From 97f9edb5f77c58a3426779a91b6da9727357df36 Mon Sep 17 00:00:00 2001 From: h00die Date: Mon, 23 Oct 2023 06:35:23 -0400 Subject: [PATCH] review --- .../modules/exploit/linux/ssh/vmware_vrni_known_privkey.md | 2 +- modules/exploits/linux/ssh/vmware_vrni_known_privkey.rb | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/documentation/modules/exploit/linux/ssh/vmware_vrni_known_privkey.md b/documentation/modules/exploit/linux/ssh/vmware_vrni_known_privkey.md index b471e90ba0..4226b721e5 100644 --- a/documentation/modules/exploit/linux/ssh/vmware_vrni_known_privkey.md +++ b/documentation/modules/exploit/linux/ssh/vmware_vrni_known_privkey.md @@ -1,7 +1,7 @@ ## Vulnerable Application VMWare Aria Operations for Networks (vRealize Network Insight) versions 6.0.0 through 6.10.0 -does not randomize the SSH keys on virtual machine initialization. Since the key is easily +do not randomize the SSH keys on virtual machine initialization. Since the key is easily retrievable, an attacker can use it to gain unauthorized remote access as the "support" (root) user. ### Install diff --git a/modules/exploits/linux/ssh/vmware_vrni_known_privkey.rb b/modules/exploits/linux/ssh/vmware_vrni_known_privkey.rb index be106285f0..4a49b19bec 100644 --- a/modules/exploits/linux/ssh/vmware_vrni_known_privkey.rb +++ b/modules/exploits/linux/ssh/vmware_vrni_known_privkey.rb @@ -20,7 +20,7 @@ class MetasploitModule < Msf::Exploit::Remote 'Name' => 'VMWare Aria Operations for Networks (vRealize Network Insight) SSH Private Key Exposure', 'Description' => %q{ VMWare Aria Operations for Networks (vRealize Network Insight) versions 6.0.0 through 6.10.0 - does not randomize the SSH keys on virtual machine initialization. Since the key is easily + do not randomize the SSH keys on virtual machine initialization. Since the key is easily retrievable, an attacker can use it to gain unauthorized remote access as the "support" (root) user. }, 'Platform' => 'unix',