dnrops
/
metasploit-framework
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

automatic module_metadata_base.json update

This commit is contained in:
Metasploit 2018-06-29 10:22:27 -07:00
parent fc3199259b
commit 1b386c99c2
No known key found for this signature in database
GPG Key ID: CDFB5FA52007B954
1 changed files with 34 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
db/modules_metadata_base.json
View File

@ -32451,6 +32451,39 @@
"is_install_path": true,
"ref_name": "linux/http/nagios_xi_chained_rce"
},
"exploit_linux/http/nagios_xi_chained_rce_2_electric_boogaloo": {
"name": "Nagios XI Chained Remote Code Execution",
"full_name": "exploit/linux/http/nagios_xi_chained_rce_2_electric_boogaloo",
"rank": 0,
"disclosure_date": "2018-04-17",
"type": "exploit",
"author": [
"Cale Smith",
"Benny Husted",
"Jared Arave"
],
"description": "This module exploits a few different vulnerabilities in Nagios XI 5.2.6-5.4.12 to gain remote root access.\n The steps are:\n 1. Issue a POST request to /nagiosql/admin/settings.php which sets the database user to root.\n 2. SQLi on /nagiosql/admin/helpedit.php allows us to enumerate API keys.\n 3. The API keys are then used to add an administrative user.\n 4. An authenticated session is established with the newly added user\n 5. Command Injection on /nagiosxi/backend/index.php allows us to execute the payload with nopasswd sudo,\n giving us a root shell.\n 6. Remove the added admin user and reset the database user.",
"references": [
"EDB-44560",
"CVE-2018-8733",
"CVE-2018-8734",
"CVE-2018-8735",
"CVE-2018-8736",
"URL-http://blog.redactedsec.net/exploits/2018/04/26/nagios.html"
],
"is_server": false,
"is_client": false,
"platform": "Linux",
"arch": "x86",
"rport": "80",
"targets": [
"Nagios XI 5.2.6 <= 5.4.12"
],
"mod_time": "2018-06-29 11:08:31 +0000",
"path": "/modules/exploits/linux/http/nagios_xi_chained_rce_2_electric_boogaloo.rb",
"is_install_path": true,
"ref_name": "linux/http/nagios_xi_chained_rce_2_electric_boogaloo"
},
"exploit_linux/http/netgear_dgn1000_setup_unauth_exec": {
"name": "Netgear DGN1000 Setup.cgi Unauthenticated RCE",
"full_name": "exploit/linux/http/netgear_dgn1000_setup_unauth_exec",
@ -66769,7 +66802,7 @@
"name": "FTPShell client 6.70 (Enterprise edition) Stack Buffer Overflow",
"full_name": "exploit/windows/ftp/ftpshell_cli_bof",
"rank": 300,
"disclosure_date": "2017-03-04",
"disclosure_date": "2017-03-04 00:00:00 +0000",
"type": "exploit",
"author": [
"r4wd3r",