Refactoring SPIP Modules for Windows Compatibility and Incorporating SPIP Mixin #19406
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
jvoisin
reviewed
Aug 22, 2024
|
I've landed #19401 if you'd like to rebase this PR |
|
Hi everyone, I've run into some issues with the commit history in this PR, and I'm not sure how to resolve it cleanly. To avoid any confusion and to ensure the changes are properly submitted, I'm going to close this PR and open a new one with a clean history. Thanks for your understanding, and sorry for the inconvenience! |
<=v2.6.3 == <v2.8.1
…-5932 - Completely overhauled the method for exploiting the GiveWP plugin by removing dependency on the REST API, which may require authentication. - Instead, we now use the admin-ajax.php endpoint for retrieving form lists and nonce values, ensuring compatibility even when REST API authentication is required. - The exploit now works with all form types; however, the give_price_id and give_amount must be set to '0' and '0.00', respectively, as attempts to randomize these values caused the exploit to fail.
Co-authored-by: Julien Voisin <[email protected]>
Co-authored-by: Julien Voisin <[email protected]>
Based on some old notes that I never bothered to upstream into metasploit.
1. Add a couple of missing architectures 2. Use `read_file` instead of `cmd_exec + cat` 2. Use File.… instead of `cmd_exec` and `test`
…a_auth_bypass_rce.md
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Hello Metasploit Team,
I am currently working on refactoring the SPIP modules to ensure they are compatible with Windows and also adapting them to the new module syntax. The goal is to enhance integration and improve cross-platform compatibility.
Modules:
exploit/multi/http/spip_rce_form(Moved fromexploit/unix/webapp)exploit/unix/webapp/spip_connect_exec(Moved fromexploit/unix/webapp)exploit/multi/http/spip_porte_plume_previsu_rce(Missing the mixin only)Additionally, I would greatly appreciate it if @jvoisin's pull request regarding the SPIP mixin could be merged, as it would allow us to refactor all SPIP modules to use the mixin consistently.
For now, I'm marking this PR as a draft because I'm still actively working on these changes.