Module: Msf::Exploit::Remote::HTTP::ManageEngineAdauditPlus

Includes:
JsonPostData, Login, StatusCodes, TargetInfo, URIs, Msf::Exploit::Remote::HttpClient
Defined in:
lib/msf/core/exploit/remote/http/manage_engine_adaudit_plus.rb

Overview

This module provides a way of interacting with ManageEngine ADAudit Plus installations

Defined Under Namespace

Modules: JsonPostData, Login, StatusCodes, TargetInfo, URIs

Constant Summary

Constants included from StatusCodes

StatusCodes::CONNECTION_FAILED, StatusCodes::NO_ACCESS, StatusCodes::NO_BUILD_NUMBER, StatusCodes::NO_DOMAINS, StatusCodes::SUCCESS, StatusCodes::UNEXPECTED_REPLY

Instance Attribute Summary

Attributes included from Msf::Exploit::Remote::HttpClient

#client, #cookie_jar

Instance Method Summary collapse

Methods included from URIs

#adaudit_api_alertprofiles_save_uri, #adaudit_api_js_message_uri, #adaudit_plus_configured_domains_uri, #adaudit_plus_gpo_watcher_data_uri, #adaudit_plus_jump_to_js_uri, #adaudit_plus_license_details_uri, #adaudit_plus_login_uri

Methods included from Msf::Exploit::Remote::HttpClient

#basic_auth, #cleanup, #configure_http_login_scanner, #connect, #connect_ws, #deregister_http_client_options, #disconnect, #download, #full_uri, #handler, #http_fingerprint, #lookup_http_fingerprints, #normalize_uri, #path_from_uri, #peer, #proxies, #reconfig_redirect_opts!, #request_opts_from_url, #request_url, #rhost, #rport, #send_request_cgi, #send_request_cgi!, #send_request_raw, #service_details, #setup, #ssl, #ssl_version, #strip_tags, #target_uri, #validate_fingerprint, #vhost

Methods included from Auxiliary::LoginScanner

#configure_login_scanner

Methods included from Auxiliary::Report

#active_db?, #create_cracked_credential, #create_credential, #create_credential_and_login, #create_credential_login, #db, #db_warning_given?, #get_client, #get_host, #inside_workspace_boundary?, #invalidate_login, #mytask, #myworkspace, #myworkspace_id, #report_auth_info, #report_client, #report_exploit, #report_host, #report_loot, #report_note, #report_service, #report_vuln, #report_web_form, #report_web_page, #report_web_site, #report_web_vuln, #store_cred, #store_local, #store_loot

Methods included from Metasploit::Framework::Require

optionally, optionally_active_record_railtie, optionally_include_metasploit_credential_creation, #optionally_include_metasploit_credential_creation, optionally_require_metasploit_db_gem_engines

Methods included from TargetInfo

#adaudit_plus_grab_build, #adaudit_plus_grab_configured_domains, #adaudit_plus_grab_domain_aliases, #adaudit_plus_target_check, #gpo_watcher_data_check

Methods included from StatusCodes

#adaudit_plus_status

Methods included from Login

#adaudit_plus_login

Methods included from JsonPostData

#generate_gpo_watcher_data_json, #generate_ver_file_name

Instance Method Details

#initialize(info = {}) ⇒ Object 



14
15
16
17
18
19
20
21
22
23
24
25
 
# File 'lib/msf/core/exploit/remote/http/manage_engine_adaudit_plus.rb', line 14

def initialize(info = {})
  super

  register_options(
    [
      Msf::OptString.new('TARGETURI', [true, 'The base path to the ManageEngine ADAudit Plus application', '/']),
      Msf::OptString.new('USERNAME', [false, 'Username to authenticate with', 'admin']),
      Msf::OptString.new('PASSWORD', [false, 'Password to authenticate with', 'admin']),

    ], Msf::Exploit::Remote::HTTP::ManageEngineAdauditPlus
  )
end