Skip to content

Commit

Permalink
Tweak some messages and cleanup markdown table
Browse files Browse the repository at this point in the history
  • Loading branch information
@smcintyre-r7
smcintyre-r7 committed Jun 22, 2023
1 parent a05bde2 commit dfd4505
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 11 deletions.
16 changes: 8 additions & 8 deletions documentation/modules/exploit/windows/http/moveit_cve_2023_34362.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,14 +7,14 @@ attacker can leverage an information leak be able to upload a .NET deserializati
## Vulnerable Applications
MOVEit Transfer versions:

| Starting Version | Patched Version |
------------------|-----------------|
| 2023.0.0 |2023.0.3 (15.0.3)|
| 2022.1.x | 2022.1.7 (14.1.7)|
| 2022.0.x | 2022.0.6 (14.0.6)|
| 2021.1.x | 2021.1.6 (13.1.6)|
| 2021.0.x | 2021.0.8 (13.0.8) |
|2020.1.x | 2020.1.10 (12.1.10) |
| Starting Version | Patched Version |
|------------------|---------------------|
| 2023.0.0 | 2023.0.3 (15.0.3) |
| 2022.1.x | 2022.1.7 (14.1.7) |
| 2022.0.x | 2022.0.6 (14.0.6) |
| 2021.1.x | 2021.1.6 (13.1.6) |
| 2021.0.x | 2021.0.8 (13.0.8) |
| 2020.1.x | 2020.1.10 (12.1.10) |

# Installation Instructions
1. Installation requires a valid trial license that can be obtained by going here:
Expand Down
5 changes: 2 additions & 3 deletions modules/exploits/windows/http/moveit_cve_2023_34362.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -135,7 +135,6 @@ def cleanup
end

def cleanup_user(files_json)
vprint_status('cleaning up user')
hax_username = datastore['USERNAME']
hax_loginname = datastore['LOGIN_NAME']
deleteuser_payload = [
Expand Down Expand Up @@ -330,12 +329,12 @@ def populate_token_instid
# Get the session id from the cookies
fail_with(Msf::Exploit::Failure::Unknown, 'Could not find token from cookies!') unless cookies =~ /ASP.NET_SessionId=([a-z0-9]+);/
@moveit_token = ::Regexp.last_match(1)
vprint_status("@moveit_token = #{@moveit_token}")
vprint_status("Received ASP.NET_SessionId cookie: #{@moveit_token}")

# Get the InstID from the cookies
fail_with(Msf::Exploit::Failure::Unknown, 'Could not find InstID from cookies!') unless cookies =~ /siLockLongTermInstID=([0-9]+);/
@moveit_instid = ::Regexp.last_match(1)
vprint_status("@moveit_instid = #{@moveit_instid}")
vprint_status("Received siLockLongTermInstID cookie: #{@moveit_instid}")
end
true
end
Expand Down

0 comments on commit dfd4505

Please sign in to comment.