Posts tagged Metasploit Weekly Wrapup

5 min Metasploit

Metasploit Weekly Wrap-Up: Jun. 16, 2023

Metasploit T-Shirt Design Contest In honor of Metasploit's 20th anniversary, Rapid7 is launching special edition t-shirts - and we're inviting members of our community to have a hand in its creation. The contest winner will have their design featured on the shirts, which will then be available to pick up at Black Hat 2023. We will be accepting submissions from now through June 30! Contest details, design guidelines, and submission instructions here [https://docs.google.com/forms/d/e/1FAIpQLSeWU

Read Full Post

3 min Metasploit

Metasploit Weekly Wrap-Up: Jun. 9, 2023

MOVEit It has been a busy few weeks in the security space; the MOVEit [https://www.rapid7.com/blog/post/2023/06/01/rapid7-observed-exploitation-of-critical-moveit-transfer-vulnerability/?utm_campaign=sm-blog&utm_source=twitter&utm_medium=organic-social] vulnerability filling our news feeds with dancing lemurs and a Barracuda [https://www.rapid7.com/blog/post/2023/06/08/etr-cve-2023-2868-total-compromise-of-physical-barracuda-esg-appliances/?utm_campaign=sm-ETR&utm_source=twitter,linkedin&utm_me

Read Full Post

4 min Metasploit

Metasploit Weekly Wrap-Up: Jun. 7, 2023

Metasploit adds new support for Amazon Web Services EC2 instance enumeration with integrated session support, Apache NiFi scanners, and more

Read Full Post

2 min Metasploit

Metasploit Weekly Wrap-Up: 6/2/23

Support added for Active Directory Certificate Services ESC4 Exploitation, and a new sudoedit extra arguments privilege escalation module

Read Full Post

2 min Metasploit

Metasploit Weekly Wrap-Up: 5/19/23

Fetch Based Payloads: Making the Path from Command Injection to Metasploit Session Shorter This week we’re releasing Metasploit fetch payloads. Fetch payloads are command-based payloads that leverage network-enabled applications on remote hosts and different protocol servers to serve, download, and execute binary payloads. Over the last year, two thirds of the exploit modules landed to Metasploit Framework were command injection exploits. These exploits will be much easier to write with our new

Read Full Post

4 min Metasploit

Metasploit Wrap-Up: May 12, 2023

New modules for Zyxel Router RCE, Pentaho Business Server Auth Bypass, ManageEngine ADAudit authenticated file write RCE, and HTTPTrace functionality added to scanner modules

Read Full Post

3 min Metasploit

Metasploit Weekly Wrap-Up: May 5, 2023

Throw another log [file] on the fire Our own Stephen Fewer authored a module targeting CVE-2023-26360 [https://attackerkb.com/topics/F36ClHTTIQ/cve-2023-26360?referrer=blog] affecting ColdFusion 2021 Update 5 and earlier as well as ColdFusion 2018 Update 15 and earlier. The vulnerability allows multiple paths to code execution, but our module works by leveraging a request that will result in the server evaluating the ColdFusion Markup language on an arbitrary file on the remote system. This all

Read Full Post

2 min Metasploit

Metasploit Weekly Wrap-Up: 4/28/23

Scanner That Pulls Sensitive Information From Joomla Installations This week's Metasploit release includes a module for CVE-2023-23752 by h00die [https://github.com/h00die]. Did you know about the improper API access vulnerability in Joomla installations, specifically Joomla versions between 4.0.0 and 4.2.7, inclusive? This vulnerability allows unauthenticated users access to web service endpoints which contain sensitive information such as user and config information. This module can be used to

Read Full Post

3 min Metasploit

Metasploit Weekly Wrap-Up: 4/21/23

VMware Workspace ONE Access exploit chain A new module contributed by jheysel-r7 [https://github.com/jheysel-r7] exploits two vulnerabilities in VMware Workspace ONE Access to attain Remote Code Execution as the horizon user. First being CVE-2022-22956 [https://github.com/advisories/GHSA-54hw-pp59-j3rc], which is an authentication bypass and the second being a JDBC injection in the form of CVE-2022-22957 [https://github.com/advisories/GHSA-cqx6-4jgp-26m2] ultimately granting us RCE. The module

Read Full Post

4 min Metasploit Weekly Wrapup

Metasploit Weekly Wrap-Up: 4/14/23

Rocket Software UniRPC Exploits Ron Bowes [https://github.com/rbowes-r7] submitted two exploit modules [https://github.com/rapid7/metasploit-framework/pull/17832] for vulnerabilities he discovered [https://www.rapid7.com/blog/post/2023/03/29/multiple-vulnerabilities-in-rocket-software-unirpc-server-fixed/] in the UniRPC server for Rocket Software’s UniData product. The first exploit module, exploit/linux/misc/unidata_udadmin_auth_bypass exploits an authentication bypass to ultimately gain remot

Read Full Post

2 min Metasploit

Metasploit Weekly Wrap-Up: 4/7/23

The tide rolls in and out. The flood of new modules last week crested leaving ample time for documentation updates this week. The team and the community seem to have focused on getting those sweet sprinkles of information that help everyone understand Metasploit out to the world. Enhancements and features (1) * #17458 [https://github.com/rapid7/metasploit-framework/pull/17458] from steve-embling [https://github.com/steve-embling] - Updates the exploit/multi/misc/weblogic_deserialize_ba

Read Full Post

7 min Metasploit

Metasploit Weekly Wrap-Up: Mar. 31, 2023

5 new modules including Windows 11 WinSock Priv Esc, SolarWinds Information Service (SWIS) RCE and AMQP Support

Read Full Post

3 min Metasploit

Metasploit Weekly Wrap-Up: 3/24/23

Zxyel Routers Beware This week we've released a module written by first time community contributor shr70 [https://github.com/shr70] that can exploit roughly 45 different Zyxel router and VPN models. The module exploits a buffer overflow vulnerability that results in unauthenticated remote code execution on affected devices. It's rare we see a module affect this many devices once and are excited to see this ship in the framework. We hope pentesters and red-teamers alike can make good use of this

Read Full Post

3 min Metasploit

Metasploit Weekly Wrap-Up: 3/17/23

FortiNAC EITW Content Added Whilst we did have a few cool new modules added this week, one particularly interesting one was a Fortinet FortiNAC vulnerability, CVE-2022-39952 [https://attackerkb.com/topics/9BvxYuiHYJ/cve-2022-39952?referrer=blog], that was added in by team member Jack Heysel. This module exploits an unauthenticated RCE in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through 9.1.7, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 8.6.0 through 8.6.5, 8.5.0 through 8.5.4,

Read Full Post

4 min Metasploit

Metasploit Weekly Wrap-Up: Mar. 10, 2023

Wowza, a new credential gatherer and login scanner! This week Metasploit Framework gained a credential gatherer for Wowza Streaming Engine Manager. Credentials for this application are stored in a file named admin.password in a known location and the file is readable by default by BUILTIN\Users on Windows and is world readable on Linux.. The module was written by community contributor bcoles [https://github.com/bcoles] who also wrote a login scanner for Wowza this week. The login scanner can b

Read Full Post

• ...
• 4
• 5
• 6
• 7
• 8
• ...