infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Land #10677, Pimcore and Dolibarr module renames

4.x 4.17.14
William Vu 2018-09-19 22:18:18 -05:00 committed by Metasploit
parent 785cf9e5aa
commit d16189a295
No known key found for this signature in database
GPG Key ID: CDFB5FA52007B954
2 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
modules/auxiliary/gather/dolibarr_list_creds_sqli.rb → modules/auxiliary/gather/dolibarr_creds_sqli.rb
View File

@ -8,9 +8,11 @@ class MetasploitModule < Msf::Auxiliary
def initialize(info = {}) def initialize(info = {})
super(update_info(info, super(update_info(info,
'Name' => 'Dolibarr List Creds', 'Name' => 'Dolibarr Gather Credentials via SQL Injection',
'Description' => %q{ 'Description' => %q{
This module enables an authenticated user to collect the usernames and encrypted passwords of other users in the Dolibarr ERP/CRM via SQL injection. This module enables an authenticated user to collect the usernames and
encrypted passwords of other users in the Dolibarr ERP/CRM via SQL
injection.
}, },
'Author' => [ 'Author' => [
'Issam Rabhi', # PoC 'Issam Rabhi', # PoC

2
modules/auxiliary/gather/pimcore_creds_sqli.rb
View File

@ -8,7 +8,7 @@ class MetasploitModule < Msf::Auxiliary
def initialize(info = {}) def initialize(info = {})
super(update_info(info, super(update_info(info,
'Name' => 'Pimcore List Credentials', 'Name' => 'Pimcore Gather Credentials via SQL Injection',
'Description' => %q{ 'Description' => %q{
This module extracts the usernames and hashed passwords of all users of This module extracts the usernames and hashed passwords of all users of
the Pimcore web service by exploiting a SQL injection vulnerability in the Pimcore web service by exploiting a SQL injection vulnerability in