 0.9.2.4 has been fixed afterwards
|
||||
so it can be vulnerable. These cache files are in the webroot of the Wordpress
|
||||
installation and can be downloaded if the name is guessed. This modules tries to
|
||||
installation and can be downloaded if the name is guessed. This module tries to
|
||||
locate them with brute force in order to find usernames and password hashes in these
|
||||
files. W3 Total Cache must be configured with Database Cache enabled and Database
|
||||
Cache Method set to Disk to be vulnerable",
|
||||
|
|
|
|||
|
|
@ -12,9 +12,9 @@ class MetasploitModule < Msf::Auxiliary
|
|||
super(update_info(info,
|
||||
'Name' => 'Foxit Reader Authorization Bypass',
|
||||
'Description' => %q{
|
||||
This module exploits a authorization bypass vulnerability in Foxit Reader
|
||||
build 1120. When a attacker creates a specially crafted pdf file containing
|
||||
a Open/Execute action, arbitrary commands can be executed without confirmation
|
||||
This module exploits an authorization bypass vulnerability in Foxit Reader
|
||||
build 1120. When an attacker creates a specially crafted pdf file containing
|
||||
an Open/Execute action, arbitrary commands can be executed without confirmation
|
||||
from the victim.
|
||||
},
|
||||
'License' => MSF_LICENSE,
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'Description' => %q{
|
||||
Send a spoofed router advertisement with high priority to force hosts to
|
||||
start the IPv6 address auto-config. Monitor for IPv6 host advertisements,
|
||||
and try to guess the link-local address by concatinating the prefix, and
|
||||
and try to guess the link-local address by concatenating the prefix, and
|
||||
the host portion of the IPv6 address. Use NDP host solicitation to
|
||||
determine if the IP address is valid'
|
||||
},
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'Description' => %q(
|
||||
This module implements the DLSw information disclosure retrieval. There
|
||||
is a bug in Cisco's DLSw implementation affecting 12.x and 15.x trains
|
||||
that allows an unuthenticated remote attacker to retrieve the partial
|
||||
that allows an unauthenticated remote attacker to retrieve the partial
|
||||
contents of packets traversing a Cisco router with DLSw configured
|
||||
and active.
|
||||
),
|
||||
|
|
|
|||
|
|
@ -14,7 +14,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'Name' => 'DNS Amplification Scanner',
|
||||
'Description' => %q{
|
||||
This module can be used to discover DNS servers which expose recursive
|
||||
name lookups which can be used in an amplication attack against a
|
||||
name lookups which can be used in an amplification attack against a
|
||||
third party.
|
||||
},
|
||||
'Author' => [ 'xistence <xistence[at]0x90.nl>'], # Original scanner module
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
This module exploits a directory traversal vulnerability found in ColoradoFTP server
|
||||
version <= 1.3 Build 8. This vulnerability allows an attacker to download and upload arbitrary files
|
||||
from the server GET/PUT command including file system traversal strings starting with '\\\'.
|
||||
The server is writen in Java and therefore platform independant, however this vulnerability is only
|
||||
The server is written in Java and therefore platform independent, however this vulnerability is only
|
||||
exploitable on the Windows version.
|
||||
},
|
||||
'Platform' => 'win',
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
super(
|
||||
'Name' => 'Titan FTP XCRC Directory Traversal Information Disclosure',
|
||||
'Description' => %q{
|
||||
This module exploits a directory traversal vulnreability in the XCRC command
|
||||
This module exploits a directory traversal vulnerability in the XCRC command
|
||||
implemented in versions of Titan FTP up to and including 8.10.1125. By making
|
||||
sending multiple XCRC command, it is possible to disclose the contents of any
|
||||
file on the drive with a simple CRC "brute force" attack.
