mirror of
https://github.com/rapid7/metasploitable3.git
synced 2024-09-14 00:01:17 +02:00
5bbed5387e
This flag is hidden within a binary that runs a webservice on a given port. The port is blocked until the correct port knocking sequence is initiated. The default port sequence is all of the user's salary numbers. The commit also moves a lot of values that were previously in recipes into attributes files for easier maintaining going forward.
14 lines
598 B
Plaintext
14 lines
598 B
Plaintext
[options]
|
|
UseSyslog
|
|
|
|
[openFlag]
|
|
sequence = <%= node[:users].collect { |u, att| node[:users][u][:salary] }.join(',') %>
|
|
seq_timeout = 15
|
|
command = /sbin/iptables -I INPUT 1 -s %IP% -p tcp --dport <%= node[:flags][:flag1][:vuln_port] %> -j ACCEPT
|
|
tcpflags = syn
|
|
|
|
[closeFlag]
|
|
sequence = <%= node[:users].collect { |u, att| node[:users][u][:salary] }.reverse.join(',') %>
|
|
seq_timeout = 15
|
|
command = /sbin/iptables -D INPUT -s %IP% -p tcp --dport <%= node[:flags][:flag1][:vuln_port] %> -j ACCEPT
|
|
tcpflags = syn |