automatic module_metadata_base.json update

rapid7 · Jan 17, 2024 · 40c8c63 · 40c8c63
1 parent a8d46b3
commit 40c8c63
Showing 1 changed file with 157 additions and 0 deletions.
diff --git a/db/modules_metadata_base.json b/db/modules_metadata_base.json
@@ -82555,6 +82555,64 @@
 
     ]
   },
+  "exploit_linux/local/ansible_node_deployer": {
+    "name": "Ansible Agent Payload Deployer",
+    "fullname": "exploit/linux/local/ansible_node_deployer",
+    "aliases": [
+
+    ],
+    "rank": 400,
+    "disclosure_date": "2017-06-12",
+    "type": "exploit",
+    "author": [
+      "h00die",
+      "n0tty"
+    ],
+    "description": "This exploit module creates an ansible module for deployment to nodes in the network.\n          It creates a new yaml playbook which copies our payload, chmods it, then runs it on all\n          targets which have been selected (default all).",
+    "references": [
+      "URL-https://github.com/n0tty/Random-Hacking-Scripts/blob/master/pwnsible.sh",
+      "URL-https://web.archive.org/web/20180220031610/http://n0tty.github.io/2017/06/11/Enterprise-Offense-IT-Operations-Part-1"
+    ],
+    "platform": "Linux",
+    "arch": "x86, x64",
+    "rport": null,
+    "autofilter_ports": [
+
+    ],
+    "autofilter_services": [
+
+    ],
+    "targets": [
+      "Auto"
+    ],
+    "mod_time": "2024-01-15 17:18:49 +0000",
+    "path": "/modules/exploits/linux/local/ansible_node_deployer.rb",
+    "is_install_path": true,
+    "ref_name": "linux/local/ansible_node_deployer",
+    "check": true,
+    "post_auth": false,
+    "default_credential": false,
+    "notes": {
+      "Stability": [
+        "crash-safe"
+      ],
+      "Reliability": [
+        "repeatable-session"
+      ],
+      "SideEffects": [
+        "config-changes",
+        "artifacts-on-disk"
+      ]
+    },
+    "session_types": [
+      "shell",
+      "meterpreter"
+    ],
+    "needs_cleanup": true,
+    "actions": [
+
+    ]
+  },
   "exploit_linux/local/apport_abrt_chroot_priv_esc": {
     "name": "Apport / ABRT chroot Privilege Escalation",
     "fullname": "exploit/linux/local/apport_abrt_chroot_priv_esc",
@@ -244901,6 +244959,105 @@
 
     ]
   },
+  "post_linux/gather/ansible": {
+    "name": "Ansible Config Gather",
+    "fullname": "post/linux/gather/ansible",
+    "aliases": [
+
+    ],
+    "rank": 300,
+    "disclosure_date": null,
+    "type": "post",
+    "author": [
+      "h00die"
+    ],
+    "description": "This module will grab ansible information including hosts, ping status, and the configuration file.",
+    "references": [
+
+    ],
+    "platform": "Linux,Unix",
+    "arch": "",
+    "rport": null,
+    "autofilter_ports": null,
+    "autofilter_services": null,
+    "targets": null,
+    "mod_time": "2024-01-10 17:29:15 +0000",
+    "path": "/modules/post/linux/gather/ansible.rb",
+    "is_install_path": true,
+    "ref_name": "linux/gather/ansible",
+    "check": false,
+    "post_auth": false,
+    "default_credential": false,
+    "notes": {
+      "Stability": [
+        "crash-safe"
+      ],
+      "Reliability": [
+
+      ],
+      "SideEffects": [
+
+      ]
+    },
+    "session_types": [
+      "shell",
+      "meterpreter"
+    ],
+    "needs_cleanup": null,
+    "actions": [
+
+    ]
+  },
+  "post_linux/gather/ansible_playbook_error_message_file_reader": {
+    "name": "Ansible Playbook Error Message File Reader",
+    "fullname": "post/linux/gather/ansible_playbook_error_message_file_reader",
+    "aliases": [
+
+    ],
+    "rank": 300,
+    "disclosure_date": null,
+    "type": "post",
+    "author": [
+      "h00die",
+      "rioasmara"
+    ],
+    "description": "This module will read the first line of a file based on an error message from ansible-playbook with sudo privileges.\n          ansible-playbook takes a yaml file as input, and if there is an error, such as a non-yaml file, it outputs the line\n          where the error occurs. This can be exploited to read the first line of the file, which we'll typically want to read\n          /etc/shadow to obtain root's hash.",
+    "references": [
+      "URL-https://rioasmara.com/2022/03/21/ansible-playbook-weaponization/"
+    ],
+    "platform": "Linux,Unix",
+    "arch": "",
+    "rport": null,
+    "autofilter_ports": null,
+    "autofilter_services": null,
+    "targets": null,
+    "mod_time": "2024-01-15 17:18:49 +0000",
+    "path": "/modules/post/linux/gather/ansible_playbook_error_message_file_reader.rb",
+    "is_install_path": true,
+    "ref_name": "linux/gather/ansible_playbook_error_message_file_reader",
+    "check": false,
+    "post_auth": false,
+    "default_credential": false,
+    "notes": {
+      "Stability": [
+        "crash-safe"
+      ],
+      "Reliability": [
+
+      ],
+      "SideEffects": [
+
+      ]
+    },
+    "session_types": [
+      "shell",
+      "meterpreter"
+    ],
+    "needs_cleanup": null,
+    "actions": [
+
+    ]
+  },
   "post_linux/gather/apache_nifi_credentials": {
     "name": "Apache NiFi Credentials Gather",
     "fullname": "post/linux/gather/apache_nifi_credentials",