File tree Expand file tree Collapse file tree 4 files changed +13
-18
lines changed Expand file tree Collapse file tree 4 files changed +13
-18
lines changed Original file line number Diff line number Diff line change 11##
2- # This module requires Metasploit: http//: metasploit.com/download
2+ # This module requires Metasploit: http:// metasploit.com/download
33# Current source: https://github.com/rapid7/metasploit-framework
44##
55
@@ -15,8 +15,8 @@ def initialize(info = {})
1515 super ( update_info ( info ,
1616 'Name' => 'Solarwinds Orion AccountManagement.asmx GetAccounts Admin Creation' ,
1717 'Description' => %q{
18- This module exploits a stacked SQL injection in order to add an administrator user to the
19- SolarWinds Orion database.
18+ This module exploits a stacked SQL injection in order to add an administrator user to the
19+ SolarWinds Orion database.
2020 } ,
2121 'License' => MSF_LICENSE ,
2222 'Author' =>
Original file line number Diff line number Diff line change 11#
2- # This module requires Metasploit: http//metasploit.com/download
2+ # This module requires Metasploit: http: //metasploit.com/download
33# Current source: https://github.com/rapid7/metasploit-framework
44##
55
@@ -22,19 +22,14 @@ def initialize(info = {})
2222 sanitize inputs to some JBoss Expression Language expressions. As a
2323 result, attackers can gain remote code execution through the
2424 application server. This module leverages RCE to upload and execute
25- a meterpreter payload.
25+ a given payload.
2626
27- Versions of the JBoss AS admin-console are known to be vulnerable to
28- this exploit, without requiring authentication. Tested against
29- JBoss AS 5 and 6, running on Linux with JDKs 6 and 7.
27+ Versions of the JBoss application server (AS) admin-console are
28+ known to be vulnerable to this exploit, without requiring authentication.
29+ Tested against JBoss AS 5 and 6, running on Linux with JDKs 6 and 7.
3030
3131 This module provides a more efficient method of exploitation - it
3232 does not loop to find desired Java classes and methods.
33-
34- NOTE: the check for upload success is not 100% accurate.
35- NOTE 2: The module uploads the meterpreter JAR and a JSP to launch
36- it.
37-
3833 } ,
3934 'Author' => [ 'vulp1n3 <vulp1n3[at]gmail.com>' ] ,
4035 'References' =>
Original file line number Diff line number Diff line change @@ -15,11 +15,11 @@ def initialize(info={})
1515 super ( update_info ( info ,
1616 'Name' => 'Adobe Flash Player ByteArray With Workers Use After Free' ,
1717 'Description' => %q{
18- This module exploits an use after free vulnerability in Adobe Flash Player. The
18+ This module exploits a use- after- free vulnerability in Adobe Flash Player. The
1919 vulnerability occurs when the ByteArray assigned to the current ApplicationDomain
20- is freed from an ActionScript worker, who can fill the memory and notify the main
20+ is freed from an ActionScript worker, which can fill the memory and notify the main
2121 thread to corrupt the new contents. This module has been tested successfully on
22- Windows 7 SP1 (32 bits ), IE 8 to IE 11 and Flash 16.0.0.296.
22+ Windows 7 SP1 (32-bit ), IE 8 to IE 11 and Flash 16.0.0.296.
2323 } ,
2424 'License' => MSF_LICENSE ,
2525 'Author' =>
Original file line number Diff line number Diff line change @@ -27,8 +27,8 @@ def initialize(info={})
2727 Depending on the installation, by default the Change Advisor web server is listening on port
2828 48080 for an express install. Otherwise, this service may appear on port 8080.
2929
30- Solarwinds has released a fix for this vulnerability as FSM-v6.6.5-HotFix1.zip. You may
31- download it from the module's References section .
30+ Solarwinds has released a fix for this vulnerability as FSM-v6.6.5-HotFix1.zip, noted in the
31+ references for this module.
3232 } ,
3333 'License' => MSF_LICENSE ,
3434 'Author' =>
You can’t perform that action at this time.
0 commit comments