Skip to content

Commit 9dc4ee5

Browse files
David MaloneyBrent Cook
David Maloney
authored and
Brent Cook
committed
minor fixes to linux example module
fixed a copy paste error in the linux_autotarget test exploit and added actual linux targets to it
1 parent 5fd5310 commit 9dc4ee5

File tree

1 file changed

+106
-2
lines changed

1 file changed

+106
-2
lines changed

spec/file_fixtures/modules/exploits/auto_target_linux.rb

Lines changed: 106 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@ class MetasploitModule < Msf::Exploit::Remote
77
def initialize(info = {})
88
super(update_info(info,
99
'Name' => 'Exploit Auto-Targeting for Linux',
10-
'Description' => %q{ This module is a test bed for automatic targeting for Windows exploits. },
10+
'Description' => %q{ This module is a test bed for automatic targeting for Linux exploits. },
1111
'Author' => [ 'thelightcosine' ],
1212
'License' => MSF_LICENSE,
1313
'Privileged' => true,
@@ -21,11 +21,115 @@ def initialize(info = {})
2121
'Space' => 3072,
2222
'DisableNops' => true
2323
},
24-
'Platform' => 'win',
24+
'Platform' => 'linux',
2525
'Arch' => [ARCH_X86, ARCH_X64],
2626
'Targets' =>
2727
[
28+
['Linux Heap Brute Force (Debian/Ubuntu)',
29+
{
30+
'Platform' => 'linux',
31+
'Arch' => [ ARCH_X86 ],
32+
'Nops' => 64*1024,
33+
'Bruteforce' =>
34+
{
35+
'Start' => { 'Ret' => 0x08352000 },
36+
'Stop' => { 'Ret' => 0x0843d000 },
37+
'Step' => 60*1024,
2838

39+
}
40+
}
41+
],
42+
43+
['Linux Heap Brute Force (Gentoo)',
44+
{
45+
'Platform' => 'linux',
46+
'Arch' => [ ARCH_X86 ],
47+
'Nops' => 64*1024,
48+
'Bruteforce' =>
49+
{
50+
'Start' => { 'Ret' => 0x80310000 },
51+
'Stop' => { 'Ret' => 0x8042f000 },
52+
'Step' => 60*1024,
53+
54+
}
55+
}
56+
],
57+
58+
59+
60+
['Linux Heap Brute Force (Mandriva)',
61+
{
62+
'Platform' => 'linux',
63+
'Arch' => [ ARCH_X86 ],
64+
'Nops' => 64*1024,
65+
'Bruteforce' =>
66+
{
67+
'Start' => { 'Ret' => 0x80380000 },
68+
'Stop' => { 'Ret' => 0x8045b000 },
69+
'Step' => 60*1024,
70+
71+
}
72+
}
73+
],
74+
75+
['Linux Heap Brute Force (RHEL/CentOS)',
76+
{
77+
'Platform' => 'linux',
78+
'Arch' => [ ARCH_X86 ],
79+
'Nops' => 64*1024,
80+
'Bruteforce' =>
81+
{
82+
'Start' => { 'Ret' => 0xb800f000 },
83+
'Stop' => { 'Ret' => 0xb80c9000 },
84+
'Step' => 60*1024,
85+
86+
}
87+
}
88+
],
89+
90+
['Linux Heap Brute Force (SUSE)',
91+
{
92+
'Platform' => 'linux',
93+
'Arch' => [ ARCH_X86 ],
94+
'Nops' => 64*1024,
95+
'Bruteforce' =>
96+
{
97+
'Start' => { 'Ret' => 0x80365000 },
98+
'Stop' => { 'Ret' => 0x80424000 },
99+
'Step' => 60*1024,
100+
101+
}
102+
}
103+
],
104+
105+
['Linux Heap Brute Force (Slackware)',
106+
{
107+
'Platform' => 'linux',
108+
'Arch' => [ ARCH_X86 ],
109+
'Nops' => 64*1024,
110+
'Bruteforce' =>
111+
{
112+
'Start' => { 'Ret' => 0x8033c000 },
113+
'Stop' => { 'Ret' => 0x80412000 },
114+
'Step' => 60*1024,
115+
116+
}
117+
}
118+
],
119+
120+
['Linux Heap Brute Force (OpenWRT MIPS)',
121+
{
122+
'Platform' => 'linux',
123+
'Arch' => [ ARCH_MIPSBE ],
124+
'Nops' => 64*1024,
125+
'Bruteforce' =>
126+
{
127+
'Start' => { 'Ret' => 0x55900000 },
128+
'Stop' => { 'Ret' => 0x559c0000 },
129+
'Step' => 60*1024,
130+
}
131+
}
132+
]
29133
],
30134
'DisclosureDate' => 'Jan 01 1999'
31135
))

0 commit comments

Comments
 (0)