def __init__(self): canvasexploit.__init__(self) self.name = NAME self.host = '' self.port = 80 self.url = '/admin/j_security_check' self.userfile = ''
def __init__(self): canvasexploit.__init__(self) self.result = "" self.supportedNodeTypes = ["LocalNode", "UnixShellNode", "win32Node", "linuxNode", "osxNode"] self.name = NAME self.directory = "." return
def __init__(self): canvasexploit.__init__(self) self.setInfo(DESCRIPTION) self.name = NAME self.installer = "/var/log/installer/cdebconf" self.debinstaller = "/var/log/debian-installer/cdebconf" return
def __init__(self): canvasexploit.__init__(self) self.name = NAME self.host = '' self.port = 80 self.base = '' self.webhost = self.host
def __init__(self): canvasexploit.__init__(self) self.setInfo(DESCRIPTION) self.name = NAME self.ReportFiles = [] self.ExploitCVEList = [] self.ExploitList = [] self.ExploitType = [] self.VulnCVEList = [] self.ReportList = [] self.ReportLists = [] self.SelectedScan = [] self.delreport = False self.port = "" self.login = "" self.password = "" self.auth = "" self.qhost = "" self.token = "" self.exploitpath = os.getcwd( ) + "/3rdparty/D2SEC/exploits/d2sec_nessus6/" self.exportpath = self.exploitpath + "export/" self.scanurl = "/scans" self.exporturl = "/scans/%s/export" self.statusurl = "/scans/%s/export/%s/status" self.reporturl = "/scans/%s/export/%s/download" self.loginurl = "/session"
def __init__(self): canvasexploit.__init__(self) self.name = NAME #self.listenerArgsDict['fromcreatethread']=1 #XXX: REMOVE LISTENER self.upload_filename = 'Resources/ms07_066.exe' self.remote_filename = '' return
def __init__(self): canvasexploit.__init__(self) self.result = "" self.name = NAME self.systemname = "\\\\127.0.0.1" self.savefile = "Your_Documents/passwordhashes.txt" return
def __init__(self): canvasexploit.__init__(self) self.name=NAME self.upload_filename='Resources/ms08_025.exe' self.remote_filename='' self.result = 0 return
def __init__(self): canvasexploit.__init__(self) self.setInfo(DESCRIPTION) self.name = NAME self.ReportFiles = [] self.ExploitCVEList = [] self.ExploitList = [] self.ExploitType = [] self.VulnCVEList = [] self.ReportList = [] self.ReportLists = [] self.SelectedScan = [] self.ScanList = {} self.delreport = False self.login = "" self.password = "" self.auth = "" self.qhost = "" self.exploitpath = os.getcwd( ) + "/3rdparty/D2SEC/exploits/d2sec_qualys/" self.exportpath = self.exploitpath + "export/" self.hosts = ["qualysapi.qualys.com", "qualysapi.qualys.eu"] self.scanurl = "/msp/scan_report_list.php" self.reporturl = "/msp/scan_report.php?ref="
def __init__(self): canvasexploit.__init__(self) self.name = NAME self.path = "/file.asp?ID=1'" self.failstring = "Peas" self.vhost = "" self.post = False
def __init__(self): canvasexploit.__init__(self) self.result = {} self.name = NAME self.serviceName = "" self.result = [] #names of nodes we restarted return
def __init__(self): canvasexploit.__init__(self) self.name = NAME self.local_path = os.getcwd() + "\\3rdparty\\D2SEC\\exploits\\d2sec_cisco_vpn\\files\\" self.profiles_path = "C:\\Program Files\\Cisco Systems\\VPN Client\\Profiles\\" return
def __init__(self): canvasexploit.__init__(self) self.name = NAME self.osdetect_mode = canvasengine.canvasengine.ASSUME_NO_RUN self.osdetect_lang = "English" return
def __init__(self): canvasexploit.__init__(self) self.name = NAME self.pptx_path = "exploits/ms12_005/Resources/bin.pptx" self.ole_path = "exploits/ms12_005/Resources/olevil.bin" # max EXE size for this one is 300K, can be adjusted if needed self.out_path = "patched.pptx" self.exe_path = ""
