Channel: Hacking Articles|Raj Chandel's Blog

↧

Gather Credential of WebNMS Framework Server using Metasploit

July 21, 2016, 9:13 am

≫ Next: Gather Credential of WebNMS Framework Server using Metasploit

≪ Previous: Beginner Guide of Cryptography (Part 1)

This module abuses two vulnerabilities in WebNMS Framework Server 5.2 to extract all user credentials. The first vulnerability is a unauthenticated file download in the FetchFile servlet, which is used to download the file containing the user credentials. The second vulnerability is that the the passwords in the file are obfuscated with a very weak algorithm which can be easily reversed. This module has been tested with WebNMS Framework Server 5.2 and 5.2 SP1 on Windows and Linux.

Exploit Targets

WebNMS Framework Server 5.2

Requirement

Attacker: kali Linux

Victim PC: WebNMS Framework Server 5.2

Open Kali terminal type msfconsole

Image may be NSFW.
Clik here to view.

Now type use auxiliary/admin/http/webnms_cred_disclosure

msf exploit (webnms_cred_disclosure)>set rhost 192.168.0.103 (IP of Remote Host)

msf exploit (webnms_cred_disclosure)>set rport 9090

msf exploit (webnms_cred_disclosure)>exploit

Image may be NSFW.
Clik here to view.

↧

Trending Articles

Black Angus Grilled Artichokes

July 16, 2016, 4:37 pm

Rajasthan Board 10th Result 2016 Roll No wise & Name Wise

August 20, 2016, 5:13 pm

DivineBitches--DiB-35420 Bella Rossi and Rob Yaeger Hi

May 7, 2014, 1:09 pm

A critical system process, C:\Windows\system32\lsass.exe, failed with status...

September 10, 2018, 11:06 pm

2-Level Leave Approval (Issue with changing of Leave Request Status from...

November 6, 2015, 5:20 pm

GS-1 / EAN 128 barcode in Smartforms

August 6, 2014, 8:02 am

16 Girls Get Pregnant After A Boy Ejaculated In A Swimming Pool

February 12, 2016, 1:51 am

toyota etios steering sensor 89245-0D070

March 14, 2025, 2:33 pm

vCenter at address https://xxx:443/sdk has invalid credentials

March 7, 2016, 8:00 am

Practice Sheet of Right form of verbs for HSC Students

September 22, 2019, 11:40 pm

Karimnagar District Police Office Mobile Numbers List in Telangana State

April 13, 2017, 3:10 am

Bureau of Internal Revenue: Regional Offices (Directory)

January 9, 2014, 11:06 pm

Lane's Photoshop Master Pack (The Complete Set) - Lane Brown (Painting +...

June 28, 2023, 2:00 am

Sarah Samis, Emil Bove III

November 17, 2012, 9:36 pm

Solved CBSE Sample Papers for Class 9 English Set 1

December 11, 2018, 9:27 pm

Osage County Jail Log, Aug. 3 – Aug. 8, 2021

August 10, 2021, 8:03 am

Reverend Holmes Williams passes away

December 19, 2014, 8:20 am

Autodiscover Won't Work - Error Code 600, Invalid request - SOLVED

July 12, 2016, 8:56 am

Download EFF Album: 12 –“ASINAMALI”

February 18, 2019, 6:51 am

Navneet Singh Tuli attempts suicide

August 3, 2018, 8:39 am

© 2025 //www.rssing.com