Add references to MITRE ATT&CK T1021 - Remote Services

Author: cdelafuente-r7

modules/auxiliary/admin/smb/check_dir_file.rb

@@ -31,6 +31,7 @@ def initialize
         'j0hn__f'
       ],
       'References' => [
+        [ 'ATT&CK', Mitre::Attack::Technique::T1021_002_SMB_WINDOWS_ADMIN_SHARES ]
       ],
       'License' => MSF_LICENSE,
       'Notes' => {

modules/auxiliary/admin/smb/download_file.rb

@@ -29,7 +29,10 @@ def initialize
         'Stability' => [CRASH_SAFE],
         'SideEffects' => [],
         'Reliability' => []
-      }
+      },
+      'References' => [
+        [ 'ATT&CK', Mitre::Attack::Technique::T1021_002_SMB_WINDOWS_ADMIN_SHARES ]
+      ]
     )
 
     register_options([

modules/auxiliary/admin/smb/list_directory.rb

@@ -27,6 +27,7 @@ def initialize
         'hdm'
       ],
       'References' => [
+        [ 'ATT&CK', Mitre::Attack::Technique::T1021_002_SMB_WINDOWS_ADMIN_SHARES ]
       ],
       'License' => MSF_LICENSE,
       'Notes' => {

modules/auxiliary/admin/smb/ms17_010_command.rb

@@ -41,6 +41,7 @@ def initialize(info = {})
           [ 'URL', 'https://github.com/worawit/MS17-010' ],
           [ 'URL', 'https://hitcon.org/2017/CMT/slide-files/d2_s2_r0.pdf' ],
           [ 'URL', 'https://blogs.technet.microsoft.com/srd/2017/06/29/eternal-champion-exploit-analysis/' ],
+          [ 'ATT&CK', Mitre::Attack::Technique::T1021_002_SMB_WINDOWS_ADMIN_SHARES ],
         ],
         'DisclosureDate' => '2017-03-14',
         'Notes' => {

modules/auxiliary/admin/smb/samba_symlink_traversal.rb

@@ -29,7 +29,8 @@ def initialize
       'References' => [
         ['CVE', '2010-0926'],
         ['OSVDB', '62145'],
-        ['URL', 'http://www.samba.org/samba/news/symlink_attack.html']
+        ['URL', 'http://www.samba.org/samba/news/symlink_attack.html'],
+        ['ATT&CK', Mitre::Attack::Technique::T1021_002_SMB_WINDOWS_ADMIN_SHARES]
       ],
       'License' => MSF_LICENSE,
       'Notes' => {

modules/auxiliary/admin/smb/upload_file.rb

@@ -26,6 +26,7 @@ def initialize
         'hdm' # metasploit module
       ],
       'References' => [
+        [ 'ATT&CK', Mitre::Attack::Technique::T1021_002_SMB_WINDOWS_ADMIN_SHARES ]
       ],
       'License' => MSF_LICENSE,
       'Notes' => {

modules/auxiliary/admin/smb/webexec_command.rb

@@ -30,7 +30,8 @@ def initialize(info = {})
         'License' => MSF_LICENSE,
         'References' => [
           ['URL', 'https://webexec.org'],
-          ['CVE', '2018-15442']
+          ['CVE', '2018-15442'],
+          ['ATT&CK', Mitre::Attack::Technique::T1021_002_SMB_WINDOWS_ADMIN_SHARES]
         ],
         'Notes' => {
           'Stability' => [CRASH_SAFE],

modules/auxiliary/admin/vnc/realvnc_41_bypass.rb

@@ -29,6 +29,7 @@ def initialize(info = {})
           ['OSVDB', '25479'],
           ['URL', 'https://web.archive.org/web/20080102163013/http://secunia.com/advisories/20107/'],
           ['CVE', '2006-2369'],
+          ['ATT&CK', Mitre::Attack::Technique::T1021_005_VNC],
         ],
         'DisclosureDate' => '2006-05-15',
         'Notes' => {

modules/auxiliary/scanner/smb/smb_login.rb

@@ -43,6 +43,7 @@ def initialize
       ],
       'References' => [
         [ 'CVE', '1999-0506'], # Weak password
+        [ 'ATT&CK', Mitre::Attack::Technique::T1021_002_SMB_WINDOWS_ADMIN_SHARES ],
       ],
       'License' => MSF_LICENSE,
       'DefaultOptions' => {

modules/auxiliary/scanner/ssh/eaton_xpert_backdoor.rb

@@ -33,7 +33,8 @@ def initialize(info = {})
           ['CVE', '2018-16158'],
           ['EDB', '45283'],
           ['URL', 'https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/PXM-Advisory.pdf'],
-          ['URL', 'https://www.ctrlu.net/vuln/0006.html']
+          ['URL', 'https://www.ctrlu.net/vuln/0006.html'],
+          ['ATT&CK', Mitre::Attack::Technique::T1021_004_SSH]
         ],
         'DisclosureDate' => '2018-07-18',
         'License' => MSF_LICENSE,