def __init__(self): canvasexploit.__init__(self) self.result = "" self.name = NAME self.srcfile = "." self.dstfile = "." return
def __init__(self): canvasexploit.__init__(self) self.node = '' self.pid = -1 self.supportedNodeArgs = [['linuxNode']] self.file = '/tmp/.h.gdb' self.gdb = '''set verbose off
def __init__(self): canvasexploit.__init__(self) self.name = NAME self.listenerArgsDict['fromcreatethread'] = 1 self.servicename = 'SecDrv' self.devicename = '\\\\.\\SecDrv' return
def __init__(self): canvasexploit.__init__(self) self.supportedNodeArgs = [[ "win32Node", "linuxNode", "osxNode", "localNode" ]] self.name = NAME self.result = ''
def __init__(self): canvasexploit.__init__(self) self.supportedNodeArgs = ["linuxNode"] self.name = NAME self.node = '' self.vulns = { '/var/log/wicd/wicd.log': [ 'F', 'CVE-2012-0813', 'http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0813' ], '/root/anaconda-ks.cfg': [ 'F', 'CVE-2012-0813', 'http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2664' ], '/var/log/rhncfg-actions': ['F', 'CVE-2012-2679', 'http://www.osvdb.org/show/osvdb/86396'], '/etc/pulp/pulp.conf': [ 'F', 'CVE-2012-4574', 'http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4574' ], '/var/log/nginx/access.log': [ 'F', 'CVE-2013-0337', 'http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0337' ], '/var/log/nginx/error.log': [ 'F', 'CVE-2013-0337', 'http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0337' ], '/var/cache/jboss-ec2-eap/': [ 'R', 'CVE-2012-3427', 'http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3427' ], }
def __init__(self): canvasexploit.__init__(self) self.node = "" self.supportedNodeArgs = [["linuxNode"]] self.ctrlpath = "" self.hostssh = "" self.cbackport = "5556"
def __init__(self): canvasexploit.__init__(self) self.node = "" self.host = "" self.supportedNodeArgs = [["win32Node"]] self.dstfile = 'c:\\d2sec_taskpwddmp.exe' self.name = NAME
def __init__(self): canvasexploit.__init__(self) self.result = "" self.supportedNodeTypes = [ "LocalNode", "UnixShellNode", "win32Node", "linuxNode" ] return
def __init__(self): canvasexploit.__init__(self) self.node = "" self.supportedNodeArgs = [["linuxNode"]] self.total = 3.0 self.score = 0.0 self.version = ""
def __init__(self): canvasexploit.__init__(self) self.node = "" self.host = "" self.dstfile = "c:\\temp\\s.vbs" self.supportedNodeArgs = [["win32Node"]] self.name = NAME
def __init__(self): canvasexploit.__init__(self) self.result = "" self.name = NAME self.share = "TMP" self.netname = "\\\\127.0.0.1" #no \\ on the end!!! return
def __init__(self): canvasexploit.__init__(self) self.name = NAME self.host = "" self.user = "" self.password = "" self.forgetfull = 0 #default is to cache results
def __init__(self): canvasexploit.__init__(self) self.name = NAME self.port = 25 self.banner = None self.try_hard = 0 #try to get MX if we cannot connect return
def __init__(self): canvasexploit.__init__(self) self.result = "" self.name = NAME self.filename = "." self.actime = self.modtime = "2005,01,25,04,05,06,01" return
def __init__(self): canvasexploit.__init__(self) self.name = NAME self.node = None self.lx = '3rdparty/D2SEC/exploits/d2sec_viscosity/Resources/x' # local path exploit self.lh = '3rdparty/D2SEC/exploits/d2sec_viscosity/Resources/h' # local path helper self.dx = '/tmp/x' # remote path exploit self.dh = '/tmp/h' # remote path helper
def __init__(self): canvasexploit.__init__(self) self.result = "" self.name = NAME self.hkey = "HKEY_LOCAL_MACHINE" self.key = "SYSTEM\\CurrentControlSet\\Control\\ProductOptions" self.subkey = "ProductType" return