CVE-2024-31916

IBM OpenBMC FW1050.00 through FW1050.10 BMCWeb HTTPS server component could disclose sensitive URI content to an unauthorized actor that bypasses authentication channels. IBM X-ForceID: 290026...

Security Bulletin: This Power System update is being released to address CVE-2024-31916

Summary This affects the BMC's HTTPS-based Redfish interface. Note the BMC's web-based ASMI interface uses the Redfish interface. Vulnerability Details CVEID:CVE-2024-31916 DESCRIPTION: IBM OpenBMC's BMCWeb HTTPS server component could disclose sensitive URI content to an unauthorized actor that...

FreeBSD : curl -- SOCKS5 heap buffer overflow (d6c19e8c-6806-11ee-9464-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the d6c19e8c-6806-11ee-9464-b42e991fc52e advisory. - CVE-2023-38545 is a heap-based buffer overflow vulnerability in the SOCKS5 proxy handshake in libcurl...

WMIExec - Set Of Python Scripts Which Perform Different Ways Of Command Execution Via WMI Protocol

Set of python scripts which perform different ways of command execution via WMI protocol. Blog Post https://whiteknightlabs.com/2023/06/26/navigating-stealthy-wmi-lateral-movement/ Usage wmiexecscheduledjob.py Is a python script which authenticates to a remote WMI instance and execute commands vi...

Path traversal

An executable used in Rockwell Automation ThinManager ThinServer can be configured to enable an API feature in the HTTPS Server Settings. This feature is disabled by default. When the API is enabled and handling requests, a path traversal vulnerability exists that allows a remote actor to leverag...

CVE-2023-2913 Rockwell Automation ThinManager ThinServer Path Traversal Vulnerability

An executable used in Rockwell Automation ThinManager ThinServer can be configured to enable an API feature in the HTTPS Server Settings. This feature is disabled by default. When the API is enabled and handling requests, a path traversal vulnerability exists that allows a remote actor to leverag...

HTTPS Fetch, Linux Command Shell, Bind TCP Random Port Inline

Fetch and execute an x86 payload from an HTTPS server. Listen for a connection in a random port and spawn a command shell. Use nmap to discover the open port: 'nmap -sS target -p-'. Module Options msf use payload/cmd/linux/https/x86/shellbindtcprandomport msf payloadshellbindtcprandomport show...

HTTPS Fetch, Linux Command Shell, Bind TCP Stager with UUID Support (Linux x86)

Fetch and execute an x86 payload from an HTTPS server. Spawn a command shell staged. Listen for a connection with UUID Support Linux x86 Module Options msf use payload/cmd/linux/https/x86/shell/bindtcpuuid msf payloadbindtcpuuid show actions ...actions... msf payloadbindtcpuuid set ACTION msf...

HTTPS Fetch, Linux Read File

Fetch and execute an x86 payload from an HTTPS server. Read up to 4096 bytes from the local file system and write it back out to the specified file descriptor Module Options msf use payload/cmd/linux/https/x86/readfile msf payloadreadfile show actions ...actions... msf payloadreadfile set ACTION...

HTTPS Fetch, Linux Command Shell, Find Tag Stager

Fetch and execute an x86 payload from an HTTPS server. Spawn a command shell staged. Use an established connection Module Options msf use payload/cmd/linux/https/x86/shell/findtag msf payloadfindtag show actions ...actions... msf payloadfindtag set ACTION msf payloadfindtag show options ...show a...

HTTPS Fetch, Linux Execute Command

Fetch and execute an x86 payload from an HTTPS server. Execute an arbitrary command or just a /bin/sh shell Module Options msf use payload/cmd/linux/https/x86/exec msf payloadexec show actions ...actions... msf payloadexec set ACTION msf payloadexec show options ...show and set options... msf...

HTTPS Fetch, Linux Meterpreter Service, Bind TCP

Fetch and execute an x86 payload from an HTTPS server. Stub payload for interacting with a Meterpreter Service Module Options msf use payload/cmd/linux/https/x86/metsvcbindtcp msf payloadmetsvcbindtcp show actions ...actions... msf payloadmetsvcbindtcp set ACTION msf payloadmetsvcbindtcp show...

HTTPS Fetch, Bind TCP Stager

Fetch and execute an x86 payload from an HTTPS server. Listen for a connection Module Options msf use payload/cmd/linux/https/x86/meterpreter/bindnonxtcp msf payloadbindnonxtcp show actions ...actions... msf payloadbindnonxtcp set ACTION msf payloadbindnonxtcp show options ...show and set...

HTTPS Fetch, Generic x86 Debug Trap

Fetch and execute an x86 payload from an HTTPS server. Generate a debug trap in the target process Module Options msf use payload/cmd/linux/https/x86/generic/debugtrap msf payloaddebugtrap show actions ...actions... msf payloaddebugtrap set ACTION msf payloaddebugtrap show options ...show and set...

HTTPS Fetch, Linux Command Shell, Reverse TCP Stager

Fetch and execute an x86 payload from an HTTPS server. Spawn a command shell staged. Connect back to the attacker Module Options msf use payload/cmd/linux/https/x86/shell/reversetcp msf payloadreversetcp show actions ...actions... msf payloadreversetcp set ACTION msf payloadreversetcp show option...

HTTPS Fetch, Reverse TCP Stager (IPv6)

Fetch and execute an x86 payload from an HTTPS server. Connect back to attacker over IPv6 Module Options msf use payload/cmd/linux/https/x86/meterpreter/reverseipv6tcp msf payloadreverseipv6tcp show actions ...actions... msf payloadreverseipv6tcp set ACTION msf payloadreverseipv6tcp show options...

HTTPS Fetch, Bind TCP Stager (Linux x86)

Fetch and execute an x86 payload from an HTTPS server. Listen for a connection Linux x86 Module Options msf use payload/cmd/linux/https/x86/meterpreter/bindtcp msf payloadbindtcp show actions ...actions... msf payloadbindtcp set ACTION msf payloadbindtcp show options ...show and set options... ms...

HTTPS Fetch, Linux Command Shell, Bind TCP Inline

Fetch and execute an x86 payload from an HTTPS server. Listen for a connection and spawn a command shell Module Options msf use payload/cmd/linux/https/x86/shellbindtcp msf payloadshellbindtcp show actions ...actions... msf payloadshellbindtcp set ACTION msf payloadshellbindtcp show options ...sh...

HTTPS Fetch, Linux Add User

Fetch and execute an x86 payload from an HTTPS server. Create a new user with UID 0 Module Options msf use payload/cmd/linux/https/x86/adduser msf payloadadduser show actions ...actions... msf payloadadduser set ACTION msf payloadadduser show options ...show and set options... msf payloadadduser...

HTTPS Fetch, Windows Meterpreter Shell, Bind Named Pipe Inline (x64)

Fetch and execute an x64 payload from an HTTPS server. Connect to victim and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. Module Options msf use payload/cmd/windows/https/x64/meterpreterbindnamedpipe msf payloadmeterpreterbindnamedpipe show actions ...actions... msf...