module
PowerShellEmpire Arbitrary File Upload (Skywalker)
| Disclosed | Created |
|---|---|
| Oct 15, 2016 | May 30, 2018 |
Disclosed
Oct 15, 2016
Created
May 30, 2018
Description
A vulnerability existed in the new Empire (maintained by BC Security)
prior to commit e73e883 ( server prior to commit f030cf62 which would allow an arbitrary file
to be written to an attacker controlled location with the permissions
of the Empire server.
This exploit will write the payload to /tmp/ directory followed by a
cron.d file to execute the payload.
prior to commit e73e883 ( server prior to commit f030cf62 which would allow an arbitrary file
to be written to an attacker controlled location with the permissions
of the Empire server.
This exploit will write the payload to /tmp/ directory followed by a
cron.d file to execute the payload.
Authors
Spencer McIntyre
Erik Daguerre
ACE-Responder
Takahiro Yokoyama
Erik Daguerre
ACE-Responder
Takahiro Yokoyama
Platform
Linux,Python
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.