National Cyber Warfare Foundation (NCWF) Forums


Metasploit Weekly Wrap-Up 09 20 2024


0 user ratings
2024-09-20 18:35:06
milo
Red Team (CNA)

New module content (3)


update-motd.d Persistence


Author: Julien Voisin

Type: Exploit

Pull request: #19454 contributed by jvoisin

Path: linux/local/motd_persistence


Description: This adds a post module to keep persistence on a Linux target by writing a motd bash script triggered with root privileges every time a user



New module content (3)


update-motd.d Persistence


Metasploit Weekly Wrap-Up 09/20/2024

Author: Julien Voisin

Type: Exploit

Pull request: #19454 contributed by jvoisin

Path: linux/local/motd_persistence


Description: This adds a post module to keep persistence on a Linux target by writing a motd bash script triggered with root privileges every time a user logs into the system through SSH.


Wordpress LiteSpeed Cache plugin cookie theft


Authors: Rafie Muhammad and jheysel-r7

Type: Exploit

Pull request: #19457 contributed by jheysel-r7

Path: multi/http/wp_litespeed_cookie_theft

AttackerKB reference: CVE-2024-44000


Description: This adds an exploit module for a WordPress Plugin called LiteSpeed (CVE-2024-44000). On the vulnerable plugin, when the Debug Logs are enabled, it is possible to leak authentication cookies of logged in users, the msf module will use the stolen cookies to upload and execute a plugin able to spawn a meterpreter session.


Windows Kernel Time of Check Time of Use LPE in AuthzBasepCopyoutInternalSecurityAttributes


Authors: jheysel-r7 and tykawaii98

Type: Exploit

Pull request: #19345 contributed by jheysel-r7

Path: windows/local/cve_2024_30088_authz_basep

AttackerKB reference: CVE-2024-30038


Description: This adds a Windows LPE post module that exploits CVE-2024-30088. Once the exploit is executed through a running meterpreter session, it will open another one with NT AUTHORITY/SYSTEM privileges.


Enhancements and features (3)



  • #19414 from cdelafuente-r7 - Adds some missing constants for the Kerberos LoginScanner as defined in the documentation. This also defines the default connection_timeout value in #set_sane_defaults as defined here.

  • #19443 from jvoisin - Removes some redundant code from lib/msf/core/payload/php.rb.

  • #19445 from jvoisin - Makes minor improvements of lib/msf/core/payload/php.rb.


Bugs fixed (1)



  • #19449 from zeroSteiner - This fixes an issue in the exploit for CVE-2022-0995 where it would crash with an exception while printing a message regarding why it failed.


Documentation added (1)



  • #19452 from zeroSteiner - This improves the Metasploit's documentation explaining how to setup a Meterpreter handler over Ngrok port-forwarding.


You can always find more documentation on our docsite at docs.metasploit.com.


Get it


As always, you can update to the latest Metasploit Framework with msfupdate

and you can get more details on the changes since the last blog post from

GitHub:



If you are a git user, you can clone the Metasploit Framework repo (master branch) for the latest.

To install fresh without using git, you can use the open-source-only Nightly Installers or the

commercial edition Metasploit Pro


Metasploit Weekly Wrap-Up 09/20/2024




Source: Rapid7
Source Link: https://blog.rapid7.com/2024/09/20/metasploit-weekly-wrap-up-09-20-2024/


Comments
new comment
Nobody has commented yet. Will you be the first?
 
Forum
Red Team (CNA)



Copyright 2012 through 2024 - National Cyber Warfare Foundation - All rights reserved worldwide.