标签为Metasploit的帖子

2 min Metasploit

Metasploit每周总结2024年9月13日

SPIP Modules This week brings more modules targeting the SPIP publishing platform. SPIP has gained some attention from Metasploit community contributors recently and has inspired some PHP payload and encoder improvements. 新增模块内容(2) SPIP BigUp插件未经认证的RCE Authors: Julien Voisin, Laluka, Valentin Lobstein, and Vozec Type: Exploit 拉取请求:#19444 [http://github ..com/rapid7/metasploit-framework/pull/19444] Chocapikk [http://github]贡献.com/Chocapikk] Pat
2 min Metasploit

Metasploit周报——2024年6月9日

亲爱的,我缩减了PHP的有效负载 This release contains more PHP payload improvements from Julien Voisin. Last week we landed a PR from Julien that added a datastore option to the php/base64 encoder that when enabled, will use zlib to compress the payload which significantly reduced the size, bringing a payload of 4040 bytes down to a mere 1617 bytes. This week's release includes a php/minify encoder which removes all unnecessary characters from the payload including comments, empty lines, leadin
4 min Metasploit

Metasploit周报08/30/2024

一种编码PHP有效负载的新方法 A new PHP encoder has been released by a community contributor, jvoisin [http://github.com/jvoisin], allowing a PHP payload to be encoded as an ASCII-Hex字符串. This can then be decoded on the receiver to prevent issues 带有未转义字符或坏字符的. 射线的漏洞 This release of Metasploit Framework also features 3 new modules to target ray.io, which is a framework for distributing AI-related workloads across 多台机器,这使它成为一个多余的
1 min Metasploit

Metasploit周报08/23/2024

新增模块内容(3) Fortra FileCatalyst Workflow SQL Injection (CVE-2024-5276) 作者:Michael Heinzl和Tenable Type: Auxiliary 拉取请求:#19373 [http://github ..com/rapid7/metasploit-framework/pull/19373] 由h4x-x0r [http://github]贡献.com/h4x-x0r] Path: admin/http/fortra_filecatalyst_workflow_sqli 攻击者kb参考:CVE-2024-5276 [http://attackerkb.com/search?q=CVE-2024-5276&referrer=blog] Description: This adds an auxiliary module to exploit the CVE-2024-5276, a SQL inj
2 min Metasploit

Metasploit周报08/16/2024

新增模块内容(3) Apache HugeGraph Gremlin RCE 作者:6right和jheyself -r7 Type: Exploit 拉取请求:#19348 [http://github ..com/rapid7/metasploit-framework/pull/19348] 由jheysel-r7 [http://github]贡献.com/jheysel-r7] Path: linux/http/apache_hugegraph_gremlin_rce 攻击者kb参考:CVE-2024-27348 [http://attackerkb.com/search?q=CVE-2024-27348&referrer=blog] Description: Adds an Apache HugeGraph Server exploit for GHSA-29rc-vq7f-x335 [http://github.com/advisories/GHSA-29r
1 min Metasploit

Metasploit周报08/09/2024

Black Hat & DEF CON Hopefully folks were able to catch our Rapid7 researchers @zeroSteiner [http://x.com/zeroSteiner] & 杰克·海塞尔展示了Metasploit.4's features, focusing on combinations that allow for new, streamlined attack 黑帽的工作流程. If not they will also be demoing at DEF CON tomorrow in room W304! 新增模块内容(1) Calibre Python Code Injection (CVE-2024-6782) 作者:Amos Ng和Michael Heinzl Type: Exploit 拉取请求:#19357 [http://github ..com/rapid7/meta
2 min Metasploit

Metasploit周报08/02/2024

Metasploit去了黑客夏令营 Next week, Metasploit will have demos at both Black Hat [http://www.blackhat.com/us-24/arsenal/schedule/index.html # - metasploit框架- 39570] 和DEF CON [http://defcon].org/html/defcon-32/dc-32-demolabs.html # 54186) the latest functionality from this year will be presented. 黑帽演示 will be on Thursday the 8th from 10:10 to 11:25 and the DEF CON demo will be on 周六,10号,12:00 - 13:45. 亮点将包括表演
2 min Metasploit