|
||||
|
|
|
|||
|
|
@ -11,7 +11,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
super(
|
||||
'Name' => 'Adobe XML External Entity Injection',
|
||||
'Description' => %q{
|
||||
Multiple Adobe Products -- XML External Entity Injection. Affected Sofware: BlazeDS 3.2 and
|
||||
Multiple Adobe Products -- XML External Entity Injection. Affected Software: BlazeDS 3.2 and
|
||||
earlier versions, LiveCycle 9.0, 8.2.1, and 8.0.1, LiveCycle Data Services 3.0, 2.6.1, and
|
||||
2.5.1, Flex Data Services 2.0.1, ColdFusion 9.0, 8.0.1, 8.0, and 7.0.2
|
||||
},
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'Name' => 'Barracuda Multiple Product "locale" Directory Traversal',
|
||||
'Description' => %q{
|
||||
This module exploits a directory traversal vulnerability present in
|
||||
serveral Barracuda products, including the Barracuda Spam and Virus Firewall,
|
||||
several Barracuda products, including the Barracuda Spam and Virus Firewall,
|
||||
Barracuda SSL VPN, and the Barracuda Web Application Firewall. By default,
|
||||
this module will attempt to download the Barracuda configuration file.
|
||||
},
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'Name' => 'Bitweaver overlay_type Directory Traversal',
|
||||
'Description' => %q{
|
||||
This module exploits a directory traversal vulnerability found in Bitweaver.
|
||||
When hanlding the 'overlay_type' parameter, view_overlay.php fails to do any
|
||||
When handling the 'overlay_type' parameter, view_overlay.php fails to do any
|
||||
path checking/filtering, which can be abused to read any file outside the
|
||||
virtual directory.
|
||||
},
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
This module attempts to authenticate to different D-Link HTTP management
|
||||
services. It has been tested successfully on D-Link DIR-300 Hardware revision B,
|
||||
D-Link DIR-600 Hardware revision B, D-Link DIR-815 Hardware revision A and DIR-645
|
||||
Hardware revision A devices.It is possible that this module also works with other
|
||||
Hardware revision A devices. It is possible that this module also works with other
|
||||
models.
|
||||
},
|
||||
'Author' =>
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
super(update_info(info,
|
||||
'Name' => 'HTTP Error Based SQL Injection Scanner',
|
||||
'Description' => %q{
|
||||
This module identifies the existence of Error Based SQL injection issues. Still requires alot of work
|
||||
This module identifies the existence of Error Based SQL injection issues. Still requires a lot of work
|
||||
|
||||
},
|
||||
'Author' => [ 'et [at] cyberspace.org' ],
|
||||
|
|
|
|||
|
|
@ -19,7 +19,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
in a given directory path named as the same name of the
|
||||
directory.
|
||||
|
||||
Only works if PATH is differenet than '/'.
|
||||
Only works if PATH is different than '/'.
|
||||
},
|
||||
'Author' => [ 'et [at] metasploit.com' ],
|
||||
'License' => BSD_LICENSE))
|
||||
|
|
|
|||
|
|
@ -11,7 +11,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
super(update_info(info,
|
||||
'Name' => 'Microsoft IIS HTTP Internal IP Disclosure',
|
||||
'Description' => %q{
|
||||
Collect any leaked internal IPs by requesting commonly redirected locs from IIS.
|
||||
Collect any leaked internal IPs by requesting commonly redirected locations from IIS.
|
||||
},
|
||||
'Author' => ['Heather Pilkington'],
|
||||
'License' => MSF_LICENSE
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'Description' => %q{
|
||||
This module scans for Intel Active Management Technology endpoints and attempts
|
||||
to bypass authentication using a blank HTTP digest (CVE-2017-5689). This service
|
||||
can be found on ports 16992, 16993 (tls), 623, and 624(tls).
|
||||
can be found on ports 16992, 16993 (tls), 623, and 624 (tls).
|
||||
},
|
||||
'Author' => 'hdm',
|
||||
'License' => MSF_LICENSE,
|
||||
|
|
|
|||
|
|
@ -14,7 +14,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
super(update_info(info,
|
||||
'Name' => 'JBoss Vulnerability Scanner',
|
||||
'Description' => %q(
|
||||
This module scans a JBoss instance for a few vulnerablities.
|
||||
This module scans a JBoss instance for a few vulnerabilities.
|
||||
),
|
||||
'Author' =>
|
||||
[
|
||||
|
|
|
|||
|
|
@ -20,7 +20,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'Name' => 'Jenkins-CI Enumeration',
|
||||
'Description' => %q{
|
||||
This module enumerates a remote Jenkins-CI installation in an unauthenticated manner, including
|
||||
host operating system and and Jenkins installation details.
|
||||
host operating system and Jenkins installation details.
