From ceaa99e64ea88e2ab8190c679462154502fb8809 Mon Sep 17 00:00:00 2001 From: jvazquez-r7 Date: Mon, 7 Apr 2014 16:12:54 -0500 Subject: [PATCH] Minor final cleanup --- modules/exploits/linux/http/fritzbox_echo_exec.rb | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/modules/exploits/linux/http/fritzbox_echo_exec.rb b/modules/exploits/linux/http/fritzbox_echo_exec.rb index 08b06b4471..ee4b9da296 100644 --- a/modules/exploits/linux/http/fritzbox_echo_exec.rb +++ b/modules/exploits/linux/http/fritzbox_echo_exec.rb @@ -25,28 +25,27 @@ class Metasploit3 < Msf::Exploit::Remote [ 'unknown', # Vulnerability discovery 'Fabian Braeunlein ', #Metasploit PoC with wget method - 'Michael Messner ', # Metasploit module - 'juan vazquez' # minor help with msf module + 'Michael Messner ' # Metasploit module ], 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '103289' ], + [ 'BID', '65520' ], [ 'URL', 'http://www.kapple.de/?p=75' ], #vulnerability details with PoC [ 'URL', 'https://www.speckmarschall.de/hoere.htm' ], #probably the first published details (now censored) [ 'URL', 'http://pastebin.com/GnMKGmZ2' ], #published details uncensored from speckmarschall [ 'URL', 'http://www.avm.de/en/Sicherheit/update_list.html' ], #vendor site with a list of vulnerable devices - [ 'URL', 'http://breaking.systems/blog/2014/04/avm-fritzbox-root-rce-from-patch-to-metasploit-module-ii' ], #wirteup with PoC - [ 'BID', '65520' ], - [ 'OSVDB', '103289' ] + [ 'URL', 'http://breaking.systems/blog/2014/04/avm-fritzbox-root-rce-from-patch-to-metasploit-module-ii' ] #wirteup with PoC ], 'DisclosureDate' => 'Feb 11 2014', 'Privileged' => true, - 'Platform' => %w{ linux }, + 'Platform' => 'linux', + 'Arch' => ARCH_MIPSLE, 'Payload' => { 'DisableNops' => true }, - 'Arch' => ARCH_MIPSLE, 'Targets' => [ [ 'Automatic Targeting', { } ],