module
Network Shutdown Module sort_values Credential Dumper
| Disclosed | Created |
|---|---|
| 2012-06-26 | 2018-05-30 |
Disclosed
2012-06-26
Created
2018-05-30
Description
This module will extract user credentials from Network Shutdown Module
versions 3.21 and earlier by exploiting a vulnerability found in
lib/dbtools.inc, which uses unsanitized user input inside a eval() call.
Please note that in order to extract credentials, the vulnerable service
must have at least one USV module (an entry in the "nodes" table in
mgedb.db).
versions 3.21 and earlier by exploiting a vulnerability found in
lib/dbtools.inc, which uses unsanitized user input inside a eval() call.
Please note that in order to extract credentials, the vulnerable service
must have at least one USV module (an entry in the "nodes" table in
mgedb.db).
Authors
h0ng10
sinn3r [email protected]
sinn3r [email protected]
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.