infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Refactor AKA references for modules

GSoC/Meterpreter_Web_Console
Erin Bleiweiss 2018-08-27 13:11:22 -05:00
parent 6ba9307a61
commit eb17d9b198
No known key found for this signature in database
GPG Key ID: F69B2138BD594660
25 changed files with 150 additions and 56 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
modules/auxiliary/admin/smb/ms17_010_command.rb
View File

@ -32,10 +32,6 @@ class MetasploitModule < Msf::Auxiliary
'License' => MSF_LICENSE,
'References' => [
[ 'AKA', 'ETERNALSYNERGY' ],
[ 'AKA', 'ETERNALROMANCE' ],
[ 'AKA', 'ETERNALCHAMPION' ],
[ 'AKA', 'ETERNALBLUE'], # does not use any CVE from Blue, but Search should show this, it is preferred
[ 'MSB', 'MS17-010' ],
[ 'CVE', '2017-0143'], # EternalRomance/EternalSynergy - Type confusion between WriteAndX and Transaction requests
[ 'CVE', '2017-0146'], # EternalChampion/EternalSynergy - Race condition with Transaction requests
@ -44,7 +40,16 @@ class MetasploitModule < Msf::Auxiliary
[ 'URL', 'https://hitcon.org/2017/CMT/slide-files/d2_s2_r0.pdf' ],
[ 'URL', 'https://blogs.technet.microsoft.com/srd/2017/06/29/eternal-champion-exploit-analysis/' ],
],
'DisclosureDate' => 'Mar 14 2017'
'DisclosureDate' => 'Mar 14 2017',
'Notes' =>
{
'AKA' => [
'ETERNALSYNERGY',
'ETERNALROMANCE',
'ETERNALCHAMPION',
'ETERNALBLUE' # does not use any CVE from Blue, but Search should show this, it is preferred
]
}
))
register_options([

7
modules/auxiliary/scanner/http/apache_mod_cgi_bash_env.rb
View File

@ -31,7 +31,6 @@ class MetasploitModule < Msf::Auxiliary
'lcamtuf' # CVE-2014-6278
],
'References' => [
[ 'AKA', 'Shellshock' ],
[ 'CVE', '2014-6271' ],
[ 'CVE', '2014-6278' ],
[ 'OSVDB', '112004' ],
@ -40,7 +39,11 @@ class MetasploitModule < Msf::Auxiliary
[ 'URL', 'http://seclists.org/oss-sec/2014/q3/649' ]
],
'DisclosureDate' => 'Sep 24 2014',
'License' => MSF_LICENSE
'License' => MSF_LICENSE,
'Notes' =>
{
'AKA' => ['Shellshock']
}
))
register_options([

7
modules/auxiliary/scanner/http/apache_optionsbleed.rb
View File

@ -21,14 +21,17 @@ class MetasploitModule < Msf::Auxiliary
'h00die', # Metasploit module
],
'References' => [
[ 'AKA', 'Optionsbleed' ],
[ 'CVE', '2017-9798' ],
[ 'EDB', '42745' ],
[ 'URL', 'https://github.com/hannob/optionsbleed' ],
[ 'URL', 'https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html' ]
],
'DisclosureDate' => 'Sep 18 2017',
'License' => MSF_LICENSE
'License' => MSF_LICENSE,
'Notes' =>
{
'AKA' => ['Optionsbleed']
}
))
register_options([

11
modules/auxiliary/scanner/smb/smb_ms17_010.rb
View File

@ -34,8 +34,6 @@ class MetasploitModule < Msf::Auxiliary
],
'References' =>
[
[ 'AKA', 'DOUBLEPULSAR' ],
[ 'AKA', 'ETERNALBLUE' ],
[ 'CVE', '2017-0143'],
[ 'CVE', '2017-0144'],
[ 'CVE', '2017-0145'],
@ -47,7 +45,14 @@ class MetasploitModule < Msf::Auxiliary
[ 'URL', 'https://github.com/countercept/doublepulsar-detection-script'],
[ 'URL', 'https://technet.microsoft.com/en-us/library/security/ms17-010.aspx']
],
'License' => MSF_LICENSE
'License' => MSF_LICENSE,
'Notes' =>
{
'AKA' => [
'DOUBLEPULSAR',
'ETERNALBLUE'
]
}
))
register_options(

