Metasploit Penetration Testing Framework
Novell eDirectory DHOST Predictable Session Cookie
This module is able to predict the next session cookie value issued by the DHOST web service of Novell eDirectory 8.8.5. An attacker can run this module, wait until the real administrator logs in, then specify the predicted cookie value to hijack their session.
Rank
- Normal
Authors
- hdm < hdm [at] metasploit.com >
References
Development
Similar Modules
Usage Information
$ msfconsole
## ### ## ##
## ## #### ###### #### ##### ##### ## #### ######
####### ## ## ## ## ## ## ## ## ## ## ### ##
####### ###### ## ##### #### ## ## ## ## ## ## ##
## # ## ## ## ## ## ## ##### ## ## ## ## ##
## ## #### ### ##### ##### ## #### #### #### ###
##
msf > use auxiliary/admin/edirectory/edirectory_dhost_cookie
msf auxiliary(edirectory_dhost_cookie) > set RHOST [TARGET IP]
msf auxiliary(edirectory_dhost_cookie) > run
## ### ## ##
## ## #### ###### #### ##### ##### ## #### ######
####### ## ## ## ## ## ## ## ## ## ## ### ##
####### ###### ## ##### #### ## ## ## ## ## ## ##
## # ## ## ## ## ## ## ##### ## ## ## ## ##
## ## #### ### ##### ##### ## #### #### #### ###
##
msf > use auxiliary/admin/edirectory/edirectory_dhost_cookie
msf auxiliary(edirectory_dhost_cookie) > set RHOST [TARGET IP]
msf auxiliary(edirectory_dhost_cookie) > run
Module Options
| RHOST | The target address |
| RPORT | The target port (default: 8030) |
| SSL | Use SSL (default: true) |
| CHOST | The local client address |
| CPORT | The local client port |
| ConnectTimeout | Maximum number of seconds to establish a TCP connection |
| Proxies | Use a proxy chain |
| SSLVersion | Specify the version of SSL that should be used (accepted: SSL2, SSL3, TLS1) |
| WORKSPACE | Specify the workspace for this module |
| TCP::max_send_size | Maxiumum tcp segment size. (0 = disable) |
| TCP::send_delay | Delays inserted before every send. (0 = disable) |
Metasploit Framework 3.3.3Copyright © 2003-2010 Rapid7 LLC