Skip to content

Commit 422acd3

Browse files
msjenkins-r7msjenkins-r7
committed
automatic module_metadata_base.json update
1 parent 6e9e4a5 commit 422acd3

File tree

1 file changed

+63
-0
lines changed

1 file changed

+63
-0
lines changed

db/modules_metadata_base.json

Lines changed: 63 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -165454,6 +165454,69 @@
165454165454
"session_types": false,
165455165455
"needs_cleanup": null
165456165456
},
165457+
"exploit_windows/http/northstar_c2_xss_to_agent_rce": {
165458+
"name": "NorthStar C2 XSS to Agent RCE",
165459+
"fullname": "exploit/windows/http/northstar_c2_xss_to_agent_rce",
165460+
"aliases": [
165461+
165462+
],
165463+
"rank": 600,
165464+
"disclosure_date": "2024-03-12",
165465+
"type": "exploit",
165466+
"author": [
165467+
"h00die",
165468+
"chebuya"
165469+
],
165470+
"description": "NorthStar C2, prior to commit 7674a44 on March 11 2024, contains a vulnerability where the logs page is\n vulnerable to a stored xss.\n An unauthenticated user can simulate an agent registration to cause the XSS and take over a users session.\n With this access, it is then possible to run a new payload on all of the NorthStar C2 compromised hosts\n (agents), and kill the original agent.\n\n Successfully tested against NorthStar C2 commit e7fdce148b6a81516e8aa5e5e037acd082611f73 running on\n Ubuntu 22.04. The agent was running on Windows 10 19045.",
165471+
"references": [
165472+
"URL-https://blog.chebuya.com/posts/discovering-cve-2024-28741-remote-code-execution-on-northstar-c2-agents-via-pre-auth-stored-xss/",
165473+
"URL-https://github.com/chebuya/CVE-2024-28741-northstar-agent-rce-poc",
165474+
"URL-https://github.com/EnginDemirbilek/NorthStarC2/commit/7674a4457fca83058a157c03aa7bccd02f4a213c",
165475+
"CVE-2024-28741"
165476+
],
165477+
"platform": "Windows",
165478+
"arch": "cmd",
165479+
"rport": 80,
165480+
"autofilter_ports": [
165481+
80,
165482+
8080,
165483+
443,
165484+
8000,
165485+
8888,
165486+
8880,
165487+
8008,
165488+
3000,
165489+
8443
165490+
],
165491+
"autofilter_services": [
165492+
"http",
165493+
"https"
165494+
],
165495+
"targets": [
165496+
"Automatic Target"
165497+
],
165498+
"mod_time": "2024-04-24 16:54:58 +0000",
165499+
"path": "/modules/exploits/windows/http/northstar_c2_xss_to_agent_rce.rb",
165500+
"is_install_path": true,
165501+
"ref_name": "windows/http/northstar_c2_xss_to_agent_rce",
165502+
"check": true,
165503+
"post_auth": false,
165504+
"default_credential": false,
165505+
"notes": {
165506+
"Stability": [
165507+
"crash-safe"
165508+
],
165509+
"Reliability": [
165510+
"event-dependent"
165511+
],
165512+
"SideEffects": [
165513+
"ioc-in-logs",
165514+
"artifacts-on-disk"
165515+
]
165516+
},
165517+
"session_types": false,
165518+
"needs_cleanup": null
165519+
},
165457165520
"exploit_windows/http/novell_imanager_upload": {
165458165521
"name": "Novell iManager getMultiPartParameters Arbitrary File Upload",
165459165522
"fullname": "exploit/windows/http/novell_imanager_upload",

0 commit comments

Comments
 (0)