Rapid7 Vulnerability & Exploit Database

ManageEngine DataSecurity Plus Xnode Enumeration

Back to Search

ManageEngine DataSecurity Plus Xnode Enumeration

Created
09/01/2022

Description

This module exploits default admin credentials for the DataEngine Xnode server in DataSecurity Plus versions prior to 6.0.1 (6011) in order to dump the contents of Xnode data repositories (tables), which may contain (a limited amount of) Active Directory information including domain names, host names, usernames and SIDs. This module can also be used against patched DataSecurity Plus versions if the correct credentials are provided. By default, this module dumps only the data repositories and fields (columns) specified in the configuration file (set via the CONFIG_FILE option). The configuration file is also used to add labels to the values sent by Xnode in response to a query. It is also possible to use the DUMP_ALL option to obtain all data in all known data repositories without specifying data field names. However, note that when using the DUMP_ALL option, the data won't be labeled. This module has been successfully tested against ManageEngine DataSecurity Plus 6.0.1 (6010) running on Windows Server 2012 R2.

Author(s)

  • Sahil Dhar
  • Erik Wynter

Development

Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':

msf > use auxiliary/gather/manageengine_datasecurity_plus_xnode_enum
msf auxiliary(manageengine_datasecurity_plus_xnode_enum) > show actions
    ...actions...
msf auxiliary(manageengine_datasecurity_plus_xnode_enum) > set ACTION < action-name >
msf auxiliary(manageengine_datasecurity_plus_xnode_enum) > show options
    ...show and set options...
msf auxiliary(manageengine_datasecurity_plus_xnode_enum) > run 

Time is precious, so I don’t want to do something manually that I can automate. Leveraging the Metasploit Framework when automating any task keeps us from having to re-create the wheel as we can use the existing libraries and focus our efforts where it matters.

– Jim O’Gorman | President, Offensive Security

;