7
modules/auxiliary/scanner/ssl/openssl_heartbleed.rb
View File

@ -129,7 +129,6 @@ class MetasploitModule < Msf::Auxiliary
],
'References' =>
[
[ 'AKA', 'Heartbleed' ],
[ 'CVE', '2014-0160' ],
[ 'US-CERT-VU', '720951' ],
[ 'URL', 'https://www.us-cert.gov/ncas/alerts/TA14-098A' ],
@ -146,7 +145,11 @@ class MetasploitModule < Msf::Auxiliary
['DUMP', {'Description' => 'Dump memory contents'}],
['KEYS', {'Description' => 'Recover private keys from memory'}]
],
'DefaultAction' => 'SCAN'
'DefaultAction' => 'SCAN',
'Notes' =>
{
'AKA' => ['Heartbleed']
}
)
register_options(

7
modules/auxiliary/server/dhclient_bash_env.rb
View File

@ -35,7 +35,6 @@ class MetasploitModule < Msf::Auxiliary
],
'DefaultAction' => 'Service',
'References' => [
[ 'AKA', 'Shellshock' ],
[ 'CVE', '2014-6271' ],
[ 'CWE', '94' ],
[ 'OSVDB', '112004' ],
@ -44,7 +43,11 @@ class MetasploitModule < Msf::Auxiliary
[ 'URL', 'http://seclists.org/oss-sec/2014/q3/649' ],
[ 'URL', 'https://www.trustedsec.com/september-2014/shellshock-dhcp-rce-proof-concept/' ]
],
'DisclosureDate' => 'Sep 24 2014'
'DisclosureDate' => 'Sep 24 2014',
'Notes' =>
{
'AKA' => ['Shellshock']
}
)
register_options(

8
modules/auxiliary/server/openssl_heartbeat_client_memory.rb
View File

@ -29,13 +29,17 @@ class MetasploitModule < Msf::Auxiliary
'DefaultAction' => 'Capture',
'References' =>
[
[ 'AKA', 'Heartbleed' ],
[ 'CVE', '2014-0160' ],
[ 'US-CERT-VU', '720951' ],
[ 'URL', 'https://www.us-cert.gov/ncas/alerts/TA14-098A' ],
[ 'URL', 'http://heartbleed.com/' ]
],
'DisclosureDate' => 'Apr 07 2014'
'DisclosureDate' => 'Apr 07 2014',
'Notes' =>
{
'AKA' => ['Heartbleed']
}
)
register_options(

8
modules/exploits/android/browser/stagefright_mp4_tx3g_64bit.rb
View File

@ -50,7 +50,6 @@ class MetasploitModule < Msf::Exploit::Remote
],
'References' =>
[
[ 'AKA', 'stagefright' ],
[ 'CVE', '2015-3864' ],
[ 'URL', 'https://blog.exodusintel.com/2015/08/13/stagefright-mission-accomplished/' ],
[ 'URL', 'http://googleprojectzero.blogspot.com/2015/09/stagefrightened.html' ],
@ -347,7 +346,12 @@ class MetasploitModule < Msf::Exploit::Remote
],
'Privileged' => true,
'DisclosureDate' => "Aug 13 2015",
'DefaultTarget' => 0))
'DefaultTarget' => 0,
'Notes' =>
{
'AKA' => ['stagefright']
}
))
=begin
register_options(

7
modules/exploits/linux/http/advantech_switch_bash_env_exec.rb
View File

@ -18,7 +18,6 @@ class MetasploitModule < Msf::Exploit::Remote
},
'Author' => 'hdm',
'References' => [
[ 'AKA', 'Shellshock' ],
[ 'CVE', '2014-6271' ],
[ 'CWE', '94' ],
[ 'OSVDB', '112004' ],
@ -44,7 +43,11 @@ class MetasploitModule < Msf::Exploit::Remote
'Targets' => [[ 'Automatic Targeting', { 'auto' => true } ]],
'DefaultTarget' => 0,
'License' => MSF_LICENSE,
'DisclosureDate' => 'Dec 01 2015'
'DisclosureDate' => 'Dec 01 2015',
'Notes' =>
{
'AKA' => ['Shellshock']
}
))
register_options([
Opt::RPORT(80)

7
modules/exploits/linux/http/ipfire_bashbug_exec.rb
View File

@ -24,7 +24,6 @@ class MetasploitModule < Msf::Exploit::Remote
],
'References' =>
[
[ 'AKA', 'Shellshock' ],
[ 'EDB', '34839' ],
[ 'CVE', '2014-6271']
],
@ -50,7 +49,11 @@ class MetasploitModule < Msf::Exploit::Remote
[ 'Automatic Target', {}]
],
'DefaultTarget' => 0,
'DisclosureDate' => 'Sep 29 2014'
'DisclosureDate' => 'Sep 29 2014',
'Notes' =>
{
'AKA' => ['Shellshock']
}
)
)

