mirror of
https://github.com/rapid7/metasploit-framework
synced 2024-09-25 10:48:31 +02:00
Reorder the Fedora targets to be descending
This commit is contained in:
parent
5dc8d0e684
commit
a8a1cf75b8
@ -61,18 +61,18 @@ The lengths to set as used by the manual target. See the "Manual Target" section
|
||||
|
||||
### NewUser
|
||||
*This is an advanced option.*
|
||||
|
||||
For targets using the second technique (adding a user to /etc/passwd), this is the name of the user.
|
||||
In the event of a successful exploit, the module remove that user from /etc/passwd as a cleanup measure.
|
||||
In the event of a successful exploit, the module will remove that user from /etc/passwd as a cleanup measure.
|
||||
If the exploit partially succeeds (that is, writes to /etc/passwd, but does not result in a shell), this
|
||||
account will need to be manually cleaned up.
|
||||
|
||||
### NewPassword
|
||||
*This is an advanced option.*
|
||||
|
||||
For targets using the second technique (adding a user to /etc/passwd), this is the new password. If left blank,
|
||||
the system creates a long, random password.
|
||||
|
||||
|
||||
|
||||
## Scenarios
|
||||
|
||||
### Ubuntu 20.04.1 x64
|
||||
|
@ -63,11 +63,11 @@ class MetasploitModule < Msf::Exploit::Local
|
||||
[ 'CentOS 8 x64 (sudo v1.8.25p1, libc v2.28)', { exploit_script: 'nss_generic2', exploit_params: [ ], exploit_technique: 'nss', lib_needs_space: false, version_fingerprint: /^CentOS Linux release 8/ } ],
|
||||
[ 'CentOS 7 x64 (sudo v1.8.23, libc v2.17)', { exploit_script: 'userspec_c7', exploit_technique: 'userspec', version_fingerprint: /^CentOS Linux release 7/ } ],
|
||||
[ 'CentOS 7 x64 (sudo v1.8.23, libc v2.17) - alternative', { exploit_script: 'userspec_generic', exploit_technique: 'userspec', version_fingerprint: /^CentOS Linux release 7/ } ],
|
||||
[ 'Fedora 23 x64 (sudo v1.8.14p3, libc v2.22)', { exploit_script: 'userspec_generic', exploit_technique: 'userspec', version_fingerprint: /^Fedora release 23/ } ],
|
||||
[ 'Fedora 24 x64 (sudo v1.8.16, libc v2.23)', { exploit_script: 'userspec_generic', exploit_technique: 'userspec', version_fingerprint: /^Fedora release 24/ } ],
|
||||
[ 'Fedora 25 x64 (sudo v1.8.18, libc v2.24)', { exploit_script: 'userspec_generic', exploit_technique: 'userspec', version_fingerprint: /^Fedora release 25/ } ],
|
||||
[ 'Fedora 26 x64 (sudo v1.8.20p2, libc v2.25)', { exploit_script: 'userspec_generic', exploit_technique: 'userspec', version_fingerprint: /^Fedora release 26/ } ],
|
||||
[ 'Fedora 27 x64 (sudo v1.8.21p2, libc v2.26)', { exploit_script: 'userspec_generic', exploit_technique: 'userspec', version_fingerprint: /^Fedora release 27/ } ],
|
||||
[ 'Fedora 26 x64 (sudo v1.8.20p2, libc v2.25)', { exploit_script: 'userspec_generic', exploit_technique: 'userspec', version_fingerprint: /^Fedora release 26/ } ],
|
||||
[ 'Fedora 25 x64 (sudo v1.8.18, libc v2.24)', { exploit_script: 'userspec_generic', exploit_technique: 'userspec', version_fingerprint: /^Fedora release 25/ } ],
|
||||
[ 'Fedora 24 x64 (sudo v1.8.16, libc v2.23)', { exploit_script: 'userspec_generic', exploit_technique: 'userspec', version_fingerprint: /^Fedora release 24/ } ],
|
||||
[ 'Fedora 23 x64 (sudo v1.8.14p3, libc v2.22)', { exploit_script: 'userspec_generic', exploit_technique: 'userspec', version_fingerprint: /^Fedora release 23/ } ],
|
||||
[ 'Manual', { exploit_script: 'nss_generic1', exploit_technique: 'nss', lib_needs_space: true } ],
|
||||
],
|
||||
'DefaultTarget' => 0,
|
||||
@ -87,7 +87,7 @@ class MetasploitModule < Msf::Exploit::Local
|
||||
])
|
||||
|
||||
register_advanced_options([
|
||||
OptString.new('Lengths', [ false, 'The lengths to set as used by the manual target. (format: #,#,#,#)' ], regex: /(\d+(, *| )){3}\d+/),
|
||||
OptString.new('Lengths', [ false, 'The lengths to set as used by the manual target. (format: #,#,#,#)' ], regex: /(\d+(, *| )){3}\d+/, conditions: %w[TARGET == Manual]),
|
||||
OptString.new('NewUser', [ false, 'A username to add as root (if required by exploit target)', 'msf' ], regex: /^[a-z_]([a-z0-9_-]{0,31}|[a-z0-9_-]{0,30}\$)$/),
|
||||
OptString.new('NewPassword', [ false, 'A password to add for NewUser (if required by exploit target)' ]),
|
||||
])
|
||||
|
Loading…
Reference in New Issue
Block a user