National Cyber Warfare Foundation (NCWF)

Metasploit Weekly Wrap-Up 09 13 2024


0 user ratings
2024-09-13 18:36:03
milo
Red Team (CNA)

 - archive -- 

SPIP Modules


This week brings more modules targeting the SPIP publishing platform. SPIP has gained some attention from Metasploit community contributors recently and has inspired some PHP payload and encoder improvements.


New module content (2)


SPIP BigUp Plugin Unauthenticated RCE


Authors: Julien Voisin, Laluka, Valentin Lobstein, and Vozec

Type: Exploit



SPIP Modules


Metasploit Weekly Wrap-Up 09/13/2024

This week brings more modules targeting the SPIP publishing platform. SPIP has gained some attention from Metasploit community contributors recently and has inspired some PHP payload and encoder improvements.


New module content (2)


SPIP BigUp Plugin Unauthenticated RCE


Authors: Julien Voisin, Laluka, Valentin Lobstein, and Vozec

Type: Exploit

Pull request: #19444 contributed by Chocapikk

Path: multi/http/spip_bigup_unauth_rce

AttackerKB reference: CVE-2024-8517


Description: This adds an exploit module for CVE-2024-8517, an unauthenticated RCE able to execute arbitrary PHP code.


SPIP connect Parameter PHP Injection


Authors: Arnaud Pachot, Davy Douhine, Frederic Cikala, and Valentin Lobstein

Type: Exploit

Pull request: #19432 contributed by Chocapikk

Path: multi/http/spip_connect_exec

CVE reference: BID-54292


Description: Refactor SPIP Modules for Windows Compatibility and Incorporating SPIP Mixin.


Enhancements and features (3)



  • #19330 from heyder - The start_service method in the http_server.rb library now allows users to specify their SSL preferences directly through the opts parameter. If the ssl option is not provided in opts, it will default to the value in datastore["SSL"].

  • #19352 from zgoldman-r7 - Adjusts the metadata for the ldap login scanner, adding defaults and adjusting the service and protocol values.

  • #19432 from Chocapikk - Refactor SPIP Modules for Windows Compatibility and Incorporating SPIP Mixin.


Bugs fixed (1)



  • #19439 from bcoles - This explicitly defines x86 and x64 as supported architectures for the bypassuac_comhijack module. Prior to this change there were no defined architectures and if you tried to use an x64 based payload the module would fail.


Documentation


You can find the latest Metasploit documentation on our docsite at docs.metasploit.com.


Get it


As always, you can update to the latest Metasploit Framework with msfupdate

and you can get more details on the changes since the last blog post from

GitHub:



If you are a git user, you can clone the Metasploit Framework repo (master branch) for the latest.

To install fresh without using git, you can use the open-source-only Nightly Installers or the

commercial edition Metasploit Pro


Metasploit Weekly Wrap-Up 09/13/2024




Source: Rapid7
Source Link: https://blog.rapid7.com/2024/09/13/metasploit-weekly-wrap-up-09-13-2024/


Comments
new comment
Nobody has commented yet. Will you be the first?
 
Forum
Red Team (CNA)



Copyright 2012 through 2024 - National Cyber Warfare Foundation - All rights reserved worldwide.