National Cyber Warfare Foundation (NCWF) Forums


Metasploit Weekly Wrap-Up 03 22 2024
0 user ratings		2024-03-22 16:43:26
milo
Red Team (CNA)
 - archive -- 
Metasploit adds new OpenNMS Horizon Authenticated RCE module and a number of other enhancements.

New module content (1)


OpenNMS Horizon Authenticated RCE


Metasploit Weekly Wrap-Up 03/22/2024

Author: Erik Wynter

Type: Exploit

Pull request: #18618 contributed by ErikWynter

Path: linux/http/opennms_horizon_authenticated_rce

AttackerKB reference: CVE-2023-0872


Description: This module exploits built-in functionality in OpenNMS Horizon in order to execute arbitrary commands as the opennms user. For versions 32.0.2 and higher, this module requires valid credentials for a user with ROLE_FILESYSTEM_EDITOR privileges and either ROLE_ADMIN or ROLE_REST. For versions 32.0.1 and lower, credentials are required for a user with ROLE_FILESYSTEM_EDITOR, ROLE_REST, and/or ROLE_ADMIN privileges.


Enhancements and features (5)



  • #18838 from SickMcNugget - This adds support for Debian and includes a number of fixes and improvements for the runc_cwd_priv_esc module. Prior to this fix, the module would incorrectly report some of the versions that the patch had been back ported to as vulnerable.

  • #18841 from randomstr1ng - This PR updates the sap_icm_paths.txt wordlist with the newest entries.

  • #18885 from errorxyz - Enhances the sessions command so that both Meterpreter and the top level Metasploit prompt support sessions -i -1.

  • #18978 from dwelch-r7 - This PR updates several login modules to now display some messaging to the end of scans to tell the user how many credentials and/or sessions were successful.

  • #18980 from zgoldman-r7 - Improves the help command wording when interacting with basic shells.


Bugs fixed (2)



  • #18947 from molecula2788 - Fixes an issue with exploits/windows/local/wmi_persistence module when Powershell obfuscation was applied.

  • #18974 from zeroSteiner - Fixes a typo in the help menu of the dns command.


Documentation added (1)



  • #18965 from adfoster-r7 - This PR updates our README.md to remove a stale documentation link.


You can always find more documentation on our docsite at docs.metasploit.com.


Get it


As always, you can update to the latest Metasploit Framework with msfupdate

and you can get more details on the changes since the last blog post from

GitHub:



If you are a git user, you can clone the Metasploit Framework repo (master branch) for the latest.

To install fresh without using git, you can use the open-source-only Nightly Installers or the

commercial edition Metasploit Pro




Source: Rapid7
Source Link: https://blog.rapid7.com/2024/03/22/metasploit-weekly-wrap-up-03-22-2024/

Comments
new comment
Nobody has commented yet. Will you be the first?
  
Forum
Red Team (CNA)


Copyright 2012 through 2024 - National Cyber Warfare Foundation - All rights reserved worldwide.