Code review

cdelafuente-r7 · cdelafuente-r7 · commit 3b727fbaf2df · 2025-10-14T16:25:43.000+02:00
diff --git a/modules/auxiliary/admin/smb/change_password.rb b/modules/auxiliary/admin/smb/change_password.rb
@@ -26,6 +26,7 @@ def initialize(info = {})
         ],
         'References' => [
           ['URL', 'https://github.com/fortra/impacket/blob/master/examples/changepasswd.py'],
+          [ 'ATT&CK', Mitre::Attack::Technique::T1021_002_SMB_WINDOWS_ADMIN_SHARES ]
         ],
         'Notes' => {
           'Stability' => [CRASH_SAFE],
diff --git a/modules/auxiliary/admin/smb/delete_file.rb b/modules/auxiliary/admin/smb/delete_file.rb
@@ -30,6 +30,9 @@ def initialize
         'mubix' # copied from hdm upload_file module
       ],
       'License' => MSF_LICENSE,
+      'References' => [
+        [ 'ATT&CK', Mitre::Attack::Technique::T1021_002_SMB_WINDOWS_ADMIN_SHARES ]
+      ],
       'Notes' => {
         'Stability' => [OS_RESOURCE_LOSS],
         'SideEffects' => [],
diff --git a/modules/auxiliary/admin/smb/psexec_ntdsgrab.rb b/modules/auxiliary/admin/smb/psexec_ntdsgrab.rb
@@ -35,7 +35,8 @@ def initialize(info = {})
         'References' => [
           [ 'URL', 'http://sourceforge.net/projects/smbexec' ],
           [ 'URL', 'https://www.optiv.com/blog/owning-computers-without-shell-access' ],
-          [ 'ATT&CK', Mitre::Attack::Technique::T1003_003_NTDS ]
+          [ 'ATT&CK', Mitre::Attack::Technique::T1003_003_NTDS ],
+          [ 'ATT&CK', Mitre::Attack::Technique::T1021_002_SMB_WINDOWS_ADMIN_SHARES ]
         ],
         'Notes' => {
           'Stability' => [CRASH_SAFE],
diff --git a/modules/exploits/linux/misc/igel_command_injection.rb b/modules/exploits/linux/misc/igel_command_injection.rb
@@ -36,6 +36,7 @@ def initialize(info = {})
           [ 'CVE', '2025-34082' ],
           [ 'URL', 'https://kb.igel.com/securitysafety/en/isn-2021-01-igel-os-remote-command-execution-vulnerability-41449239.html' ],
           [ 'URL', 'https://www.igel.com/wp-content/uploads/2021/02/lxos_11.04.270.txt' ],
+          [ 'ATT&CK', Mitre::Attack::Technique::T1021_REMOTE_SERVICES ], # Telnet service
           [ 'ATT&CK', Mitre::Attack::Technique::T1021_005_VNC ]
         ],
         'Platform' => ['linux'],
diff --git a/modules/exploits/multi/http/tomcat_mgr_upload.rb b/modules/exploits/multi/http/tomcat_mgr_upload.rb
@@ -62,7 +62,8 @@ def initialize(info = {})
           ['BID', '36954'],
 
           # tomcat docs
-          ['URL', 'http://tomcat.apache.org/tomcat-5.5-doc/manager-howto.html']
+          ['URL', 'http://tomcat.apache.org/tomcat-5.5-doc/manager-howto.html'],
+          ['ATT&CK', Mitre::Attack::Technique::T1021_REMOTE_SERVICES],
         ],
         'Platform' => %w{java linux win}, # others?
         'Targets' => [
diff --git a/modules/post/osx/gather/vnc_password_osx.rb b/modules/post/osx/gather/vnc_password_osx.rb
@@ -23,10 +23,7 @@ def initialize(info = {})
           'Stability' => [CRASH_SAFE],
           'SideEffects' => [],
           'Reliability' => []
-        },
-        'References' => [
-          [ 'ATT&CK', Mitre::Attack::Technique::T1021_005_VNC ]
-        ]
+        }
       )
     )
   end
diff --git a/modules/post/windows/gather/credentials/mremote.rb b/modules/post/windows/gather/credentials/mremote.rb
@@ -33,12 +33,7 @@ def initialize(info = {})
           'Stability' => [CRASH_SAFE],
           'SideEffects' => [],
           'Reliability' => []
-        },
-        'References' => [
-          [ 'ATT&CK', Mitre::Attack::Technique::T1021_001_REMOTE_DESKTOP_PROTOCOL ],
-          [ 'ATT&CK', Mitre::Attack::Technique::T1021_005_VNC ],
-          [ 'ATT&CK', Mitre::Attack::Technique::T1021_004_SSH ]
-        ]
+        }
       )
     )
   end
diff --git a/modules/post/windows/gather/credentials/rdc_manager_creds.rb b/modules/post/windows/gather/credentials/rdc_manager_creds.rb
@@ -51,10 +51,7 @@ def initialize(info = {})
               stdapi_sys_process_memory_write
             ]
           }
-        },
-        'References' => [
-          [ 'ATT&CK', Mitre::Attack::Technique::T1021_REMOTE_SERVICES ]
-        ]
+        }
       )
     )
   end
diff --git a/modules/post/windows/manage/enable_rdp.rb b/modules/post/windows/manage/enable_rdp.rb
@@ -28,10 +28,7 @@ def initialize(info = {})
           'Stability' => [CRASH_SAFE],
           'SideEffects' => [CONFIG_CHANGES],
           'Reliability' => []
-        },
-        'References' => [
-          [ 'ATT&CK', Mitre::Attack::Technique::T1021_001_REMOTE_DESKTOP_PROTOCOL ]
-        ]
+        }
       )
     )
 
