Quis dīrumpet ipsos dīrumpēs
In this release, we feature a double-double: two exploits each targeting two pieces of software. The first pair is from h00die targeting the Jasmine Ransomeware Web Server. The first uses CVE-2024-30851 to retrieve the login for the ransomware server, and the second is a directory traversal
Quis dīrumpet ipsos dīrumpēs
In this release, we feature a double-double: two exploits each targeting two pieces of software. The first pair is from h00die targeting the Jasmine Ransomeware Web Server. The first uses CVE-2024-30851 to retrieve the login for the ransomware server, and the second is a directory traversal vulnerability allowing arbitrary file read. The second pair from Dave Yesland of Rhino Security targets Progress Flowmon with CVE-2024-2389 and it pairs well like wine with the additional and accompanying Privilege Escalation module.
New module content (4)
Jasmin Ransomware Web Server Unauthenticated Directory Traversal
Authors: chebuya and h00die
Type: Auxiliary
Pull request: #19103 contributed by h00die
Path: gather/jasmin_ransomware_dir_traversal
AttackerKB reference: CVE-2024-30851
Description: This adds an unauthenticated directory traversal and a SQLi exploit against the Jasmin ransomware web panel.
Jasmin Ransomware Web Server Unauthenticated SQL Injection
Authors: chebuya and h00die
Type: Auxiliary
Pull request: #19103 contributed by h00die
Path: gather/jasmin_ransomware_sqli
Description: This adds an unauthenticated directory traversal and a SQLi exploit against the Jasmin ransomware web panel.
Flowmon Unauthenticated Command Injection
Author: Dave Yesland with Rhino Security Labs
Type: Exploit
Pull request: #19150 contributed by DaveYesland
Path: linux/http/progress_flowmon_unauth_cmd_injection
AttackerKB reference: CVE-2024-2389
Description: Unauthenticated Command Injection Module for Progress Flowmon CVE-2024-2389.
Progress Flowmon Local sudo privilege escalation
Author: Dave Yesland with Rhino Security Labs
Type: Exploit
Pull request: #19151 contributed by DaveYesland
Path: linux/local/progress_flowmon_sudo_privesc_2024
Description: Privilege escalation module for Progress Flowmon unpatched feature.
Enhancements and features (3)
- #19195 from adfoster-r7 - Updates msfconsole to support risc-v platforms.
- #19198 from adfoster-r7 - Add support for Ruby 3.3.x.
- #19200 from adfoster-r7 - Updates Metasploit's gemspec file to work with additional static analysis tools.
Bugs fixed (0)
None
Documentation
You can find the latest Metasploit documentation on our docsite at docs.metasploit.com.
Get it
As always, you can update to the latest Metasploit Framework with msfupdate
and you can get more details on the changes since the last blog post from
GitHub:
If you are a git user, you can clone the Metasploit Framework repo (master branch) for the latest.
To install fresh without using git, you can use the open-source-only Nightly Installers or the
commercial edition Metasploit Pro
Source: Rapid7
Source Link: https://blog.rapid7.com/2024/05/31/metasploit-weekly-wrap-up-05-31-2024/