Posts by Jacquie Harris

Metasploit Wrap-Up 03/08/2024

New module content (2) GitLab Tags RSS feed email disclosure Authors: erruquill and n00bhaxor Type: Auxiliary Pull request: #18821 [https://github.com/rapid7/metasploit-framework/pull/18821] contributed by n00bhaxor [https://github.com/n00bhaxor] Path: gather/gitlab_tags_rss_feed_email_disclosure AttackerKB reference: CVE-2023-5612 [https://attackerkb.com/search?q=CVE-2023-5612?referrer=blog] Description: This adds an auxiliary module that leverages an information disclosure vulnerability (CVE

2 min Metasploit

Metasploit Weekly Wrap-Up 1/05/2024

New module content (2) Splunk __raw Server Info Disclosure Authors: KOF2002, h00die, and n00bhaxor Type: Auxiliary Pull request: #18635 [https://github.com/rapid7/metasploit-framework/pull/18635] contributed by n00bhaxor [https://github.com/n00bhaxor] Path: gather/splunk_raw_server_info Description: This PR adds a module for an authenticated Splunk information disclosure vulnerability. This module gathers information about the host machine and the Splunk install including OS version, build, CP

2 min Metasploit

Metasploit Weekly Wrap-Up: Oct. 6, 2023

New module content (3) LDAP Login Scanner Author: Dean Welch Type: Auxiliary Pull request: #18197 [https://github.com/rapid7/metasploit-framework/pull/18197] contributed by dwelch-r7 [https://github.com/dwelch-r7] Path: scanner/ldap/ldap_login Description: This PR adds a new login scanner module for LDAP. Login scanners are the classes that provide functionality for testing authentication against various different protocols and mechanisms. This LDAP login scanner supports multiple types of aut

2 min Metasploit

Metasploit Wrap-Up: 2/17/23

Cisco RV Series Auth Bypass and Command Injection Thanks to community contributor neterum [https://github.com/neterum], Metasploit framework just gained an awesome new module which targets Cisco Small Business RV Series Routers. The module actually exploits two vulnerabilities, an authentication bypass CVE-2022-20705 [https://attackerkb.com/topics/1iBoR0w9Ak/cve-2022-20705?referrer=blog] and a command injection vulnerability CVE-2022-20707 [https://attackerkb.com/topics/J6696vwQVH/cve-2022-20707

Posts by Jacquie Harris

Metasploit Wrap-Up 03/08/2024

Metasploit Weekly Wrap-Up 1/05/2024

Metasploit Weekly Wrap-Up: Oct. 6, 2023

Metasploit Wrap-Up: 2/17/23

Popular Topics

Tags

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.