New module content (3)
ReDoc API Docs UI Exposed
Author: Hamza Sahin
Type: Auxiliary
Pull request: #20594 contributed by HamzaSahin61
Path: scanner/http/redoc_exposed
Description: Adds a module to detect publicly exposed ReDoc API documentation pages using read-only HTTP GET requests searching for common HTML markers.
NCR Command Center Agent Remote Code Execution
Authors: daffainfo (Muhammad Daffa) and jjcho (Jericho Nathanael Chrisnanta)
Type: Exploit Pull request: #20650 contributed by daffainfo
Path: windows/misc/ncr_cmcagent_rce
AttackerKB reference: CVE-2021-3122
Description: This adds a new unauthenticated remote code execution module to the NCR Command Center Agent. The module sends malicious XML containing the runCommand parameter, triggering the unauthenticated execution of a PowerShell payload.
Windows Persistent Startup Folder
Author: h00die
Type: Exploit
Pull request: #20662 contributed by h00die
Path: windows/persistence/startup_folder
Description: This adds a new persistence module for Windows - the startup folder. The module will drop the payload into the startup programs folder. The module can drop the payload into a folder for a specific user or the system, affecting all users.
Enhancements and features (3)
- #20631 from h00die - Moves the windows registry module into the persistence category and expands its capabilities by using the persistence mixin.
- #20648 from bcoles - This adds an additional set of credentials to be used by the exploit/apple_ios/ssh/cydia_default_ssh module.
- #20661 from mmacfadden - Add support for aarch64 payloads to exploit/multi/http/gitea_git_fetch_rce module.
Documentation
You can find the latest Metasploit documentation on our docsite at docs.metasploit.com.
Get it
As always, you can update to the latest Metasploit Framework with msfupdate and you can get more details on the changes since the last blog post from GitHub:
If you are a git user, you can clone the Metasploit Framework repo (master branch) for the latest. To install fresh without using git, you can use the open-source-only Nightly Installers or the commercial edition Metasploit Pro
- Metasploit
- Metasploit Weekly Wrapup