Land #16458, fortios_vpnssl_traversal_creds_leak: Add authors, notes, and references

2022-04-16 15:08:32 -05:00 · 2022-04-16 15:08:32 -05:00 · 8e4708205d
parent a977d48508 e34201ce48
commit 8e4708205d
1 changed files with 11 additions and 2 deletions
--- a/modules/auxiliary/gather/fortios_vpnssl_traversal_creds_leak.rb
+++ b/modules/auxiliary/gather/fortios_vpnssl_traversal_creds_leak.rb
@ -27,15 +27,24 @@ class MetasploitModule < Msf::Auxiliary
        },
        'References' => [
          %w[CVE 2018-13379],
-          ['URL', 'https://www.fortiguard.com/psirt/FG-IR-18-384'],
          %w[EDB 47287],
-          %w[EDB 47288]
+          %w[EDB 47288],
+          ['URL', 'https://www.fortiguard.com/psirt/FG-IR-18-384'],
+          ['URL', 'https://i.blackhat.com/USA-19/Wednesday/us-19-Tsai-Infiltrating-Corporate-Intranet-Like-NSA.pdf'],
+          ['URL', 'https://devco.re/blog/2019/08/09/attacking-ssl-vpn-part-2-breaking-the-Fortigate-ssl-vpn/']
        ],
        'Author' => [
+          'Meh Chang', # discovery and PoC
+          'Orange Tsai', # discovery and PoC
          'lynx (Carlos Vieira)', # initial module author from edb
          'mekhalleh (RAMELLA Sébastien)' # Metasploit module author (Zeop Entreprise)
        ],
        'License' => MSF_LICENSE,
+        'Notes' => {
+          'Stability' => [CRASH_SAFE],
+          'Reliability' => [],
+          'SideEffects' => [IOC_IN_LOGS]
+        },
        'DefaultOptions' => {
          'RPORT' => 10_443,
          'SSL' => true