• Close
  • Back to search

    AlienVault OSSIM SQL Injection and Remote Code Execution

    This module exploits an unauthenticated SQL injection vulnerability affecting AlienVault OSSIM versions 4.3.1 and lower. The SQL injection issue can be abused in order to retrieve an active admin session ID. If an administrator level user is identified, remote code execution can be gained by creating a high priority policy with an action containing our payload.

    Free Metasploit Download

    Get your copy of the world's leading penetration testing tool

     Download Now

    Module Name

    exploit/linux/http/alienvault_sqli_exec

    Authors

    • Sasha Zivojinovic
    • xistence <xistence [at] 0x90.nl>

    References

    Targets

    • Alienvault OSSIM 4.3

    Platforms

    • unix

    Architectures

    • cmd

    Reliability

    Development

    Module Options

    To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':

    msf > use exploit/linux/http/alienvault_sqli_exec msf exploit(alienvault_sqli_exec) > show targets ...targets... msf exploit(alienvault_sqli_exec) > set TARGET <target-id> msf exploit(alienvault_sqli_exec) > show options ...show and set options... msf exploit(alienvault_sqli_exec) > exploit