Updated description, credit, and URL

Tod Beardsley · Tod Beardsley · commit 1e8f98c28509 · 2015-02-10T11:25:13.000-06:00
diff --git a/modules/auxiliary/admin/android/google_play_store_uxss_xframe_rce.rb b/modules/auxiliary/admin/android/google_play_store_uxss_xframe_rce.rb
@@ -14,27 +14,29 @@ def initialize(info = {})
     super(update_info(info,
       'Name'           => 'Android Browser RCE Through Google Play Store XFO',
       'Description'    => %q{
-        This module combines two vulnerabilities to achieve remote code execution on affected
-        Android devices. First, the module exploits a Universal Cross-Site Scripting (UXSS)
-        vulnerability present in versions of Android's open source stock browser (the AOSP Browser)
-        prior to 4.4. Second, the Google Play store's web interface fails to enforce a
-        X-Frame-Options: DENY header (XFO) on some error pages, and therefore, can be targeted for script
-        injection. As a result, this leads to remote code execution through Google Play's remote
-        installation feature, as any application available on the Google Play store can be installed
-        and launched on the user's device.
+        This module combines two vulnerabilities to achieve remote code
+        execution on affected Android devices. First, the module exploits
+        CVE-2014-6041, a Universal Cross-Site Scripting (UXSS) vulnerability present in
+        versions of Android's open source stock browser (the AOSP Browser) prior to
+        4.4. Second, the Google Play store's web interface fails to enforce a
+        X-Frame-Options: DENY header (XFO) on some error pages, and therefore, can be
+        targeted for script injection. As a result, this leads to remote code execution
+        through Google Play's remote installation feature, as any application available
+        on the Google Play store can be installed and launched on the user's device.
 
         This module requires that the user is logged into Google with a vulnerable browser.
 
         To list the activities in an APK, you can use `aapt dump badging /path/to/app.apk`.
       },
       'Author'         => [
         'Rafay Baloch', # Original UXSS vulnerability
-        'joev'          # Metasploit module
+        'joev'          # Play Store vector and Metasploit module
       ],
       'License'        => MSF_LICENSE,
       'Actions'        => [[ 'WebServer' ]],
       'PassiveActions' => [ 'WebServer' ],
       'References' => [
+        [ 'URL', 'https://community.rapid7.com/community/metasploit/blog/2014/09/15/major-android-bug-is-a-privacy-disaster-cve-2014-6041'],
         [ 'URL', 'http://1337day.com/exploit/description/22581' ],
         [ 'OSVDB', '110664' ],
         [ 'CVE', '2014-6041' ]
