CVE-2019-0211

Rpv · February 13, 2020, 12:18pm

Hi ! Im new to pen testing and im currently working on my very first box (OpenAdmin)

I did some scanning and found exploit CVE-2019-0211 in exploitdb, which seems to be a good candidate. My problem is, as i try to copy the exploit from searchsploit (exploitdb), metasploit-framework does not registre the new module. And when i do a search for the exploit in msfconsole there is no result.

Path i copied module from exploitdb to:
/root/.msf4/modules/exploits/linux/local/46676.php

i ofc tried reload_all /updatedb and all that jazz, and still cant get metasploit to recognize the new module.

In the exploit itself it says that i should upload exploit to target server, and maybe this is what im doing wrong, maybe the exploit is not a metasploit module.
ive read that metasploit only accepts ruby modules so maybe this is the problem ? or am i missing something els ? pls enlighten me

TheBandit · February 13, 2020, 12:52pm

Hello,

That is a php exploit and won’t run under metasploit. To use metasploit , you need to search for that specific metasploit module (CVE-2019-0211) , which is written in ruby ( .rb). But i don’t think there’s one written yet …
So to use that php file you’ve got , you’ll need to transfer that .php exploit file to the target machine and run it there

Rpv · February 13, 2020, 1:14pm

Thank you ! Allready suspected that but feared i was missing something very basic which might have made it work. So thanks again

Topic		Replies	Views
MSF Sessions Academy	1	354	June 23, 2023
Having issue with Metasploit Tools	3	619	January 10, 2021
HTB introduction to metasploit problem	0	216	April 5, 2024
Getting Started - Knowledge Check - Only solvable with Pwnbox Academy question , academy	0	20	August 20, 2024
Reverse Shell & Payloads - The live engagement Academy	96	15717	January 26, 2025

CVE-2019-0211

Related topics