8
modules/exploits/linux/local/af_packet_chocobo_root_priv_esc.rb
View File

@ -51,7 +51,6 @@ class MetasploitModule < Msf::Exploit::Local
'Privileged' => true,
'References' =>
[
[ 'AKA', 'chocobo_root.c' ],
[ 'EDB', '40871' ],
[ 'CVE', '2016-8655' ],
[ 'BID', '94692' ],
@ -63,7 +62,12 @@ class MetasploitModule < Msf::Exploit::Local
[ 'URL', 'https://www.securitytracker.com/id/1037403' ],
[ 'URL', 'https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=84ac7260236a49c79eede91617700174c2c19b0c' ]
],
'DefaultTarget' => 0))
'DefaultTarget' => 0,
'Notes' =>
{
'AKA' => ['chocobo_root.c']
}
))
register_options [
OptInt.new('TIMEOUT', [ true, 'Race timeout (seconds)', '600' ]),
OptEnum.new('COMPILE', [ true, 'Compile on target', 'Auto', %w(Auto True False) ]),

13
modules/exploits/linux/local/bpf_sign_extension_priv_esc.rb
View File

@ -63,8 +63,6 @@ class MetasploitModule < Msf::Exploit::Local
'Privileged' => true,
'References' =>
[
[ 'AKA', 'get-rekt-linux-hardened.c' ],
[ 'AKA', 'upstream44.c' ],
[ 'BID', '102288' ],
[ 'CVE', '2017-16995' ],
[ 'EDB', '44298' ],
@ -81,7 +79,16 @@ class MetasploitModule < Msf::Exploit::Local
[ 'URL', 'http://openwall.com/lists/oss-security/2017/12/21/2'],
[ 'URL', 'https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=95a762e2c8c942780948091f8f2a4f32fce1ac6f' ]
],
'DefaultTarget' => 0))
'DefaultTarget' => 0,
'Notes' =>
{
'AKA' =>
[
'get-rekt-linux-hardened.c',
'upstream44.c'
]
}
))
register_options [
OptEnum.new('COMPILE', [ true, 'Compile on target', 'Auto', %w[Auto True False] ]),
OptString.new('WritableDir', [ true, 'A directory where we can write files', '/tmp' ])

8
modules/exploits/linux/local/glibc_realpath_priv_esc.rb
View File

@ -44,7 +44,6 @@ class MetasploitModule < Msf::Exploit::Local
'Privileged' => true,
'References' =>
[
[ 'AKA', 'RationalLove.c' ],
[ 'BID', '102525' ],
[ 'CVE', '2018-1000001' ],
[ 'EDB', '43775' ],
@ -55,7 +54,12 @@ class MetasploitModule < Msf::Exploit::Local
[ 'URL', 'https://usn.ubuntu.com/3534-1/' ],
[ 'URL', 'https://bugzilla.redhat.com/show_bug.cgi?id=1533836' ]
],
'DefaultTarget' => 0))
'DefaultTarget' => 0,
'Notes' =>
{
'AKA' => ['RationalLove.c']
}
))
register_options [
OptEnum.new('COMPILE', [ true, 'Compile on target', 'Auto', %w(Auto True False) ]),
OptString.new('WritableDir', [ true, 'A directory where we can write files', '/tmp' ]),

8
modules/exploits/linux/local/libuser_roothelper_priv_esc.rb
View File

@ -59,7 +59,6 @@ class MetasploitModule < Msf::Exploit::Local
'Privileged' => true,
'References' =>
[
[ 'AKA', 'roothelper.c' ],
[ 'EDB', '37706' ],
[ 'CVE', '2015-3245' ],
[ 'CVE', '2015-3246' ],
@ -68,7 +67,12 @@ class MetasploitModule < Msf::Exploit::Local
[ 'URL', 'http://seclists.org/oss-sec/2015/q3/185' ],
[ 'URL', 'https://access.redhat.com/articles/1537873' ]
],
'DefaultTarget' => 0))
'DefaultTarget' => 0,
'Notes' =>
{
'AKA' => ['roothelper.c']
}
))
register_options [
OptEnum.new('COMPILE', [ true, 'Compile on target', 'Auto', %w(Auto True False) ]),
OptString.new('PASSWORD', [ true, 'Password for the current user', '' ]),

