Minor desc and status updates, cosmetic
This commit is contained in:
parent
1ef16fb722
commit
0ef2e07012
|
@ -19,7 +19,7 @@ class Metasploit3 < Msf::Auxiliary
|
|||
This module exploits a SQL injection vulnerability found in Advantech WebAccess 7.1. The
|
||||
vulnerability exists in the DBVisitor.dll component, and can be abused through malicious
|
||||
requests to the ChartThemeConfig web service. This module can be used to extract the site
|
||||
and projects usernames and hashes.
|
||||
and project usernames and hashes.
|
||||
},
|
||||
'References' =>
|
||||
[
|
||||
|
|
|
@ -44,7 +44,7 @@ class Metasploit3 < Msf::Auxiliary
|
|||
row.each { |val| @hashes << val.value.to_s }
|
||||
end
|
||||
|
||||
print_good("#{ip} Found Users & Password Hashes:")
|
||||
print_good("#{ip} - Found user and password hashes:")
|
||||
end
|
||||
|
||||
credinfo = ""
|
||||
|
@ -67,7 +67,7 @@ class Metasploit3 < Msf::Auxiliary
|
|||
rescue ::Interrupt
|
||||
raise $!
|
||||
rescue ::Exception => e
|
||||
print_error("#{ip} error: #{e.class} #{e}")
|
||||
print_error("#{ip} - Error: #{e.class} #{e}")
|
||||
disconnect_snmp
|
||||
end
|
||||
end
|
||||
|
|
|
@ -95,7 +95,7 @@ class Metasploit3 < Msf::Auxiliary
|
|||
rescue ::Interrupt
|
||||
raise $!
|
||||
rescue ::Exception => e
|
||||
print_error("#{ip} error: #{e.class} #{e}")
|
||||
print_error("#{ip} - Error: #{e.class} #{e}")
|
||||
disconnect_snmp
|
||||
end
|
||||
end
|
||||
|
|
|
@ -152,7 +152,7 @@ class Metasploit3 < Msf::Auxiliary
|
|||
rescue ::Interrupt
|
||||
raise $!
|
||||
rescue ::Exception => e
|
||||
print_error("#{ip} error: #{e.class} #{e}")
|
||||
print_error("#{ip} - Error: #{e.class} #{e}")
|
||||
disconnect_snmp
|
||||
end
|
||||
end
|
||||
|
|
|
@ -19,11 +19,11 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
'Description' => %q{
|
||||
This module exploits a code execution flaw in Symantec Workspace Streaming. The
|
||||
vulnerability exists in the ManagementAgentServer.putFile XMLRPC call exposed by the
|
||||
as_agent.exe service, which allows to upload arbitrary files under the server root.
|
||||
This module abuses the auto deploy feature at the JBoss as_ste.exe's instance in order
|
||||
as_agent.exe service, which allows for uploading arbitrary files under the server root.
|
||||
This module abuses the auto deploy feature in the JBoss as_ste.exe instance in order
|
||||
to achieve remote code execution. This module has been tested successfully on Symantec
|
||||
Workspace Streaming 6.1 SP8 and Windows 2003 SP2. Abused services listen on a single
|
||||
machine deployment, and also at the backend role in a multiple machines deployment
|
||||
machine deployment, and also in the backend role in a multiple machine deployment.
|
||||
},
|
||||
'Author' =>
|
||||
[
|
||||
|
|
Loading…
Reference in New Issue