Fixes #3643. These modules now report_vuln() correctly.
git-svn-id: file:///home/svn/framework3/trunk@11697 4d416f70-5f16-0410-b530-b9f4589650da
This commit is contained in:
parent
99b1703416
commit
e31f35e3ae
|
@ -67,18 +67,18 @@ class Metasploit3 < Msf::Auxiliary
|
|||
|
||||
# Report a vulnerability only if no password was specified
|
||||
if datastore['BasicAuthPass'].to_s.length == 0
|
||||
|
||||
report_vuln(
|
||||
:host => rhost,
|
||||
:port => rport,
|
||||
:name => 'IOS-HTTP-NO-AUTH',
|
||||
:info => "http://#{rhost}:#{rport}/exec/show/version/CR",
|
||||
:refs =>
|
||||
[
|
||||
[ 'BID', '1846'],
|
||||
[ 'CVE', '2000-0945'],
|
||||
[ 'OSVDB', '444'],
|
||||
]
|
||||
{
|
||||
:host => rhost,
|
||||
:port => rport,
|
||||
:proto => 'tcp',
|
||||
:name => 'IOS-HTTP-NO-AUTH',
|
||||
:info => "http://#{rhost}:#{rport}/exec/show/version/CR",
|
||||
:refs => self.references
|
||||
}
|
||||
)
|
||||
|
||||
end
|
||||
|
||||
res = send_request_cgi({
|
||||
|
|
|
@ -58,15 +58,18 @@ class Metasploit3 < Msf::Auxiliary
|
|||
|
||||
if res and res.body and res.body =~ /Cisco Internetwork Operating System Software/
|
||||
print_good("#{rhost}:#{rport} Found vulnerable privilege level: #{level}")
|
||||
|
||||
|
||||
report_vuln(
|
||||
:host => rhost,
|
||||
:port => rport,
|
||||
:proto => 'tcp',
|
||||
:name => 'IOS-HTTP-AUTH-BYPASS',
|
||||
:data => "http://#{rhost}:#{rport}/level/#{level}/exec/show/version/CR"
|
||||
{
|
||||
:host => rhost,
|
||||
:port => rport,
|
||||
:proto => 'tcp',
|
||||
:name => 'IOS-HTTP-AUTH-BYPASS',
|
||||
:info => "http://#{rhost}:#{rport}/level/#{level}/exec/show/version/CR",
|
||||
:refs => self.references
|
||||
}
|
||||
)
|
||||
|
||||
|
||||
res = send_request_cgi({
|
||||
'uri' => "/level/#{level}/exec/show/config/CR",
|
||||
'method' => 'GET'
|
||||
|
|
|
@ -127,15 +127,14 @@ class Metasploit3 < Msf::Auxiliary
|
|||
# Report a note or vulnerability or something
|
||||
# Not really this one, but close
|
||||
report_vuln(
|
||||
:host => target_host,
|
||||
:port => rport,
|
||||
:proto => 'http',
|
||||
:name => 'FrontPage ACCESS ALLOWED',
|
||||
:info => "#{info} FrontPage ACCESS ALLOWED [#{retcode}]",
|
||||
:refs =>
|
||||
[
|
||||
[ 'CVE', '2006-0015'],
|
||||
]
|
||||
{
|
||||
:host => target_host,
|
||||
:port => rport,
|
||||
:proto => 'tcp',
|
||||
:name => 'FrontPage ACCESS ALLOWED',
|
||||
:info => "#{info} FrontPage ACCESS ALLOWED [#{retcode}]",
|
||||
:refs => self.references
|
||||
}
|
||||
)
|
||||
when /^401/
|
||||
print_error("#{info} FrontPage Password Protected [#{retcode}]")
|
||||
|
|
|
@ -102,18 +102,14 @@ class Metasploit3 < Msf::Auxiliary
|
|||
|
||||
|
||||
report_vuln(
|
||||
:host => ip,
|
||||
:port => rport,
|
||||
:name => 'IIS-WEBDAV-UNICODE-BYPASS',
|
||||
:info => "#{tpath}#{bogus} / Code: #{res.code}",
|
||||
:refs =>
|
||||
[
|
||||
[ 'CVE', '2009-1122'],
|
||||
[ 'CVE', '2009-1535'],
|
||||
[ 'MSB', 'MS09-020'],
|
||||
[ 'OSVDB', '54555'],
|
||||
[ 'BID', '34993']
|
||||
]
|
||||
{
|
||||
:host => ip,
|
||||
:port => rport,
|
||||
:proto => 'tcp',
|
||||
:name => 'IIS-WEBDAV-UNICODE-BYPASS',
|
||||
:info => "#{tpath}#{bogus} / Code: #{res.code}",
|
||||
:refs => self.references
|
||||
}
|
||||
)
|
||||
|
||||
end
|
||||
|
|
|
@ -59,17 +59,15 @@ class Metasploit3 < Msf::Auxiliary
|
|||
#print_status("Output Of Requested File:\n#{res.body}")
|
||||
print_status("#{target_host}:#{rport} appears vulnerable to VMWare Directory Traversal Vulnerability")
|
||||
report_vuln(
|
||||
:host => target_host,
|
||||
:port => rport,
|
||||
:proto => (ssl ? 'https' : 'http'),
|
||||
:name => 'VMWARE-DIRECTORY-TRAVERSAL',
|
||||
:data => res.code,
|
||||
:refs =>
|
||||
[
|
||||
[ 'CVE', '2009-3733'],
|
||||
[ 'BID', '36842'],
|
||||
]
|
||||
)
|
||||
{
|
||||
:host => target_host,
|
||||
:port => rport,
|
||||
:proto => 'tcp',
|
||||
:name => 'VMWARE-DIRECTORY-TRAVERSAL',
|
||||
:info => res.code,
|
||||
:refs => self.references
|
||||
}
|
||||
)
|
||||
else
|
||||
''
|
||||
#print_status("Received #{res.code} for #{trav}#{file}")
|
||||
|
|
|
@ -81,7 +81,8 @@ class Metasploit3 < Msf::Auxiliary
|
|||
:port => rport,
|
||||
:proto => 'tcp',
|
||||
:name => 'VNC-NONE-AUTH-ALLOWED',
|
||||
:data => sec_type.join(",")
|
||||
:info => sec_type.join(","),
|
||||
:refs => self.references
|
||||
})
|
||||
end
|
||||
|
||||
|
|
Loading…
Reference in New Issue