automatic module_metadata_base.json update

db/modules_metadata_base.json

@@ -36416,7 +36416,7 @@
 
     ],
     "targets": null,
-    "mod_time": "2018-12-12 15:36:32 +0000",
+    "mod_time": "2019-03-05 17:21:11 +0000",
     "path": "/modules/auxiliary/scanner/ssh/libssh_auth_bypass.rb",
     "is_install_path": true,
     "ref_name": "scanner/ssh/libssh_auth_bypass",
@@ -73608,7 +73608,7 @@
       "Drupal 8.x (Unix In-Memory)",
       "Drupal 8.x (Linux Dropper)"
     ],
-    "mod_time": "2019-02-25 12:19:03 +0000",
+    "mod_time": "2019-03-05 18:58:11 +0000",
     "path": "/modules/exploits/unix/webapp/drupal_drupalgeddon2.rb",
     "is_install_path": true,
     "ref_name": "unix/webapp/drupal_drupalgeddon2",
@@ -73667,6 +73667,71 @@
     "notes": {
     }
   },
+  "exploit_unix/webapp/drupal_restws_unserialize": {
+    "name": "Drupal RESTful Web Services unserialize() RCE",
+    "full_name": "exploit/unix/webapp/drupal_restws_unserialize",
+    "rank": 300,
+    "disclosure_date": "2019-02-20",
+    "type": "exploit",
+    "author": [
+      "Jasper Mattsson",
+      "Charles Fol",
+      "Rotem Reiss",
+      "wvu <wvu@metasploit.com>"
+    ],
+    "description": "This module exploits a PHP unserialize() vulnerability in Drupal RESTful\n        Web Services by sending a crafted request to the /node REST endpoint.\n\n        As per SA-CORE-2019-003, the initial remediation was to disable POST,\n        PATCH, and PUT, but Ambionics discovered that GET was also vulnerable\n        (albeit cached). Cached nodes can be exploited only once.\n\n        Drupal updated SA-CORE-2019-003 with PSA-2019-02-22 to notify users of\n        this alternate vector.\n\n        Drupal < 8.5.11 and < 8.6.10 are vulnerable.",
+    "references": [
+      "CVE-2019-6340",
+      "URL-https://www.drupal.org/sa-core-2019-003",
+      "URL-https://www.drupal.org/psa-2019-02-22",
+      "URL-https://www.ambionics.io/blog/drupal8-rce",
+      "URL-https://github.com/ambionics/phpggc",
+      "URL-https://twitter.com/jcran/status/1099206271901798400"
+    ],
+    "platform": "PHP,Unix",
+    "arch": "php, cmd",
+    "rport": 80,
+    "autofilter_ports": [
+      80,
+      8080,
+      443,
+      8000,
+      8888,
+      8880,
+      8008,
+      3000,
+      8443
+    ],
+    "autofilter_services": [
+      "http",
+      "https"
+    ],
+    "targets": [
+      "PHP In-Memory",
+      "Unix In-Memory"
+    ],
+    "mod_time": "2019-03-05 20:25:00 +0000",
+    "path": "/modules/exploits/unix/webapp/drupal_restws_unserialize.rb",
+    "is_install_path": true,
+    "ref_name": "unix/webapp/drupal_restws_unserialize",
+    "check": true,
+    "post_auth": false,
+    "default_credential": false,
+    "notes": {
+      "Stability": [
+        "crash-safe"
+      ],
+      "SideEffects": [
+        "ioc-in-logs"
+      ],
+      "Reliablity": [
+        "unreliable-session"
+      ],
+      "AKA": [
+        "SA-CORE-2019-003"
+      ]
+    }
+  },
   "exploit_unix/webapp/egallery_upload_exec": {
     "name": "EGallery PHP File Upload Vulnerability",
     "full_name": "exploit/unix/webapp/egallery_upload_exec",