Vulners
Lucene search
##
# This module requires Metasploit: https://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
class MetasploitModule < Msf::Exploit::Remote
Rank = ManualRanking
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Steamed Hams',
'Description' => "but it's a Metasploit Module",
'License' => MSF_LICENSE,
'Author' => [ 'bcook-r7' ],
'DisclosureDate' => '2018-04-01',
'References' => [['URL', 'https://www.youtube.com/watch?v=mkX3dO6KN54']],
'Platform' => %w[android apple_ios bsd java js linux osx nodejs php python ruby solaris unix win mainframe multi],
'Arch' => ARCH_ALL,
'Targets' => [
[ 'An Unforgettable Luncheon', {
'script' => %q(
Q2FzdDogJXllbFvwn6SUXSAlYmx1W/CfmJNdICVncm5b8J+RqfCfjqRdICVncm5b8J+RtV0gJXJl
ZFvwn5qSXQpDaGFsbWVyczogV2VsbCwgU2V5bW91ciwgSSBtYWRlIGl0LSBkZXNwaXRlIHlvdXIg
ZGlyZWN0aW9ucy4KU2tpbm5lcjogQWguIFN1cGVyaW50ZW5kZW50IENoYWxtZXJzLgpTa2lubmVy
OiBXZWxjb21lLgpTa2lubmVyOiBJIGhvcGUgeW91J3JlIHByZXBhcmVkIGZvciBhbiB1bmZvcmdl
dHRhYmxlIGx1bmNoZW9uLgpDaGFsbWVyczogWWVhaC4KU2tpbm5lcjogT2gsIGVnYWRzIQpTa2lu
bmVyOiBNeSByb2FzdCBpcyBydWluZWQuClNraW5uZXI6IEJ1dCB3aGF0IGlmIEkgd2VyZSB0byBw
dXJjaGFzZSBmYXN0IGZvb2QgYW5kIGRpc2d1aXNlIGl0IGFzIG15IG93biBjb29raW5nPwpTa2lu
bmVyOiBEZWxpZ2h0ZnVsbHkgZGV2aWxpc2gsIFNleW1vdXIuClNpbmdlcnM6IFNraW5uZXIgd2l0
aCBoaXMgY3JhenkgZXhwbGFuYXRpb25zClNpbmdlcnM6IFRoZSBzdXBlcmludGVuZGVudCdzIGdv
bm5hIG5lZWQgaGlzIG1lZGljYXRpb24KU2luZ2VyczogV2hlbiBoZSBoZWFycyBTa2lubmVyJ3Mg
bGFtZSBleGFnZ2VyYXRpb25zClNpbmdlcnM6IFRoZXJlJ2xsIGJlIHRyb3VibGUgaW4gdG93biB0
b25pZ2h0IQpDaGFsbWVyczogU2V5bW91ciEKU2tpbm5lcjogU3VwZXJpbnRlbmRlbnQsIEkgd2Fz
IGp1c3QtIHVoLCBqdXN0IHN0cmV0Y2hpbmcgbXkgY2FsdmVzIG9uIHRoZSB3aW5kb3dzaWxsLgpT
a2lubmVyOiBJc29tZXRyaWMgZXhlcmNpc2UuClNraW5uZXI6IENhcmUgdG8gam9pbiBtZT8KQ2hh
bG1lcnM6IFdoeSBpcyB0aGVyZSBzbW9rZSBjb21pbmcgb3V0IG9mIHlvdXIgb3ZlbiwgU2V5bW91
cj8KU2tpbm5lcjogVWgtIE9oLiBUaGF0IGlzbid0IHNtb2tlLgpTa2lubmVyOiBJdCdzIHN0ZWFt
LgpTa2lubmVyOiBTdGVhbSBmcm9tIHRoZSBzdGVhbWVkIGNsYW1zIHdlJ3JlIGhhdmluZy4KU2tp
bm5lcjogTW1tLiBTdGVhbWVkIGNsYW1zLgpTa2lubmVyOiBTdXBlcmludGVuZGVudCwgSSBob3Bl
IHlvdSdyZSByZWFkeSBmb3IgbW91dGh3YXRlcmluZyBoYW1idXJnZXJzLgpDaGFsbWVyczogSSB0
aG91Z2h0IHdlIHdlcmUgaGF2aW5nIHN0ZWFtZWQgY2xhbXMuClNraW5uZXI6IEQnb2gsIG5vLgpT
a2lubmVyOiBJIHNhaWQgc3RlYW1lZCBoYW1zLgpTa2lubmVyOiBUaGF0J3Mgd2hhdCBJIGNhbGwg
aGFtYnVyZ2Vycy4KQ2hhbG1lcnM6IFlvdSBjYWxsIGhhbWJ1cmdlcnMgc3RlYW1lZCBoYW1zPwpT
