728x90
AlienVault OSSIM SQL Injection and Remote Code Execution
This module exploits an unauthenticated SQL injection vulnerability affecting AlienVault OSSIM versions 4.3.1 and lower. The SQL injection issue can be abused in order to retrieve an active admin session ID. If an administrator level user is identified, remote code execution can be gained by creating a high priority policy with an action containing our payload.
Module Name
exploit/linux/http/alienvault_sqli_exec
Authors
- Sasha Zivojinovic
- xistence <xistence [at] 0x90.nl>
References
Targets
- Alienvault OSSIM 4.3
Platforms
- unix
Architectures
- cmd
Reliability
Development
Module Options
To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':
msf > use exploit/linux/http/alienvault_sqli_exec
msf exploit(alienvault_sqli_exec) > show targets
...targets...
msf exploit(alienvault_sqli_exec) > set TARGET <target-id>
msf exploit(alienvault_sqli_exec) > show options
...show and set options...
msf exploit(alienvault_sqli_exec) > exploit
728x90
'Metasploit ' 카테고리의 다른 글
| F5 BIG-IQ 4.1.0.2013.0 - Privilege Escalation (0) | 2014.05.03 |
|---|---|
| Apache Struts ClassLoader Manipulation Remote Code Execution (0) | 2014.05.03 |
| SSLsplit - transparent and scalable SSL/TLS interception (0) | 2014.04.20 |
| Executing MSF Payloads via PowerShell Webshellery (0) | 2014.04.18 |
| Firefox Gather History from Privileged Javascript Shell (0) | 2014.04.16 |