|
||||
},
|
||||
'Author' => 'Jeff McCutchan',
|
||||
'License' => MSF_LICENSE
|
||||
|
|
|
|||
|
|
@ -16,8 +16,8 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'Name' => 'HTTP Microsoft SQL Injection Table XSS Infection',
|
||||
'Description' => %q{
|
||||
This module implements the mass SQL injection attack in
|
||||
use lately by concatenation of HTML string that forces a persistant
|
||||
XSS attack to redirect user browser to a attacker controller website.
|
||||
use lately by concatenation of HTML string that forces a persistent
|
||||
XSS attack to redirect user browser to an attacker controller website.
|
||||
},
|
||||
'Author' => [ 'et' ],
|
||||
'License' => BSD_LICENSE))
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
This module makes requests to resources on the target server in
|
||||
an attempt to find resources which permit NTLM authentication. For
|
||||
resources which permit NTLM authentication, a blank NTLM type 1 message
|
||||
is sent to enumerate a a type 2 message from the target server. The type
|
||||
is sent to enumerate a type 2 message from the target server. The type
|
||||
2 message is then parsed for information such as the Active Directory
|
||||
domain and NetBIOS name. A single URI can be specified with TARGET_URI
|
||||
and/or a file of URIs can be specified with TARGET_URIS_FILE (default).
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
super(
|
||||
'Name' => 'Octopus Deploy Login Utility',
|
||||
'Description' => %q{
|
||||
This module simply attempts to login to a Octopus Deploy server using a specific
|
||||
This module simply attempts to login to an Octopus Deploy server using a specific
|
||||
username and password. It has been confirmed to work on version 3.4.4
|
||||
},
|
||||
'Author' => [ 'James Otten <jamesotten1[at]gmail.com>' ],
|
||||
|
|
|
|||
|
|
@ -14,7 +14,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'Description' => %q{
|
||||
This module exploits a file download vulnerability found in Oracle
|
||||
Demantra 12.2.1 in combination with an authentication bypass. By
|
||||
combining these exposures, an unauthenticated user can retreive any file
|
||||
combining these exposures, an unauthenticated user can retrieve any file
|
||||
on the system by referencing the full file path to any file a vulnerable
|
||||
machine.
|
||||
},
|
||||
|
|
|
|||
|
|
@ -20,7 +20,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
models with attributes not protected by attr_protected or attr_accessible.
|
||||
After attempting to assign a non-existent field, the default rails with
|
||||
active_record setup will raise an ActiveRecord::UnknownAttributeError
|
||||
exeption, and reply with HTTP code 500.
|
||||
exception, and reply with HTTP code 500.
|
||||
},
|
||||
|
||||
'References' =>
|
||||
|
|
|
|||
|
|
@ -14,7 +14,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'Name' => 'SAP BusinessObjects User Enumeration',
|
||||
'Description' => %Q{
|
||||
This module simply attempts to enumerate SAP BusinessObjects
|
||||
users.The dswsbobje interface is only used to verify valid
|
||||
users. The dswsbobje interface is only used to verify valid
|
||||
users for CmcApp. Therefore, any valid users that have been
|
||||
identified can be leveraged by logging into CmcApp.
|
||||
},
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
def initialize
|
||||
super(
|
||||
'Name' => 'HTTP Page Scraper',
|
||||
'Description' => 'Scrap defined data from a specific web page based on a regular expresion',
|
||||
'Description' => 'Scrape defined data from a specific web page based on a regular expression',
|
||||
'Author' => ['et'],
|
||||
'License' => MSF_LICENSE
|
||||
)
|
||||
|
|
|
|||
|
|
@ -20,7 +20,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
A misconfigured Squid proxy can allow an attacker to make requests on his behalf.
|
||||
This may give the attacker information about devices that he cannot reach but the
|
||||
Squid proxy can. For example, an attacker can make requests for internal IP addresses
|
||||
against a misconfigurated open Squid proxy exposed to the Internet, therefore performing
|
||||
against a misconfigured open Squid proxy exposed to the Internet, therefore performing
|
||||
an internal port scan. The error messages returned by the proxy are used to determine
|
||||
if the port is open or not.