a2lubmVyOiBZZXMuClNraW5uZXI6IEl0J3MgYSByZWdpb25hbCBkaWFsZWN0LgpDaGFsbWVyczog
VWgtaHVoLiBVaCwgd2hhdCByZWdpb24/ClNraW5uZXI6IFVoLCB1cHN0YXRlIE5ldyBZb3JrLgpD
aGFsbWVyczogUmVhbGx5LgpDaGFsbWVyczogV2VsbCwgSSdtIGZyb20gVXRpY2EsIGFuZCBJJ3Zl
IG5ldmVyIGhlYXJkIGFueW9uZSB1c2UgdGhlIHBocmFzZSAic3RlYW1lZCBoYW1zLiIKU2tpbm5l
cjogT2gsIG5vdCBpbiBVdGljYS4gTm8uClNraW5uZXI6IEl0J3MgYW4gQWxiYW55IGV4cHJlc3Np
b24uCkNoYWxtZXJzOiBJIHNlZS4KQ2hhbG1lcnM6IFlvdSBrbm93LCB0aGVzZSBoYW1idXJnZXJz
IGFyZSBxdWl0ZSBzaW1pbGFyIHRvIHRoZSBvbmVzIHRoZXkgaGF2ZSBhdCBLcnVzdHkgQnVyZ2Vy
LgpTa2lubmVyOiBPaCwgbm8uClNraW5uZXI6IFBhdGVudGVkIFNraW5uZXIgYnVyZ2Vycy4KU2tp
bm5lcjogT2xkIGZhbWlseSByZWNpcGUuCkNoYWxtZXJzOiBGb3Igc3RlYW1lZCBoYW1zLgpTa2lu
bmVyOiBZZXMuCkNoYWxtZXJzOiBZZXMuCkNoYWxtZXJzOiBBbmQgeW91IGNhbGwgdGhlbSBzdGVh
bWVkIGhhbXMgZGVzcGl0ZSB0aGUgZmFjdCB0aGF0IHRoZXkgYXJlIG9idmlvdXNseSBncmlsbGVk
LgpTa2lubmVyOiBZZS0KU2tpbm5lcjogWW91IGtub3csIHRoZS0KU2tpbm5lcjogT25lIHRoaW5n
IEkgc2hvdWxkLSAtClNraW5uZXI6IEV4Y3VzZSBtZSBmb3Igb25lIHNlY29uZC4KQ2hhbG1lcnM6
IE9mIGNvdXJzZS4KU2tpbm5lcjogV2VsbCwgdGhhdCB3YXMgd29uZGVyZnVsLgpTa2lubmVyOiBB
IGdvb2QgdGltZSB3YXMgaGFkIGJ5IGFsbC4KU2tpbm5lcjogSSdtIHBvb3BlZC4KQ2hhbG1lcnM6
IFllcy4gSSBzaG91bGQgYmUtCkNoYWxtZXJzOiBHb29kIExvcmQhCkNoYWxtZXJzOiBXaGF0IGlz
IGhhcHBlbmluZyBpbiB0aGVyZT8KU2tpbm5lcjogQXVyb3JhIGJvcmVhbGlzLgpDaGFsbWVyczog
VWgtIEF1cm9yYSBib3JlYWxpcwpDaGFsbWVyczogYXQgdGhpcyB0aW1lIG9mIHllYXIKQ2hhbG1l
cnM6IGF0IHRoaXMgdGltZSBvZiBkYXkKQ2hhbG1lcnM6IGluIHRoaXMgcGFydCBvZiB0aGUgY291
bnRyeQpDaGFsbWVyczogbG9jYWxpemVkIGVudGlyZWx5IHdpdGhpbiB5b3VyIGtpdGNoZW4/ClNr
aW5uZXI6IFllcy4KQ2hhbG1lcnM6IE1heSBJIHNlZSBpdD8KU2tpbm5lcjogTm8uCk1vdGhlcjog
U2V5bW91ciEKTW90aGVyOiBUaGUgaG91c2UgaXMgb24gZmlyZSEKU2tpbm5lcjogTm8sIE1vdGhl
ci4gSXQncyBqdXN0IHRoZSBub3J0aGVybiBsaWdodHMuCkNoYWxtZXJzOiBXZWxsLCBTZXltb3Vy
LCB5b3UgYXJlIGFuIG9kZCBmZWxsb3cgYnV0IEkgbXVzdCBzYXkgeW91IHN0ZWFtIGEgZ29vZCBo
YW0uCk1vdGhlcjogSGVscCEKTW90aGVyOiBIZWxwIQpGaXJldHJ1Y2s6IHdoZWVlcnJycgo=)
} ],
[ 'Legitimate Theater', {
'script' => %q(
Q2FzdDogW/Cfpo1dICVibHVb8J+RqPCfmoBdICVncm5b8J+ZiPCfmYnwn5mK8J+OpF0gJWdyblvw
n5C18J+PpV0gJXJlZFvwn5mJXSAlYmx1W/CfkJLwn4+lXSAleWVsW/CfmI5dICV5ZWxb8J+Yi10g
W/Cfpo3wn5C18J+mjfCfkLVdICVibHVb8J+mjfCfkLXwn5Go8J+QtfCfpo1dCkdvcmlsbGE6IEhl
bHAsIHRoZSBodW1hbidzIGFib3V0IHRvIGVzY2FwZSEKVHJveTogR2V0IHlvdXIgcGF3cyBvZmYg
