Module: Msf::Exploit::Remote::HTTP::NagiosXi
- Defined in:
- lib/msf/core/exploit/remote/http/nagios_xi.rb
Overview
This module provides a way of interacting with Nagios XI installations
Defined Under Namespace
Modules: Install, Login, RceCheck, URIs, Version
Constant Summary
Constants included from Version
Version::PRE_5_2_VERSION_REGEX
Constants included from Login
Instance Attribute Summary
Attributes included from Msf::Exploit::Remote::HttpClient
Instance Method Summary collapse
Methods included from Version
#nagios_xi_version, #nagios_xi_version_no_auth
Methods included from URIs
#nagios_xi_backend_url, #nagios_xi_install_url, #nagios_xi_login_url
Methods included from RceCheck
#add_cve_module_to_hash, #nagios_xi_rce_check
Methods included from Login
#authenticate, #clean_cookies, #extract_auth_cookies, #get_nsp, #handle_unsigned_license, #install_full_nagios, #login_after_install_or_license, #nagios_xi_login, #visit_nagios_dashboard
Methods included from Install
#install_nagios_xi, #sign_license_agreement
Methods included from Msf::Exploit::Remote::HttpClient
#basic_auth, #cleanup, #configure_http_login_scanner, #connect, #connect_ws, #deregister_http_client_options, #disconnect, #download, #full_uri, #handler, #http_fingerprint, #lookup_http_fingerprints, #normalize_uri, #path_from_uri, #peer, #proxies, #reconfig_redirect_opts!, #request_opts_from_url, #request_url, #rhost, #rport, #send_request_cgi, #send_request_cgi!, #send_request_raw, #service_details, #setup, #ssl, #ssl_version, #strip_tags, #target_uri, #validate_fingerprint, #vhost
Methods included from Auxiliary::Report
#active_db?, #create_cracked_credential, #create_credential, #create_credential_and_login, #create_credential_login, #db, #db_warning_given?, #get_client, #get_host, #inside_workspace_boundary?, #invalidate_login, #mytask, #myworkspace, #myworkspace_id, #report_auth_info, #report_client, #report_exploit, #report_host, #report_loot, #report_note, #report_service, #report_vuln, #report_web_form, #report_web_page, #report_web_site, #report_web_vuln, #store_cred, #store_local, #store_loot
Methods included from Metasploit::Framework::Require
optionally, optionally_active_record_railtie, optionally_include_metasploit_credential_creation, #optionally_include_metasploit_credential_creation, optionally_require_metasploit_db_gem_engines
Instance Method Details
#initialize(info = {}) ⇒ Object
16 17 18 19 20 21 22 23 24 25 26 27 28 |
# File 'lib/msf/core/exploit/remote/http/nagios_xi.rb', line 16 def initialize(info = {}) super ( [ Msf::OptString.new('TARGETURI', [true, 'The base path to the Nagios XI application', '/nagiosxi/']), Msf::OptString.new('USERNAME', [false, 'Username to authenticate with', 'nagiosadmin']), Msf::OptString.new('PASSWORD', [false, 'Password to authenticate with', nil]), Msf::OptBool.new('FINISH_INSTALL', [false, 'If the Nagios XI installation has not been completed, try to do so. This includes signing the license agreement.', false]) ], Msf::Exploit::Remote::HTTP::NagiosXi ) end |