module

Sage X3 AdxAdmin Login Scanner

Try Surface Command
Back to search
Disclosed
N/A
Created
Jul 21, 2021

Description

This module allows an attacker to perform a password guessing attack against
the Sage X3 AdxAdmin service, which in turn can be used to authenticate to
a local Windows account.

This module implements the X3Crypt function to 'encrypt' any passwords to
be used during the authentication process, given a plaintext password.

Author

Jonathan Peterson [email protected]

References

Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':


    msf > use auxiliary/scanner/sage/x3_adxsrv_login
    msf auxiliary(x3_adxsrv_login) > show actions
        ...actions...
    msf auxiliary(x3_adxsrv_login) > set ACTION < action-name >
    msf auxiliary(x3_adxsrv_login) > show options
        ...show and set options...
    msf auxiliary(x3_adxsrv_login) > run
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today