Fix rubocop
Move identify to hashes module up one layer, use full reference to identify_hash instead of full include
Fix SMTP require
Remove hashes require statement
Remove hashes require statement
Remove hashes require statement
Remove hashes require statement
Address remaining requested changes, reference constants directly
Add all the missing direct references
Co-Authored-By: Jeffrey Martin <jeffrey_martin@rapid7.com>
Modularize Identity.rb
Include new module style Identify
Update juniper.rb
Fix inadvertent change
Add new module to identify spec
Put the require back
Put back require line for juniper
This module exploits a chain of the vulnerabilities CVE-2021-27876,
CVE-2021-27877 and CVE-2021-27878 in Veritas Backup Exec Agent which
leads to remote code execution with privileges of system or root user
Tested successfully on docker image tags:
* Jenkins 1.565 (pushed 2015-11-14)
* Jenkins 2.60.3 (pushed 2018-07-17)
Tested unsuccessfully on docker image tags:
* Jenkins 2.346.3 (pushed 2022-08-10)
Issue is that login is broken because the URI changed from
j_acegi_security_check to j_spring_security_check.
This change fixes a bug in the confluence_widget_connector
exploit module to prevent it from crashing when the HTTP
response body received in the get_java_property method is
empty or does not match expected regex.
- Fixed exception handling variable attribution
- Tried to change JavaDeserialization Util to JavaDeserialization mixin
instead
- Changed the fail reason when the connection is unsuccessful
Modern Java disabled the sun.misc.BASE64Decoder class so exploit will fail on any newer version of Jenkins.
The java.util.Base64 class should be used now; the change has been confirmed to work with the latest version of Jenkins (the current exploit silently fails).
space-r7