adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

automatic module_metadata_base.json update

Browse Source
This commit is contained in:
Metasploit
2022-12-13 12:16:12 -06:00
parent d6a5590c06
commit a653dbd51a
1 changed files with 56 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
db/modules_metadata_base.json
+56
View File
@@ -101684,6 +101684,62 @@
"session_types": false,
"needs_cleanup": null
},
"exploit_osx/local/acronis_trueimage_xpc_privesc": {
"name": "Acronis TrueImage XPC Privilege Escalation",
"fullname": "exploit/osx/local/acronis_trueimage_xpc_privesc",
"aliases": [
],
"rank": 600,
"disclosure_date": "2020-11-11",
"type": "exploit",
"author": [
"Csaba Fitzl",
"Shelby Pace"
],
"description": "Acronis TrueImage versions 2019 update 1 through 2021 update 1\n are vulnerable to privilege escalation. The `com.acronis.trueimagehelper`\n helper tool does not perform any validation on connecting clients,\n which gives arbitrary clients the ability to execute functions provided\n by the helper tool with `root` privileges.",
"references": [
"CVE-2020-25736",
"URL-https://kb.acronis.com/content/68061",
"URL-https://attackerkb.com/topics/a1Yrvagxt5/cve-2020-25736"
],
"platform": "OSX",
"arch": "x64",
"rport": null,
"autofilter_ports": [
],
"autofilter_services": [
],
"targets": [
"Auto"
],
"mod_time": "2022-12-13 09:49:59 +0000",
"path": "/modules/exploits/osx/local/acronis_trueimage_xpc_privesc.rb",
"is_install_path": true,
"ref_name": "osx/local/acronis_trueimage_xpc_privesc",
"check": true,
"post_auth": false,
"default_credential": false,
"notes": {
"Stability": [
"crash-safe"
],
"Reliability": [
"repeatable-session"
],
"SideEffects": [
"artifacts-on-disk",
"ioc-in-logs"
]
},
"session_types": [
"shell",
"meterpreter"
],
"needs_cleanup": true
},
"exploit_osx/local/cfprefsd_race_condition": {
"name": "macOS cfprefsd Arbitrary File Write Local Privilege Escalation",
"fullname": "exploit/osx/local/cfprefsd_race_condition",