bWUsIHlvdSBkaXJ0eSBhcGUhCkdvcmlsbGE6IChnYXNwcykgSGUgY2FuIHRhbGshCk9yYW5ndXRh
bnM6IEhlIGNhbiB0YWxrISBIZSBjYW4gdGFsayEKT3Jhbmd1dGFuczogSGUgY2FuIHRhbGshIEhl
IGNhbiB0YWxrIQpPcmFuZ3V0YW5zOiBIZSBjYW4gdGFsayEgSGUgY2FuIHRhbGshClRyb3k6IEkg
Y2FuIHNpaWlpaWlpaW5nIQpDaGltcCBOdXJzZTogT29oLCBoZWxwIG1lLCBEci4gWmFpdXMhCk9y
YW5ndXRhbnM6IERyLiBaYWl1cyEgRHIuIFphaXVzIQpPcmFuZ3V0YW5zOiBEci4gWmFpdXMhIERy
LiBaYWl1cyEKT3Jhbmd1dGFuczogRHIuIFphaXVzISBEci4gWmFpdXMhCk9yYW5ndXRhbnM6IE9o
LCBEci4gWmFpdXMhCk9yYW5ndXRhbjogRHIuIFphaXVzISBEci4gWmFpdXMhClRyb3k6IFdoYXQn
cyB3cm9uZyB3aXRoIG1lPwpaYWl1czogSSB0aGluayB5b3UncmUgY3JhenkuClRyb3k6IFdhbnQg
YSBzZWNvbmQgb3Bpbmlvbi4KWmFpdXM6IFlvdSdyZSBhbHNvIGxhenkuCk9yYW5ndXRhbnM6IERy
LiBaYWl1cyEgRHIuIFphaXVzIQpPcmFuZ3V0YW5zOiBEci4gWmFpdXMhIERyLiBaYWl1cyEKT3Jh
bmd1dGFuczogRHIuIFphaXVzISBEci4gWmFpdXMhCk9yYW5ndXRhbnM6IE9oLCBEci4gWmFpdXMh
Ck9yYW5ndXRhbjogRHIuIFphaXVzISBEci4gWmFpdXMhClRyb3k6IENhbiBJIHBsYXkgdGhlIHBp
YW5vIGFueW1vcmU/ClphaXVzOiBPZiBjb3Vyc2UgeW91IGNhbi4KVHJveTogV2VsbCwgSSBjb3Vs
ZG4ndCBiZWZvcmUuClRyb3k6IChwbGF5cyB0aGUgcGlhbm8pCk9yYW5ndXRhbnM6IERyLiBaYWl1
cyEgRHIuIFphaXVzIQpPcmFuZ3V0YW5zOiBEci4gWmFpdXMhIERyLiBaYWl1cyEKT3Jhbmd1dGFu
czogRHIuIFphaXVzISBEci4gWmFpdXMhCk9yYW5ndXRhbnM6IE9oLCBEci4gWmFpdXMhCk9yYW5n
dXRhbjogRHIuIFphaXVzISBEci4gWmFpdXMhCkJhcnQ6IFRoaXMgcGxheSBoYXMgZXZlcnl0aGlu
Zy4KSG9tZXI6IE9oLCBJIGxvdmUgbGVnaXRpbWF0ZSB0aGUtYS10ZXIuClRyb3k6IEkgaGF0ZSBl
dmVyeSBhcGUgSSBzZWUKVHJveTogRnJvbSBjaGltcGFuLWEgdG8gY2hpbXBhbi16LApUcm95OiBO
bywgeW91J2xsIG5ldmVyIG1ha2UgYSBtb25rZXkgb3V0IG9mIG1lLgpUcm95OiBPaCwgbXkgR29k
LCBJIHdhcyB3cm9uZywKVHJveTogSXQgd2FzIEVhcnRoIGFsbCBhbG9uZy4KVHJveTogWW91IGZp
bmFsbHkgbWFkZSBhIG1vbmtleS4uLgpBcGVzOiBZZXMgd2UgZmluYWxseSBtYWRlIGEgbW9ua2V5
Li4uClRyb3kgYW5kIEFwZXM6IFllcywgeW91IGZpbmFsbHkgbWFkZSBhIG1vbmtleSBvdXQgb2Yg
bWUhClRyb3k6IEkgbG92ZSB5b3UsIERyLiBaYWl1cyEK)
} ],
],
'DefaultTarget' => 0,
)
)
end
def exploit
cast = []
castmap = {}
Base64.decode64(target['script']).each_line do |line|
target, msg = line.split(':').map(&:strip)
if target == 'Cast'
cast = msg.split(' ')
castmap = Hash.new { |hash, key| hash[key] = cast.rotate![-1] }
else
t = datastore['VERBOSE'] ? " #{target}:" : ""
print_line("%bld#{castmap[target]}#{t}%clr #{msg}")
sleep(0.30 * msg.split(' ').length)
end
end
end
end
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
02 Oct 2020 20:00Current
7.3High risk
Vulners AI Score7.3