diff --git a/documentation/modules/exploit/linux/ssh/microfocus_obr_shrboadmin.md b/documentation/modules/exploit/linux/ssh/microfocus_obr_shrboadmin.md index 6b6d149f64..e15f93b652 100644 --- a/documentation/modules/exploit/linux/ssh/microfocus_obr_shrboadmin.md +++ b/documentation/modules/exploit/linux/ssh/microfocus_obr_shrboadmin.md @@ -1,13 +1,17 @@ ## Vulnerable Application -This module abuses a known default password on Micro Focus Operations Bridge Reporter. -The 'shrboadmin' user, installed by default by the product has the password of 'shrboadmin', and allows an attacker to login to server via SSH. -This module has been tested with Micro Focus Operations Bridge Manager 10.40. Earlier versions are most likely affected too, but have not been tested with this module. -Note that this is only exploitable in Linux installations. +This module abuses a known default password on Micro Focus Operations Bridge Reporter. The 'shrboadmin' user, installed +by default by the product has the password of 'shrboadmin', and allows an attacker to login to the server via SSH. This +module has been tested with Micro Focus Operations Bridge Manager 10.40. Earlier versions are most likely affected too, +but have not been tested with this module. Note that this is only exploitable in Linux installations. + +## Verification Steps + +1. Setup RHOST and run it! ## Scenarios -Setup RHOST and run it! +### Micro Focus Operations Bridge Manager 10.40 ``` msf6 > use exploit/linux/ssh/microfocus_obr_shrboadmin diff --git a/modules/exploits/linux/ssh/microfocus_obr_shrboadmin.rb b/modules/exploits/linux/ssh/microfocus_obr_shrboadmin.rb index 4dd43ca440..f8e031e707 100644 --- a/modules/exploits/linux/ssh/microfocus_obr_shrboadmin.rb +++ b/modules/exploits/linux/ssh/microfocus_obr_shrboadmin.rb @@ -19,7 +19,7 @@ class MetasploitModule < Msf::Exploit::Remote 'Description' => %q{ This module abuses a known default password on Micro Focus Operations Bridge Reporter. The 'shrboadmin' user, installed by default by the product has the password of 'shrboadmin', - and allows an attacker to login to server via SSH. + and allows an attacker to login to the server via SSH. This module has been tested with Micro Focus Operations Bridge Manager 10.40. Earlier versions are most likely affected too. Note that this is only exploitable in Linux installations.