automatic module_metadata_base.json update

GSoC/Meterpreter_Web_Console
Metasploit 2018-11-29 12:08:37 -08:00
parent dec08a0b43
commit 7fb0c04360
No known key found for this signature in database
GPG Key ID: CDFB5FA52007B954
1 changed files with 58 additions and 0 deletions

View File

@ -51510,6 +51510,64 @@
"notes": {
}
},
"exploit_linux/http/spark_unauth_rce": {
"name": "Apache Spark Unauthenticated Command Execution",
"full_name": "exploit/linux/http/spark_unauth_rce",
"rank": 600,
"disclosure_date": "2017-12-12",
"type": "exploit",
"author": [
"aRe00t",
"Green-m <greenm.xxoo@gmail.com>"
],
"description": "This module exploits an unauthenticated command execution vulnerability in Apache Spark with standalone cluster mode through REST API.\n It uses the function CreateSubmissionRequest to submit a malious java class and trigger it.",
"references": [
"URL-https://www.jianshu.com/p/a080cb323832",
"URL-https://github.com/vulhub/vulhub/tree/master/spark/unacc"
],
"is_server": false,
"is_client": true,
"platform": "Java",
"arch": "java",
"rport": 6066,
"autofilter_ports": [
80,
8080,
443,
8000,
8888,
8880,
8008,
3000,
8443
],
"autofilter_services": [
"http",
"https"
],
"targets": [
"Automatic"
],
"mod_time": "2018-11-29 10:05:47 +0000",
"path": "/modules/exploits/linux/http/spark_unauth_rce.rb",
"is_install_path": true,
"ref_name": "linux/http/spark_unauth_rce",
"check": true,
"post_auth": false,
"default_credential": false,
"notes": {
"SideEffects": [
"artifacts-on-disk",
"ioc-in-logs"
],
"Stability": [
"crash-safe"
],
"Reliability": [
"repeatable-session"
]
}
},
"exploit_linux/http/supervisor_xmlrpc_exec": {
"name": "Supervisor XML-RPC Authenticated Remote Code Execution",
"full_name": "exploit/linux/http/supervisor_xmlrpc_exec",