2 min
Metasploit
Metasploit Wrap-Up: Apr. 17, 2020
Nexus Repository Manager RCE
This week our very own Will Vu [https://github.com/wvu-r7] wrote a module for
CVE-2020-10199 which targets a remote code execution vulnerability within the
Nexus Repository Manager. The vulnerability allows Java Expression Language
(JavaEL) code to be executed. While the flaw requires authentication information
to leverage it, any account is sufficient. This would allow any registered user
to compromise the target server.
Unquoted Service Path LPE
Community contribu
2 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 1/3/20
A new OpenBSD local exploit
Community contributor bcoles [http://github.com/bcoles] brings us a new exploit
module for CVE-2019-19726, a vulnerability originally discovered by Qualys
[https://blog.qualys.com/laws-of-vulnerabilities/2019/12/11/openbsd-local-privilege-escalation-vulnerability-cve-2019-19726]
in OpenBSD. This vulnerability is pretty interesting in the sense that it
leverages a bug in the _dl_getenv function that can be triggered to load
libutil.so from an attacker controlled loca
1 min
Python
Recent Python Meterpreter Improvements
The Python Meterpreter
[https://github.com/rapid7/metasploit-framework/wiki/Meterpreter] has received
quite a few improvements this year. In order to generate consistent results, we
now use the same technique to determine the Windows version in both the Windows
and Python instances of Meterpreter. Additionally, the native system language is
now populated in the output of the sysinfo command. This makes it easier to
identify and work with international systems.
The largest change to the Python M