Post-Thanksgiving Big Release
This week's release is an impressive one. It adds 9 new modules, which will get you remote code execution on products such as Ivanti Connect Secure, VMware vCenter Server, Asterisk, Fortinet FortiManager and Acronis Cyber Protect. It also includes an account takeover on Wordpress, a local privilege escalation on Windows and a X11 keylogger module. Finally, this release improves the fingerprinting logic for the TeamCity login module and adds instructions about the installation of the Metasploit development environment on windows using Powershell in the official documentation. A big thank you to the community for this awesome release!
New module content (9)
Wordpress POST SMTP Account Takeover
Authors: Ulysses Saicha and h00die
Type: Auxiliary
Pull request: #19596 contributed by h00die
Path: admin/http/wp_post_smtp_acct_takeover
AttackerKB reference: CVE-2023-6875
Description: The POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress, plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a type juggling issue on the connect-app REST endpoint in all versions up to, and including, 2.8.7. This adds an exploit module which allows an attacker to reset the password of any known user on the system.
X11 Keylogger
Authors: h00die and nir tzachar
Type: Auxiliary
Pull request: #18877 contributed by h00die
Path: gather/x11_keyboard_spy
AttackerKB reference:
metasploit
weekly