Metasploit-exploitdb: Unterschied zwischen den Versionen

Aus Xinux Wiki
Zur Navigation springen Zur Suche springen
Zeile 17: Zeile 17:
 
=Kopieren des Moduls=
 
=Kopieren des Moduls=
 
*cp /usr/share/exploitdb/exploits/cgi/webapps/42344.rb ~/.msf4/modules/exploits/cgi/webapps/
 
*cp /usr/share/exploitdb/exploits/cgi/webapps/42344.rb ~/.msf4/modules/exploits/cgi/webapps/
 +
=Update=
 +
*sudo updatedb
 +
=Das Modul ist nun verfügbar=
 +
*msfconsole
 +
 +
*msf6 > search 42344
 +
<pre>
 +
Matching Modules
 +
================
 +
 +
  #  Name                      Disclosure Date  Rank      Check  Description
 +
  -  ----                      ---------------  ----      -----  -----------
 +
  0  exploit/cgi/webapps/42344                  excellent  No    Sonicwall SRA <= v8.1.0.2-14sv remote exploit
 +
 +
 +
Interact with a module by name or index. For example info 0, use 0 or use exploit/cgi/webapps/42344
 +
</pre>
  
 
=Links=
 
=Links=
 
https://kalinull.medium.com/how-to-add-a-module-to-metasploit-from-exploit-db-d389c2a33f6d
 
https://kalinull.medium.com/how-to-add-a-module-to-metasploit-from-exploit-db-d389c2a33f6d

Version vom 6. August 2021, 18:11 Uhr

Hinzufügen eines Exploits aus der exploitdb

  • searchsploit sonicwall 8.1.0.2-14sv
------------------------------------------------------------------------------------------------------------------------ ---------------------------------
 Exploit Title                                                                                                          |  Path
------------------------------------------------------------------------------------------------------------------------ ---------------------------------
Sonicwall 8.1.0.2-14sv - 'extensionsettings.cgi' Remote Command Injection (Metasploit)                                  | hardware/webapps/41415.rb
Sonicwall 8.1.0.2-14sv - 'viewcert.cgi' Remote Command Injection (Metasploit)                                           | hardware/webapps/41416.rb
Sonicwall < 8.1.0.2-14sv - 'sitecustomization.cgi' Command Injection (Metasploit)                                       | cgi/webapps/42344.rb
Sonicwall Secure Remote Access 8.1.0.2-14sv - Command Injection                                                         | cgi/webapps/42342.txt
------------------------------------------------------------------------------------------------------------------------ ---------------------------------
Shellcodes: No Results
Papers: No Results

Erstellen eines Directories für das Modul

  • mkdir -p ~/.msf4/modules/exploits/cgi/webapps

Kopieren des Moduls

  • cp /usr/share/exploitdb/exploits/cgi/webapps/42344.rb ~/.msf4/modules/exploits/cgi/webapps/

Update

  • sudo updatedb

Das Modul ist nun verfügbar

  • msfconsole
  • msf6 > search 42344
Matching Modules
================

   #  Name                       Disclosure Date  Rank       Check  Description
   -  ----                       ---------------  ----       -----  -----------
   0  exploit/cgi/webapps/42344                   excellent  No     Sonicwall SRA <= v8.1.0.2-14sv remote exploit


Interact with a module by name or index. For example info 0, use 0 or use exploit/cgi/webapps/42344

Links

https://kalinull.medium.com/how-to-add-a-module-to-metasploit-from-exploit-db-d389c2a33f6d

Abgerufen von „http://wiki.ixheim.de/index.php?title=Metasploit-exploitdb&oldid=26903