Last updated at Fri, 05 Apr 2024 20:44:34 GMT
New module content (1)
OpenNMS Horizon Authenticated RCE
Author: Erik Wynter
Type: Exploit
Pull request: #18618 contributed by ErikWynter
Path: linux/http/opennms_horizon_authenticated_rce
AttackerKB reference: CVE-2023-0872
Description: This module exploits built-in functionality in OpenNMS Horizon in order to execute arbitrary commands as the opennms
user. For versions 32.0.2 and higher, this module requires valid credentials for a user with ROLE_FILESYSTEM_EDITOR
privileges and either ROLE_ADMIN
or ROLE_REST
. For versions 32.0.1 and lower, credentials are required for a user with ROLE_FILESYSTEM_EDITOR
, ROLE_REST
, and/or ROLE_ADMIN
privileges.
Enhancements and features (5)
- #18838 from SickMcNugget - This adds support for Debian and includes a number of fixes and improvements for the
runc_cwd_priv_esc
module. Prior to this fix, the module would incorrectly report some of the versions that the patch had been back ported to as vulnerable. - #18841 from randomstr1ng - This PR updates the sap_icm_paths.txt wordlist with the newest entries.
- #18885 from errorxyz - Enhances the
sessions
command so that both Meterpreter and the top level Metasploit prompt supportsessions -i -1
. - #18978 from dwelch-r7 - This PR updates several login modules to now display some messaging to the end of scans to tell the user how many credentials and/or sessions were successful.
- #18980 from zgoldman-r7 - Improves the
help
command wording when interacting with basic shells.
Bugs fixed (2)
- #18947 from molecula2788 - Fixes an issue with
exploits/windows/local/wmi_persistence
module when Powershell obfuscation was applied. - #18974 from zeroSteiner - Fixes a typo in the help menu of the
dns
command.
Documentation added (1)
- #18965 from adfoster-r7 - This PR updates our
README.md
to remove a stale documentation link.
You can always find more documentation on our docsite at docs.metasploit.com.
Get it
As always, you can update to the latest Metasploit Framework with msfupdate
and you can get more details on the changes since the last blog post from
GitHub:
If you are a git
user, you can clone the Metasploit Framework repo (master branch) for the latest.
To install fresh without using git, you can use the open-source-only Nightly Installers or the
commercial edition Metasploit Pro