8
modules/exploits/linux/local/rds_priv_esc.rb
View File

@ -39,7 +39,6 @@ class MetasploitModule < Msf::Exploit::Local
'Privileged' => true,
'References' =>
[
[ 'AKA', 'rds-fail.c' ],
[ 'EDB', '15285' ],
[ 'CVE', '2010-3904' ],
[ 'BID', '44219' ],
@ -55,7 +54,12 @@ class MetasploitModule < Msf::Exploit::Local
'WfsDelay' => 10,
'PrependFork' => true
},
'DefaultTarget' => 0))
'DefaultTarget' => 0,
'Notes' =>
{
'AKA' => ['rds-fail.c']
}
))
register_options [
OptEnum.new('COMPILE', [ true, 'Compile on target', 'Auto', %w(Auto True False) ]),
OptString.new('WritableDir', [ true, 'A directory where we can write files', '/tmp' ]),

8
modules/exploits/multi/browser/adobe_flash_hacking_team_uaf.rb
View File

@ -32,7 +32,6 @@ class MetasploitModule < Msf::Exploit::Remote
],
'References' =>
[
['AKA', '0DayFlush'],
['CVE', '2015-5119'],
['URL', 'https://helpx.adobe.com/security/products/flash-player/apsa15-03.html'],
['URL', 'http://blog.trendmicro.com/trendlabs-security-intelligence/unpatched-flash-player-flaws-more-pocs-found-in-hacking-team-leak/'],
@ -91,7 +90,12 @@ class MetasploitModule < Msf::Exploit::Remote
],
'Privileged' => false,
'DisclosureDate' => 'Jul 06 2015',
'DefaultTarget' => 0))
'DefaultTarget' => 0,
'Notes' =>
{
'AKA' => ['0DayFlush']
}
))
end
def exploit

8
modules/exploits/multi/ftp/pureftpd_bash_env_exec.rb
View File

@ -27,7 +27,6 @@ class MetasploitModule < Msf::Exploit::Remote
],
'References' =>
[
[ 'AKA', 'Shellshock' ],
[ 'CVE', '2014-6271' ],
[ 'CWE', '94' ],
[ 'OSVDB', '112004' ],
@ -62,7 +61,12 @@ class MetasploitModule < Msf::Exploit::Remote
'PrependFork' => true
},
'DefaultTarget' => 0,
'DisclosureDate' => 'Sep 24 2014'))
'DisclosureDate' => 'Sep 24 2014',
'Notes' =>
{
'AKA' => ['Shellshock']
}
))
register_options(
[
Opt::RPORT(21),

7
modules/exploits/multi/http/apache_mod_cgi_bash_env_exec.rb
View File

@ -25,7 +25,6 @@ class MetasploitModule < Msf::Exploit::Remote
'lcamtuf' # CVE-2014-6278
],
'References' => [
[ 'AKA', 'Shellshock' ],
[ 'CVE', '2014-6271' ],
[ 'CVE', '2014-6278' ],
[ 'CWE', '94' ],
@ -58,7 +57,11 @@ class MetasploitModule < Msf::Exploit::Remote
],
'DefaultTarget' => 0,
'DisclosureDate' => 'Sep 24 2014',
'License' => MSF_LICENSE
'License' => MSF_LICENSE,
'Notes' =>
{
'AKA' => ['Shellshock']
}
))
register_options([

7
modules/exploits/multi/http/cups_bash_env_exec.rb
View File

@ -22,7 +22,6 @@ class MetasploitModule < Msf::Exploit::Remote
'Brendan Coles <bcoles[at]gmail.com>' # msf
],
'References' => [
[ 'AKA', 'Shellshock' ],
[ 'CVE', '2014-6271' ],
[ 'CVE', '2014-6278' ],
[ 'CWE', '94' ],
@ -53,7 +52,11 @@ class MetasploitModule < Msf::Exploit::Remote
'Targets' => [[ 'Automatic Targeting', { 'auto' => true } ]],
'DefaultTarget' => 0,
'DisclosureDate' => 'Sep 24 2014',
'License' => MSF_LICENSE
'License' => MSF_LICENSE,
'Notes' =>
{
'AKA' => ['Shellshock']
}
))
register_options([
Opt::RPORT(631),

7
modules/exploits/osx/local/vmware_bash_function_root.rb
View File

@ -29,7 +29,6 @@ class MetasploitModule < Msf::Exploit::Local
],
'References' =>
[
[ 'AKA', 'Shellshock' ],
[ 'CVE', '2014-6271' ],
[ 'CWE', '94' ],
[ 'OSVDB', '112004' ],
@ -47,7 +46,11 @@ class MetasploitModule < Msf::Exploit::Local
]
],
'DefaultTarget' => 0,
'DisclosureDate' => 'Sep 24 2014'
'DisclosureDate' => 'Sep 24 2014',
'Notes' =>
{
'AKA' => ['Shellshock']
}
))
register_options [

