New module content (3)
update-motd.d Persistence
Author: Julien Voisin
Type: Exploit
Pull request: #19454 contributed by jvoisin
Path: linux/local/motd_persistence
Description: This adds a post module to keep persistence on a Linux target by writing a motd bash script triggered with root privileges every time a user logs into the system through SSH.
Wordpress LiteSpeed Cache plugin cookie theft
Authors: Rafie Muhammad and jheysel-r7
Type: Exploit
Pull request: #19457 contributed by jheysel-r7
Path: multi/http/wp_litespeed_cookie_theft
AttackerKB reference: CVE-2024-44000
Description: This adds an exploit module for a WordPress Plugin called LiteSpeed (CVE-2024-44000). On the vulnerable plugin, when the Debug Logs are enabled, it is possible to leak authentication cookies of logged in users, the msf module will use the stolen cookies to upload and execute a plugin able to spawn a meterpreter session.
Windows Kernel Time of Check Time of Use LPE in AuthzBasepCopyoutInternalSecurityAttributes
Authors: jheysel-r7 and tykawaii98
Type: Exploit
Pull request: #19345 contributed by jheysel-r7
Path: windows/local/cve_2024_30088_authz_basep
AttackerKB reference: CVE-2024-30038
Description: This adds a Windows LPE post module that exploits CVE-2024-30088. Once the ..
Support the originator by clicking the read the rest link below.