|
||||
|
||||
|
|
|
|||
|
|
@ -20,7 +20,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
super(update_info(info,
|
||||
'Name' => 'Squiz Matrix User Enumeration Scanner',
|
||||
'Description' => %q{
|
||||
This module attempts to enumernate remote users that exist within
|
||||
This module attempts to enumerate remote users that exist within
|
||||
the Squiz Matrix and MySource Matrix CMS by sending GET requests for asset IDs
|
||||
e.g. ?a=14 and searching for a valid username eg "~root" or "~test" which
|
||||
is prefixed by a "~" in the response. It will also try to GET the users
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
super(update_info(info,
|
||||
'Name' => 'Symantec Messaging Gateway 10 Exposure of Stored AD Password Vulnerability',
|
||||
'Description' => %q{
|
||||
This module will grab the AD account saved in Symantec Messaging Gateway and then
|
||||
This module will grab the AD account saved in Symantec Messaging Gateway and then
|
||||
decipher it using the disclosed Symantec PBE key. Note that authentication is required
|
||||
in order to successfully grab the LDAP credentials, and you need at least a read account.
|
||||
Version 10.6.0-7 and earlier are affected
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
task in Novell ZENworks Asset Management 7.5. The vulnerability exists in the Web
|
||||
Console and can be triggered by sending a specially crafted request to the rtrlet component,
|
||||
allowing a remote unauthenticated user to retrieve the configuration parameters of
|
||||
Nozvell Zenworks Asset Managmment, including the database credentials in clear text.
|
||||
Novell Zenworks Asset Managment, including the database credentials in clear text.
|
||||
This module has been successfully tested on Novell ZENworks Asset Management 7.5.
|
||||
},
|
||||
'License' => MSF_LICENSE,
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
executable in order to retrieve passwords, allowing remote attackers to take
|
||||
administrative control over the device. Other similar IP Cameras such as Edimax,
|
||||
Hawking, Zonet, etc, are also believed to have the same flaw, but not fully tested.
|
||||
The protocol deisgn issue also allows attackers to reset passwords on the device.
|
||||
The protocol design issue also allows attackers to reset passwords on the device.
|
||||
},
|
||||
'Author' => 'Ben Schmidt',
|
||||
'License' => MSF_LICENSE
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'Description' => %Q{
|
||||
This module attempts to extract the schema from a MSSQL Server
|
||||
Instance. It will disregard builtin and example DBs such
|
||||
as master,model,msdb, and tempdb. The module will create
|
||||
as master,model,msdb, and tempdb. The module will create
|
||||
a note for each DB found, and store a YAML formatted output
|
||||
as loot for easy reading.
|
||||
},
|
||||
|
|
|
|||
|
|
@ -14,7 +14,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
super(
|
||||
'Name' => 'OpenVAS gsad Web Interface Login Utility',
|
||||
'Description' => %q{
|
||||
This module simply attempts to login to a OpenVAS gsad interface
|
||||
This module simply attempts to login to an OpenVAS gsad interface
|
||||
using a specific user/pass.
|
||||
},
|
||||
'Author' => [ 'Vlatko Kosturjak <kost[at]linux.hr>' ],
|
||||
|
|
|
|||
|
|
@ -12,7 +12,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
super(
|
||||
'Name' => 'Oracle Enterprise Manager Control SID Discovery',
|
||||
'Description' => %q{
|
||||
This module makes a request to the Oracle Enterprise Manager Control Console
|
||||
This module makes a request to the Oracle Enterprise Manager Control Console
|
||||
in an attempt to discover the SID.
|
||||
},
|
||||
'References' =>
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
super(update_info(info,
|
||||
'Name' => 'Oracle TNS Listener SID Bruteforce',
|
||||
'Description' => %q{
|
||||
This module queries the TNS listner for a valid Oracle database
|
||||
This module queries the TNS listener for a valid Oracle database
|
||||
instance name (also known as a SID).
|
||||
Any response other than a "reject" will be considered a success.
|
||||
If a specific SID is provided, that SID will be attempted. Otherwise,
|
||||
|
|
|
|||
|
|
@ -12,7 +12,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
super(update_info(info,
|
||||
'Name' => 'Oracle TNS Listener SID Enumeration',
|
||||
'Description' => %q{
|
||||
This module simply queries the TNS listner for the Oracle SID.
|
||||
This module simply queries the TNS listener for the Oracle SID.
|
||||
With Oracle 9.2.0.8 and above the listener will be protected and
|
||||
the SID will have to be bruteforced or guessed.
|
||||
},
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
This module checks the server for vulnerabilities like TNS Poison.
