automatic module_metadata_base.json update

db/modules_metadata_base.json

@@ -67016,6 +67016,43 @@
     "notes": {
     }
   },
+  "exploit_multi/misc/bmc_patrol_cmd_exec": {
+    "name": "BMC Patrol Agent Privilege Escalation Cmd Execution",
+    "full_name": "exploit/multi/misc/bmc_patrol_cmd_exec",
+    "rank": 600,
+    "disclosure_date": "2019-01-17",
+    "type": "exploit",
+    "author": [
+      "b0yd"
+    ],
+    "description": "This module leverages the remote command execution feature provided by\n        the BMC Patrol Agent software. It can also be used to escalate privileges\n        on Windows hosts as the software runs as SYSTEM but only verfies that the password\n        of the provided user is correct. This also means if the software is running on a\n        domain controller, it can be used to escalate from a normal domain user to domain\n        admin as SYSTEM on a DC is DA. **WARNING** The windows version of this exploit uses\n        powershell to execute the payload. The powershell version tends to timeout on\n        the first run so it may take multiple tries.",
+    "references": [
+      "CVE-2018-20735",
+      "URL-https://www.securifera.com/blog/2018/12/17/bmc-patrol-agent-domain-user-to-domain-admin/"
+    ],
+    "platform": "Linux,Windows",
+    "arch": "",
+    "rport": 3181,
+    "autofilter_ports": [
+
+    ],
+    "autofilter_services": [
+
+    ],
+    "targets": [
+      "Windows Powershell Injected Shellcode",
+      "Generic Command Callback"
+    ],
+    "mod_time": "2019-03-09 12:22:04 +0000",
+    "path": "/modules/exploits/multi/misc/bmc_patrol_cmd_exec.rb",
+    "is_install_path": true,
+    "ref_name": "multi/misc/bmc_patrol_cmd_exec",
+    "check": false,
+    "post_auth": true,
+    "default_credential": true,
+    "notes": {
+    }
+  },
   "exploit_multi/misc/bmc_server_automation_rscd_nsh_rce": {
     "name": "BMC Server Automation RSCD Agent NSH Remote Command Execution",
     "full_name": "exploit/multi/misc/bmc_server_automation_rscd_nsh_rce",