7
modules/exploits/unix/dhcp/bash_environment.rb
View File

@ -32,7 +32,6 @@ class MetasploitModule < Msf::Exploit::Remote
'Arch' => ARCH_CMD,
'References' =>
[
[ 'AKA', 'Shellshock' ],
[ 'CVE', '2014-6271' ],
[ 'CWE', '94' ],
[ 'OSVDB', '112004' ],
@ -54,7 +53,11 @@ class MetasploitModule < Msf::Exploit::Remote
},
'Targets' => [ [ 'Automatic Target', { }] ],
'DefaultTarget' => 0,
'DisclosureDate' => 'Sep 24 2014'
'DisclosureDate' => 'Sep 24 2014',
'Notes' =>
{
'AKA' => ['Shellshock']
}
))
deregister_options('DOMAINNAME', 'HOSTNAME', 'URL')

7
modules/exploits/unix/dhcp/rhel_dhcp_client_command_injection.rb
View File

@ -32,7 +32,6 @@ class MetasploitModule < Msf::Exploit::Remote
'Privileged' => true,
'References' =>
[
['AKA', 'DynoRoot'],
['CVE', '2018-1111'],
['EDB': '44652'],
['URL', 'https://github.com/kkirsche/CVE-2018-1111'],
@ -45,7 +44,11 @@ class MetasploitModule < Msf::Exploit::Remote
],
'Targets' => [ [ 'Automatic Target', { }] ],
'DefaultTarget' => 0,
'DisclosureDate' => 'May 15 2018'
'DisclosureDate' => 'May 15 2018',
'Notes' =>
{
'AKA' => ['DynoRoot']
}
))
deregister_options('DOMAINNAME', 'HOSTNAME', 'URL', 'FILENAME')

11
modules/exploits/unix/webapp/drupal_drupalgeddon2.rb
View File

@ -35,8 +35,6 @@ class MetasploitModule < Msf::Exploit::Remote
['URL', 'https://github.com/a2u/CVE-2018-7600'],
['URL', 'https://github.com/nixawk/labs/issues/19'],
['URL', 'https://github.com/FireFart/CVE-2018-7600'],
['AKA', 'SA-CORE-2018-002'],
['AKA', 'Drupalgeddon 2']
],
'DisclosureDate' => 'Mar 28 2018',
'License' => MSF_LICENSE,
@ -124,7 +122,14 @@ class MetasploitModule < Msf::Exploit::Remote
]
],
'DefaultTarget' => 0, # Automatic (PHP In-Memory)
'DefaultOptions' => {'WfsDelay' => 2}
'DefaultOptions' => {'WfsDelay' => 2},
'Notes' =>
{
'AKA' => [
'SA-CORE-2018-002',
'Drupalgeddon 2'
]
}
))
register_options([

8
modules/exploits/windows/iis/iis_webdav_scstoragepathfromurl.rb
View File

@ -34,7 +34,6 @@ class MetasploitModule < Msf::Exploit::Remote
'License' => MSF_LICENSE,
'References' =>
[
[ 'AKA', 'EXPLODINGCAN' ],
[ 'CVE', '2017-7269' ],
[ 'BID', '97127' ],
[ 'URL', 'https://github.com/edwardz246003/IIS_exploit' ],
@ -69,7 +68,12 @@ class MetasploitModule < Msf::Exploit::Remote
],
'Platform' => 'win',
'DisclosureDate' => 'Mar 26 2017',
'DefaultTarget' => 0))
'DefaultTarget' => 0,
'Notes' =>
{
'AKA' => ['EXPLODINGCAN']
}
))
register_options(
[

7
modules/exploits/windows/smb/ms17_010_eternalblue.rb
View File

@ -47,7 +47,6 @@ class MetasploitModule < Msf::Exploit::Remote
'License' => MSF_LICENSE,
'References' =>
[
[ 'AKA', 'ETERNALBLUE' ],
[ 'MSB', 'MS17-010' ],
[ 'CVE', '2017-0143' ],
[ 'CVE', '2017-0144' ],
@ -85,7 +84,11 @@ class MetasploitModule < Msf::Exploit::Remote
],
],
'DefaultTarget' => 0,
'DisclosureDate' => 'Mar 14 2017'
'DisclosureDate' => 'Mar 14 2017',
'Notes' =>
{
'AKA' => ['ETERNALBLUE']
}
))
register_options(