This Metasploit module exploits a Java deserialization vulnerability in Apache OFBiz’s unauthenticated XML-RPC endpoint /webtools/control/xmlrpc for versions prior to 17.12.04.
## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## # POC modified from https://blog.trailofbits.com/2019/07/19/understanding-docker-container-escapes/ class MetasploitModule < Msf::Exploit::Local Rank = NormalRanking prepend Msf::Exploit::Remote::AutoCheck include Msf::Post::File include Msf::Post::Linux::Priv include Msf::Post::Linux::System include Msf::Exploit::EXE include […]
This Metasploit module exploits an authenticated Python unsafe pickle.load of a Dict file. An authenticated attacker can create a photo library and add arbitrary files to it. After setting the Windows only Plex variable LocalAppDataPath […]
This module exploits an unauthenticated command execution vulnerability in Apache Spark with standalone cluster mode through REST API. It uses the function CreateSubmissionRequest to submit a malious java class and trigger it. [su_quote] ## # […]
This module exploits a vulnerability in SonicWall Global Management System Virtual Appliance versions 8.1 (Build 8110.1197) and below. This virtual appliance can be downloaded from http://www.sonicwall.com/products/sonicwall-gms/ and is used ‘in a holistic way to manage […]