diff --git a/modules/post/windows/manage/install_ssh.rb b/modules/post/windows/manage/install_ssh.rb
@@ -24,8 +24,7 @@ def initialize(info = {})
         'SessionTypes' => [ 'meterpreter', 'shell' ],
         'References'	=> [
           ['URL', 'https://docs.microsoft.com/en-us/windows-server/administration/openssh/openssh_overview'],
-          ['URL', 'https://github.com/PowerShell/openssh-portable'],
-          ['ATT&CK', Mitre::Attack::Technique::T1021_004_SSH]
+          ['URL', 'https://github.com/PowerShell/openssh-portable']
         ],
         'Notes' => {
           'Stability' => [CRASH_SAFE],
diff --git a/modules/post/windows/manage/sshkey_persistence.rb b/modules/post/windows/manage/sshkey_persistence.rb
@@ -38,10 +38,7 @@ def initialize(info = {})
           'Stability' => [CRASH_SAFE],
           'SideEffects' => [ARTIFACTS_ON_DISK],
           'Reliability' => []
-        },
-        'References' => [
-          [ 'ATT&CK', Mitre::Attack::Technique::T1021_004_SSH ]
-        ]
+        }
       )
     )
 

Original file line number	Diff line number	Diff line change
`@@ -23,10 +23,7 @@ def initialize(info = {})`
`23`	`23`	`'Stability' => [CRASH_SAFE],`
`24`	`24`	`'SideEffects' => [],`
`25`	`25`	`'Reliability' => []`
`26`		`- },`
`27`		`- 'References' => [`
`28`		`- [ 'ATT&CK', Mitre::Attack::Technique::T1021_005_VNC ]`
`29`		`- ]`
	`26`	`+ }`
`30`	`27`	`)`
`31`	`28`	`)`
`32`	`29`	`end`
Original file line number	Diff line number	Diff line change
`@@ -33,12 +33,7 @@ def initialize(info = {})`
`33`	`33`	`'Stability' => [CRASH_SAFE],`
`34`	`34`	`'SideEffects' => [],`
`35`	`35`	`'Reliability' => []`
`36`		`- },`
`37`		`- 'References' => [`
`38`		`- [ 'ATT&CK', Mitre::Attack::Technique::T1021_001_REMOTE_DESKTOP_PROTOCOL ],`
`39`		`- [ 'ATT&CK', Mitre::Attack::Technique::T1021_005_VNC ],`
`40`		`- [ 'ATT&CK', Mitre::Attack::Technique::T1021_004_SSH ]`
`41`		`- ]`
	`36`	`+ }`
`42`	`37`	`)`
`43`	`38`	`)`
`44`	`39`	`end`
Original file line number	Diff line number	Diff line change
`@@ -51,10 +51,7 @@ def initialize(info = {})`
`51`	`51`	`stdapi_sys_process_memory_write`
`52`	`52`	`]`
`53`	`53`	`}`
`54`		`- },`
`55`		`- 'References' => [`
`56`		`- [ 'ATT&CK', Mitre::Attack::Technique::T1021_REMOTE_SERVICES ]`
`57`		`- ]`
	`54`	`+ }`
`58`	`55`	`)`
`59`	`56`	`)`
`60`	`57`	`end`
Original file line number	Diff line number	Diff line change
`@@ -28,10 +28,7 @@ def initialize(info = {})`
`28`	`28`	`'Stability' => [CRASH_SAFE],`
`29`	`29`	`'SideEffects' => [CONFIG_CHANGES],`
`30`	`30`	`'Reliability' => []`
`31`		`- },`
`32`		`- 'References' => [`
`33`		`- [ 'ATT&CK', Mitre::Attack::Technique::T1021_001_REMOTE_DESKTOP_PROTOCOL ]`
`34`		`- ]`
	`31`	`+ }`
`35`	`32`	`)`
`36`	`33`	`)`
`37`	`34`