Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add ForceExploit to 4.3BSD (VAX) exploits #12754

Merged
merged 2 commits into from Dec 24, 2019
Merged

Add ForceExploit to 4.3BSD (VAX) exploits #12754

merged 2 commits into from Dec 24, 2019

Conversation

@wvu-r7
Copy link
Contributor

wvu-r7 commented Dec 24, 2019

#11049 already has it.

msf5 exploit(bsd/finger/morris_fingerd_bof) > run

[*] Started reverse TCP handler on 192.168.1.2:4444
[-] 127.0.0.1:79 - The connection was refused by the remote host (127.0.0.1:79).
[-] 127.0.0.1:79 - Exploit aborted due to failure: not-vulnerable: Set ForceExploit to override
[*] Exploit completed, but no session was created.
msf5 exploit(bsd/finger/morris_fingerd_bof) > previous
msf5 exploit(unix/smtp/morris_sendmail_debug) > run

[*] Started reverse TCP double handler on 192.168.1.2:4444
[-] 127.0.0.1:25 - The connection was refused by the remote host (127.0.0.1:25).
[-] 127.0.0.1:25 - Exploit aborted due to failure: not-vulnerable: Set ForceExploit to override
[*] Exploit completed, but no session was created.
msf5 exploit(unix/smtp/morris_sendmail_debug) > setg forceexploit true
forceexploit => true
msf5 exploit(unix/smtp/morris_sendmail_debug) > run

[*] Started reverse TCP double handler on 192.168.1.2:4444
[-] 127.0.0.1:25 - The connection was refused by the remote host (127.0.0.1:25).
[*] 127.0.0.1:25 - Connecting to sendmail
[-] 127.0.0.1:25 - Exploit aborted due to failure: unreachable: The connection was refused by the remote host (127.0.0.1:25).
[*] Exploit completed, but no session was created.
msf5 exploit(unix/smtp/morris_sendmail_debug) > previous
msf5 exploit(bsd/finger/morris_fingerd_bof) > run

[*] Started reverse TCP handler on 192.168.1.2:4444
[-] 127.0.0.1:79 - The connection was refused by the remote host (127.0.0.1:79).
[*] 127.0.0.1:79 - Connecting to fingerd
[-] 127.0.0.1:79 - Exploit aborted due to failure: unreachable: The connection was refused by the remote host (127.0.0.1:79).
[*] Exploit completed, but no session was created.
msf5 exploit(bsd/finger/morris_fingerd_bof) >

#10700, #10836, #11049

@wvu-r7 wvu-r7 self-assigned this Dec 24, 2019
@wvu-r7 wvu-r7 merged commit e89a596 into rapid7:master Dec 24, 2019
1 of 3 checks passed
1 of 3 checks passed
Metasploit Automation - Sanity Test Execution Running automation sanity tests. Details available on completion.
Details
continuous-integration/travis-ci/pr The Travis CI build is in progress
Details
Metasploit Automation - Test Execution Successfully completed all tests.
Details
@wvu-r7

This comment has been minimized.

Copy link
Contributor Author

wvu-r7 commented Dec 24, 2019

Release Notes

This adds the ForceExploit option to the exploit/bsd/finger/morris_fingerd_bof and exploit/unix/smtp/morris_sendmail_debug modules, enforcing an automatic check before exploitation unless ForceExploit is set.

msjenkins-r7 added a commit that referenced this pull request Dec 24, 2019
@wvu-r7 wvu-r7 deleted the wvu-r7:feature/vax branch Dec 24, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
2 participants
You can’t perform that action at this time.