Metasploit周报07/26/2024

新增模块内容(3) Magento XXE反序列化任意文件读取 作者:Heyder和Sergey Temnikov Type: Auxiliary 拉取请求:#19304 [http://github ..com/rapid7/metasploit-framework/pull/19304] heyder [http://github]贡献.com/heyder] 路径:收集/ magento_xxe_cve_2024_34102 攻击者kb参考:CVE-2024-34102 [http://attackerkb.com/search?q=CVE-2024-34102&referrer=blog] Description: This adds an auxiliary module for an XXE which results in an 任意文件在Magento是
2 min Metasploit每周总结

Metasploit每周总结7/19/2024

A new unauthenticated RCE exploit for GeoServer, plus library and Meterpreter updates and enhancements.
2 min Metasploit

Metasploit每周总结07/12/2024

常见的嫌疑犯 This release features two new exploits targeting old friends: Confluence and Ivanti. CVE-2024-21683 [http://attackerkb.com/search?q=CVE-2024-21683&推荐人=博客]是很容易的 vulnerability to exploit, but as pointed out in the AttackerKB Review [http://attackerkb.com/assessments/5ad314a1-9fd7-47d7-835f-f29680b3961d?referrer=blog] , it requires authentication as a ‘Confluence Administrator.“另一方面, CVE-2024-29824 is an unauthenticated SQL Injection in Ivanti End
2 min Metasploit

Metasploit周报07/05/2024

3 new modules - MOVEit Transfer authentication bypass CVE-2024-5806, Zyxel指令注入, 和Azure CLI凭证收集器
2 min Metasploit

Metasploit周报06/28/2024

Unauthenticated Command Injection in Netis Router This week's Metasploit release includes an exploit module for an unauthenticated command injection vulnerability in the Netis MW5360 router which is being 被追踪为CVE-2024-22729. The vulnerability stems from improper handling of the password parameter within the router's web interface which allows for command injection. Fortunately for attackers, the router's login page authorization can be bypassed by simply deleting the authorization header,
3 min Metasploit

Metasploit周报2016/21/06

Windows上PHP的参数注入 This week includes modules that target file traversal and arbitrary file read vulnerabilities for software such as Apache, SolarWinds and Check Point, with the highlight being a module for the recent PHP vulnerability submitted by sfewer-r7 [http://github.com/sfewer-r7]. 这个模块利用一个参数 injection vulnerability, resulting in remote code execution and a Meterpreter shell running in the context of the Administrator user. 注意,这个攻击
3 min Metasploit

Metasploit每周总结2024年6月14日

新增模块内容(5) teleerik报表服务器验证旁路 作者:SinSinology和Spencer McIntyre Type: Auxiliary 拉取请求:#19242 [http://github ..com/rapid7/metasploit-framework/pull/19242] 由zeroSteiner [http://github]贡献.com/zeroSteiner] Path: scanner/http/telerik_report_server_auth_bypass 攻击者kb参考:CVE-2024-4358 [http://attackerkb.com/search?q=CVE-2024-4358?referrer=blog] Description: This adds an exploit for CVE-2024-4358 which is an authentication bypass in Te
2 min Metasploit

Metasploit周报2016/07/06

新的OSX有效载荷:武装和危险 In addition to an RCE leveraging CVE-2024-5084 to gain RCE through a WordPress Hash form, this release features the addition of several new binary OSX stageless payloads with aarch64 support: Execute Command, Shell Bind TCP, and 反向TCP. The new osx/aarch64/shell_bind_tcp payload opens a listening port on the target machine, which allows the attacker to connect to this open port to spawn a command shell using the user provided command using the exe

Popular Topics

Tags