|
||||
Module sends a server a packet with command to register new TNS Listener and checks
|
||||
for a response indicating an error. If the registration is errored, the target is not
|
||||
vulnearble. Otherwise, the target is vulnerable to malicious registrations.
|
||||
vulnerable. Otherwise, the target is vulnerable to malicious registrations.
|
||||
},
|
||||
'Author' => ['ir0njaw (Nikita Kelesis) <nikita.elkey[at]gmail.com>'], # of Digital Security [http://dsec.ru]
|
||||
'References' =>
|
||||
|
|
|
|||
|
|
@ -12,7 +12,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
super(
|
||||
'Name' => 'Oracle XML DB SID Discovery',
|
||||
'Description' => %q{
|
||||
This module simply makes a authenticated request to retrieve
|
||||
This module simply makes an authenticated request to retrieve
|
||||
the sid from the Oracle XML DB httpd server.
|
||||
},
|
||||
'References' =>
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
super(update_info(info,
|
||||
'Name' => 'PostgreSQL Version Probe',
|
||||
'Description' => %q{
|
||||
Enumerates the verion of PostgreSQL servers.
|
||||
Enumerates the version of PostgreSQL servers.
|
||||
},
|
||||
'Author' => [ 'todb' ],
|
||||
'License' => MSF_LICENSE,
|
||||
|
|
|
|||
|
|
@ -12,7 +12,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
super(
|
||||
'Name' => 'SAP Management Console getStartProfile',
|
||||
'Description' => %q{
|
||||
This module simply attempts to acces the SAP startup profile
|
||||
This module simply attempts to access the SAP startup profile
|
||||
through the SAP Management Console SOAP Interface.
|
||||
},
|
||||
'References' =>
|
||||
|
|
|
|||
|
|
@ -13,10 +13,10 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'Description' => %q{
|
||||
Modbus is a cleartext protocol used in common SCADA systems, developed
|
||||
originally as a serial-line (RS232) async protocol, and later transformed
|
||||
to IP, which is called ModbusTCP. default tcpport is 502.
|
||||
to IP, which is called ModbusTCP. default tcp port is 502.
|
||||
|
||||
This module sends a command (0x04, read input register) to the modbus endpoint.
|
||||
If this command is sent to the correct unit-id, it returns with the same funcion-id.
|
||||
If this command is sent to the correct unit-id, it returns with the same function-id.
|
||||
if not, it should be added 0x80, so that it sys 0x84, and an exception-code follows
|
||||
which do not interest us. This does not always happen, but at least the first 4
|
||||
bytes in the return-packet should be exact the same as what was sent.
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'Name' => 'HP LaserJet Printer SNMP Enumeration',
|
||||
'Description' => %q{
|
||||
This module allows enumeration of files previously printed.
|
||||
It provides details as filename, client, timestamp and username informations.
|
||||
It provides details as filename, client, timestamp and username information.
|
||||
The default community used is "public".
|
||||
},
|
||||
'References' =>
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'Description' => %Q{
|
||||
This module uses supplied login credentials to connect to VMWare via
|
||||
the web interface. It then searches through the datastores looking for screenshots.
|
||||
It will downlaod any screenshots it finds and save them as loot.
|
||||
It will download any screenshots it finds and save them as loot.
|
||||
},
|
||||
'Author' => ['theLightCosine'],
|
||||
'License' => MSF_LICENSE
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
if you wish to load just Adobe Flash exploits, then you can set Include to 'adobe_flash'.
|
||||
|
||||
The EXCLUDE_PATTERN option will ignore exploits. For example, if you don't want any Adobe Flash
|
||||
exploits, you can set this. Also note that the Exclude option will always be evaludated
|
||||
exploits, you can set this. Also note that the Exclude option will always be evaluated
|
||||
after the Include option.
|
||||
|
||||
The MaxExploitCount option specifies the max number of exploits to load by Browser Autopwn.
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
|
||||
To use this module you will need to send an initial ICMP echo request containing the
|
||||
specific start trigger (defaults to '^BOF') this can be followed by the filename being sent (or
|
||||
a random filename can be assisnged). All data received from this source will automatically
|
||||
a random filename can be assigned). All data received from this source will automatically
|
||||
be added to the receive buffer until an ICMP echo request containing a specific end trigger
|
||||
(defaults to '^EOL') is received.
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue