diff --git a/db/modules_metadata_base.json b/db/modules_metadata_base.json index a29d9a6ee7b7..ef6895650c4f 100644 --- a/db/modules_metadata_base.json +++ b/db/modules_metadata_base.json @@ -127524,6 +127524,67 @@ "session_types": false, "needs_cleanup": null }, + "exploit_unix/webapp/byob_unauth_rce": { + "name": "BYOB Unauthenticated RCE via Arbitrary File Write and Command Injection (CVE-2024-45256, CVE-2024-45257)", + "fullname": "exploit/unix/webapp/byob_unauth_rce", + "aliases": [ + + ], + "rank": 600, + "disclosure_date": "2024-08-15", + "type": "exploit", + "author": [ + "chebuya", + "Valentin Lobstein" + ], + "description": "This module exploits two vulnerabilities in the BYOB (Build Your Own Botnet) web GUI:\n 1. CVE-2024-45256: Unauthenticated arbitrary file write that allows modification of the SQLite database, adding a new admin user.\n 2. CVE-2024-45257: Authenticated command injection in the payload generation page.\n\n These vulnerabilities remain unpatched.", + "references": [ + "CVE-2024-45256", + "CVE-2024-45257", + "URL-https://blog.chebuya.com/posts/unauthenticated-remote-command-execution-on-byob/" + ], + "platform": "Linux,Unix", + "arch": "ARCH_CMD", + "rport": 80, + "autofilter_ports": [ + 80, + 8080, + 443, + 8000, + 8888, + 8880, + 8008, + 3000, + 8443 + ], + "autofilter_services": [ + "http", + "https" + ], + "targets": [ + "Unix/Linux Command Shell" + ], + "mod_time": "2024-10-14 11:46:53 +0000", + "path": "/modules/exploits/unix/webapp/byob_unauth_rce.rb", + "is_install_path": true, + "ref_name": "unix/webapp/byob_unauth_rce", + "check": true, + "post_auth": false, + "default_credential": false, + "notes": { + "Stability": [ + "crash-safe" + ], + "SideEffects": [ + "ioc-in-logs" + ], + "Reliability": [ + "repeatable-session" + ] + }, + "session_types": false, + "needs_cleanup": null + }, "exploit_unix/webapp/cacti_graphimage_exec": { "name": "Cacti graph_view.php Remote Command Execution", "fullname": "exploit/unix/webapp/cacti_graphimage_exec",