Metasploit-exploitdb: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
| (2 dazwischenliegende Versionen desselben Benutzers werden nicht angezeigt) | |||
| Zeile 16: | Zeile 16: | ||
*mkdir -p ~/.msf4/modules/exploits/cgi/webapps | *mkdir -p ~/.msf4/modules/exploits/cgi/webapps | ||
=Kopieren des Moduls= | =Kopieren des Moduls= | ||
| − | * | + | *EXPLOITDB_DIR=/usr/share/exploitdb/exploits |
| + | *cp $EXPLOITDB_DIR/cgi/webapps/42344.rb ~/.msf4/modules/exploits/cgi/webapps/ | ||
| + | |||
=Update= | =Update= | ||
*sudo updatedb | *sudo updatedb | ||
| Zeile 34: | Zeile 36: | ||
Interact with a module by name or index. For example info 0, use 0 or use exploit/cgi/webapps/42344 | Interact with a module by name or index. For example info 0, use 0 or use exploit/cgi/webapps/42344 | ||
</pre> | </pre> | ||
| + | =Alle Module einfügen= | ||
| + | ;Noch nicht getestet | ||
| + | *cd /usr/share/exploitdb/exploits | ||
| + | *find -name *.rb | xargs tar -czf - | tar -C ~/.msf4/modules/exploits -xvzf - | ||
=Links= | =Links= | ||
https://kalinull.medium.com/how-to-add-a-module-to-metasploit-from-exploit-db-d389c2a33f6d | https://kalinull.medium.com/how-to-add-a-module-to-metasploit-from-exploit-db-d389c2a33f6d | ||
Aktuelle Version vom 6. August 2021, 18:38 Uhr
Hinzufügen eines Exploits aus der exploitdb
- searchsploit sonicwall 8.1.0.2-14sv
------------------------------------------------------------------------------------------------------------------------ --------------------------------- Exploit Title | Path ------------------------------------------------------------------------------------------------------------------------ --------------------------------- Sonicwall 8.1.0.2-14sv - 'extensionsettings.cgi' Remote Command Injection (Metasploit) | hardware/webapps/41415.rb Sonicwall 8.1.0.2-14sv - 'viewcert.cgi' Remote Command Injection (Metasploit) | hardware/webapps/41416.rb Sonicwall < 8.1.0.2-14sv - 'sitecustomization.cgi' Command Injection (Metasploit) | cgi/webapps/42344.rb Sonicwall Secure Remote Access 8.1.0.2-14sv - Command Injection | cgi/webapps/42342.txt ------------------------------------------------------------------------------------------------------------------------ --------------------------------- Shellcodes: No Results Papers: No Results
Erstellen eines Directories für das Modul
- mkdir -p ~/.msf4/modules/exploits/cgi/webapps
Kopieren des Moduls
- EXPLOITDB_DIR=/usr/share/exploitdb/exploits
- cp $EXPLOITDB_DIR/cgi/webapps/42344.rb ~/.msf4/modules/exploits/cgi/webapps/
Update
- sudo updatedb
Das Modul ist nun verfügbar
- msfconsole
- msf6 > search 42344
Matching Modules ================ # Name Disclosure Date Rank Check Description - ---- --------------- ---- ----- ----------- 0 exploit/cgi/webapps/42344 excellent No Sonicwall SRA <= v8.1.0.2-14sv remote exploit Interact with a module by name or index. For example info 0, use 0 or use exploit/cgi/webapps/42344
Alle Module einfügen
- Noch nicht getestet
- cd /usr/share/exploitdb/exploits
- find -name *.rb | xargs tar -czf - | tar -C ~/.msf4/modules/exploits -xvzf -
Links
https://kalinull.medium.com/how-to-add-a-module-to-metasploit-from-exploit-db-d389c2a33f6d