automatic module_metadata_base.json update

2024-05-10 09:47:57 -05:00 · 2024-05-10 09:47:57 -05:00 · 102f8d5476
parent 80fdde5fdc
commit 102f8d5476
1 changed files with 59 additions and 0 deletions
--- a/db/modules_metadata_base.json
+++ b/db/modules_metadata_base.json
@ -87024,6 +87024,65 @@

    ]
  },
+  "exploit_linux/local/progress_kemp_loadmaster_sudo_privesc_2024": {
+    "name": "Kemp LoadMaster Local sudo privilege escalation",
+    "fullname": "exploit/linux/local/progress_kemp_loadmaster_sudo_privesc_2024",
+    "aliases": [
+
+    ],
+    "rank": 600,
+    "disclosure_date": "2024-03-19",
+    "type": "exploit",
+    "author": [
+      "Dave Yesland with Rhino Security Labs",
+      "bwatters-r7"
+    ],
+    "description": "This module abuses a feature of the sudo command on Progress Kemp\n          LoadMaster.  Certain binary files are allowed to automatically elevate\n          with the sudo command.  This is based off of the file name.  Some files\n          have this permission are not write-protected from the default 'bal' user.\n          As such, if the file is overwritten with an arbitrary file, it will still\n          auto-elevate.  This module overwrites the /bin/loadkeys file with another\n          executable.",
+    "references": [
+      "URL-https://rhinosecuritylabs.com/research/cve-2024-1212unauthenticated-command-injection-in-progress-kemp-loadmaster/",
+      "URL-https://kemptechnologies.com/kemp-load-balancers"
+    ],
+    "platform": "Linux,Unix",
+    "arch": "",
+    "rport": null,
+    "autofilter_ports": [
+
+    ],
+    "autofilter_services": [
+
+    ],
+    "targets": [
+      "Dropper",
+      "Command"
+    ],
+    "mod_time": "2024-05-10 08:54:23 +0000",
+    "path": "/modules/exploits/linux/local/progress_kemp_loadmaster_sudo_privesc_2024.rb",
+    "is_install_path": true,
+    "ref_name": "linux/local/progress_kemp_loadmaster_sudo_privesc_2024",
+    "check": true,
+    "post_auth": false,
+    "default_credential": false,
+    "notes": {
+      "Stability": [
+        "crash-safe"
+      ],
+      "SideEffects": [
+        "ioc-in-logs",
+        "artifacts-on-disk"
+      ],
+      "Reliability": [
+        "repeatable-session"
+      ]
+    },
+    "session_types": [
+      "shell",
+      "meterpreter"
+    ],
+    "needs_cleanup": true,
+    "actions": [
+
+    ]
+  },
  "exploit_linux/local/ptrace_sudo_token_priv_esc": {
    "name": "ptrace Sudo Token Privilege Escalation",
    "fullname": "exploit/linux/local/ptrace_sudo_token_priv_esc",