2016-12-22 12:00:58 -06:00
|
|
|
|
|
|
|
|
class MetasploitModule < Msf::Exploit::Remote
|
2016-12-22 14:53:44 -06:00
|
|
|
include Exploit::Remote::Tcp
|
2016-12-22 12:00:58 -06:00
|
|
|
|
|
|
|
|
Rank = ManualRanking
|
|
|
|
|
|
|
|
|
|
def initialize(info = {})
|
|
|
|
|
super(update_info(info,
|
|
|
|
|
'Name' => 'Exploit With a Single Target',
|
|
|
|
|
'Description' => %q{ This module is a test bed for automatic targeting when there is only one target. },
|
|
|
|
|
'Author' => [ 'thelightcosine' ],
|
|
|
|
|
'License' => MSF_LICENSE,
|
|
|
|
|
'Privileged' => true,
|
|
|
|
|
'DefaultOptions' =>
|
|
|
|
|
{
|
|
|
|
|
'WfsDelay' => 10,
|
|
|
|
|
'EXITFUNC' => 'thread'
|
|
|
|
|
},
|
|
|
|
|
'Payload' =>
|
|
|
|
|
{
|
|
|
|
|
'Space' => 3072,
|
|
|
|
|
'DisableNops' => true
|
|
|
|
|
},
|
|
|
|
|
'Platform' => 'win',
|
|
|
|
|
'Arch' => [ARCH_X86, ARCH_X64],
|
|
|
|
|
'Targets' =>
|
|
|
|
|
[
|
|
|
|
|
['Windows 2000 Universal',
|
|
|
|
|
{
|
|
|
|
|
'Ret' => 0x001f1cb0,
|
|
|
|
|
'Scratch' => 0x00020408,
|
|
|
|
|
}
|
|
|
|
|
], # JMP EDI SVCHOST.EXE
|
|
|
|
|
],
|
2020-10-02 17:38:06 +01:00
|
|
|
'DisclosureDate' => '1999-01-01'
|
2016-12-22 12:00:58 -06:00
|
|
|
))
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def exploit
|
|
|
|
|
print_status("This exploit doesn't actually do anything")
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
end
|
