automatic module_metadata_base.json update

hwpplayers · May 21, 2024 · 422acd3 · 422acd3
1 parent 6e9e4a5
commit 422acd3
Showing 1 changed file with 63 additions and 0 deletions.
diff --git a/db/modules_metadata_base.json b/db/modules_metadata_base.json
@@ -165454,6 +165454,69 @@
     "session_types": false,
     "needs_cleanup": null
   },
+  "exploit_windows/http/northstar_c2_xss_to_agent_rce": {
+    "name": "NorthStar C2 XSS to Agent RCE",
+    "fullname": "exploit/windows/http/northstar_c2_xss_to_agent_rce",
+    "aliases": [
+
+    ],
+    "rank": 600,
+    "disclosure_date": "2024-03-12",
+    "type": "exploit",
+    "author": [
+      "h00die",
+      "chebuya"
+    ],
+    "description": "NorthStar C2, prior to commit 7674a44 on March 11 2024, contains a vulnerability where the logs page is\n          vulnerable to a stored xss.\n          An unauthenticated user can simulate an agent registration to cause the XSS and take over a users session.\n          With this access, it is then possible to run a new payload on all of the NorthStar C2 compromised hosts\n          (agents), and kill the original agent.\n\n          Successfully tested against NorthStar C2 commit e7fdce148b6a81516e8aa5e5e037acd082611f73 running on\n          Ubuntu 22.04. The agent was running on Windows 10 19045.",
+    "references": [
+      "URL-https://blog.chebuya.com/posts/discovering-cve-2024-28741-remote-code-execution-on-northstar-c2-agents-via-pre-auth-stored-xss/",
+      "URL-https://github.com/chebuya/CVE-2024-28741-northstar-agent-rce-poc",
+      "URL-https://github.com/EnginDemirbilek/NorthStarC2/commit/7674a4457fca83058a157c03aa7bccd02f4a213c",
+      "CVE-2024-28741"
+    ],
+    "platform": "Windows",
+    "arch": "cmd",
+    "rport": 80,
+    "autofilter_ports": [
+      80,
+      8080,
+      443,
+      8000,
+      8888,
+      8880,
+      8008,
+      3000,
+      8443
+    ],
+    "autofilter_services": [
+      "http",
+      "https"
+    ],
+    "targets": [
+      "Automatic Target"
+    ],
+    "mod_time": "2024-04-24 16:54:58 +0000",
+    "path": "/modules/exploits/windows/http/northstar_c2_xss_to_agent_rce.rb",
+    "is_install_path": true,
+    "ref_name": "windows/http/northstar_c2_xss_to_agent_rce",
+    "check": true,
+    "post_auth": false,
+    "default_credential": false,
+    "notes": {
+      "Stability": [
+        "crash-safe"
+      ],
+      "Reliability": [
+        "event-dependent"
+      ],
+      "SideEffects": [
+        "ioc-in-logs",
+        "artifacts-on-disk"
+      ]
+    },
+    "session_types": false,
+    "needs_cleanup": null
+  },
   "exploit_windows/http/novell_imanager_upload": {
     "name": "Novell iManager getMultiPartParameters Arbitrary File Upload",
     "fullname": "exploit/windows/http/novell_imanager_upload",