module

ManageEngine DataSecurity Plus Xnode Enumeration

Disclosed
N/A
Created
Sep 1, 2022

Description

This module exploits default admin credentials for the DataEngine
Xnode server in DataSecurity Plus versions prior to 6.0.1 (6011)
in order to dump the contents of Xnode data repositories (tables),
which may contain (a limited amount of) Active Directory
information including domain names, host names, usernames and SIDs.
This module can also be used against patched DataSecurity Plus
versions if the correct credentials are provided.

By default, this module dumps only the data repositories and fields
(columns) specified in the configuration file (set via the
CONFIG_FILE option). The configuration file is also used to
add labels to the values sent by Xnode in response to a query.

It is also possible to use the DUMP_ALL option to obtain all data
in all known data repositories without specifying data field names.
However, note that when using the DUMP_ALL option, the data won't be labeled.

This module has been successfully tested against ManageEngine
DataSecurity Plus 6.0.1 (6010) running on Windows Server 2012 R2.

Authors

Sahil Dhar
Erik Wynter

Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':


msf > use auxiliary/gather/manageengine_datasecurity_plus_xnode_enum
msf auxiliary(manageengine_datasecurity_plus_xnode_enum) > show actions
...actions...
msf auxiliary(manageengine_datasecurity_plus_xnode_enum) > set ACTION < action-name >
msf auxiliary(manageengine_datasecurity_plus_xnode_enum) > show options
...show and set options...
msf auxiliary(manageengine_datasecurity_plus_xnode_enum) > run

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.