From f3415f4147e6c7528cfddbbdb8fd7a7ae27b379b Mon Sep 17 00:00:00 2001 From: jvazquez-r7 Date: Fri, 23 Aug 2013 15:14:13 -0500 Subject: [PATCH] Make msftidy compliant --- .../osx/local/sudo_password_bypass.rb | 20 +++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) diff --git a/modules/exploits/osx/local/sudo_password_bypass.rb b/modules/exploits/osx/local/sudo_password_bypass.rb index 320573074c..9e311e823e 100644 --- a/modules/exploits/osx/local/sudo_password_bypass.rb +++ b/modules/exploits/osx/local/sudo_password_bypass.rb @@ -37,10 +37,18 @@ class Metasploit3 < Msf::Exploit::Local ran the sudo command. }, 'License' => MSF_LICENSE, - 'Author' => [ 'joev '], + 'Author' => + [ + 'Todd C. Miller', # Vulnerability discovery + 'joev ' # Metasploit module + ], 'Platform' => [ 'osx' ], 'SessionTypes' => [ 'shell', 'meterpreter'], - 'References' => [['CVE', '2013-1775']], + 'References' => + [ + ['CVE', '2013-1775'], + ['OSVDB', '90677'] + ], 'Platform' => 'osx', 'Arch' => [ ARCH_X86, ARCH_X64, ARCH_CMD ], 'Targets' => [ @@ -62,7 +70,8 @@ class Metasploit3 < Msf::Exploit::Local ] ], 'DefaultOptions' => { "PrependFork" => true }, - 'DefaultTarget' => 0 + 'DefaultTarget' => 0, + 'DisclosureDate' => 'Feb 28 2013' )) end @@ -73,7 +82,7 @@ class Metasploit3 < Msf::Exploit::Local sudo_vn = $1 sudo_vn_parts = sudo_vn.split(/[\.p]/).map(&:to_i) # check vn between 1.6.0 through 1.7.10p6 - # and 1.8.0 through 1.8.6p6 + # and 1.8.0 through 1.8.6p6 if not vn_bt(sudo_vn, VULNERABLE_VERSION_RANGES) print_error "sudo version #{sudo_vn} not vulnerable." return Exploit::CheckCode::Safe @@ -84,8 +93,7 @@ class Metasploit3 < Msf::Exploit::Local end if not user_in_admin_group? - print_error "sudo version is vulnerable, but user is not in the "+ - "admin group (necessary to change the date)." + print_error "sudo version is vulnerable, but user is not in the admin group (necessary to change the date)." Exploit::CheckCode::Safe end # one root for you sir