automatic module_metadata_base.json update
This commit is contained in:
parent
7f3c0c9314
commit
374396e7fe
|
@ -129935,6 +129935,57 @@
|
|||
},
|
||||
"needs_cleanup": null
|
||||
},
|
||||
"exploit_windows/local/ricoh_driver_privesc": {
|
||||
"name": "Ricoh Driver Privilege Escalation",
|
||||
"fullname": "exploit/windows/local/ricoh_driver_privesc",
|
||||
"aliases": [
|
||||
|
||||
],
|
||||
"rank": 300,
|
||||
"disclosure_date": "2020-01-22",
|
||||
"type": "exploit",
|
||||
"author": [
|
||||
"Alexander Pudwill",
|
||||
"Pentagrid AG",
|
||||
"Shelby Pace"
|
||||
],
|
||||
"description": "Various Ricoh printer drivers allow escalation of\n privileges on Windows systems.\n\n For vulnerable drivers, a low-privileged user can\n read/write files within the `RICOH_DRV` directory\n and its subdirectories.\n\n `PrintIsolationHost.exe`, a Windows process running\n as NT AUTHORITY\\SYSTEM, loads driver-specific DLLs\n during the installation of a printer. A user can\n elevate to SYSTEM by writing a malicious DLL to\n the vulnerable driver directory and adding a new\n printer with a vulnerable driver.\n\n This module leverages the `prnmngr.vbs` script\n to add and delete printers. Multiple runs of this\n module may be required given successful exploitation\n is time-sensitive.",
|
||||
"references": [
|
||||
"CVE-2019-19363",
|
||||
"URL-https://www.pentagrid.ch/en/blog/local-privilege-escalation-in-ricoh-printer-drivers-for-windows-cve-2019-19363/"
|
||||
],
|
||||
"platform": "Windows",
|
||||
"arch": "x86, x64",
|
||||
"rport": null,
|
||||
"autofilter_ports": [
|
||||
|
||||
],
|
||||
"autofilter_services": [
|
||||
|
||||
],
|
||||
"targets": [
|
||||
"Windows"
|
||||
],
|
||||
"mod_time": "2020-02-06 14:11:42 +0000",
|
||||
"path": "/modules/exploits/windows/local/ricoh_driver_privesc.rb",
|
||||
"is_install_path": true,
|
||||
"ref_name": "windows/local/ricoh_driver_privesc",
|
||||
"check": true,
|
||||
"post_auth": false,
|
||||
"default_credential": false,
|
||||
"notes": {
|
||||
"SideEffects": [
|
||||
"artifacts-on-disk"
|
||||
],
|
||||
"Reliability": [
|
||||
"unreliable-session"
|
||||
],
|
||||
"Stability": [
|
||||
"service-resource-loss"
|
||||
]
|
||||
},
|
||||
"needs_cleanup": true
|
||||
},
|
||||
"exploit_windows/local/run_as": {
|
||||
"name": "Windows Run Command As User",
|
||||
"fullname": "exploit/windows/local/run_as",
|
||||
|
|
Loading…
Reference in New Issue