automatic module_metadata_base.json update

rapid7 · Sep 8, 2023 · c7477ad · c7477ad
1 parent fdae495
commit c7477ad
Showing 1 changed file with 116 additions and 3 deletions.
diff --git a/db/modules_metadata_base.json b/db/modules_metadata_base.json
@@ -21651,6 +21651,119 @@
     "session_types": false,
     "needs_cleanup": false
   },
+  "auxiliary_gather/prometheus_api_gather": {
+    "name": "Prometheus API Information Gather",
+    "fullname": "auxiliary/gather/prometheus_api_gather",
+    "aliases": [
+
+    ],
+    "rank": 300,
+    "disclosure_date": "2016-07-01",
+    "type": "auxiliary",
+    "author": [
+      "h00die"
+    ],
+    "description": "This module utilizes Prometheus' API calls to gather information about\n          the server's configuration, and targets. Fields which may contain\n          credentials, or credential file names are then pulled out and printed.\n\n          Targets may have a wealth of information, this module will print the following\n          values when found:\n          __meta_gce_metadata_ssh_keys, __meta_gce_metadata_startup_script,\n          __meta_gce_metadata_kube_env, kubernetes_sd_configs,\n          _meta_kubernetes_pod_annotation_kubectl_kubernetes_io_last_applied_configuration,\n          __meta_ec2_tag_CreatedBy, __meta_ec2_tag_OwnedBy\n\n          Shodan search: \"http.favicon.hash:-1399433489\"",
+    "references": [
+      "URL-https://jfrog.com/blog/dont-let-prometheus-steal-your-fire/"
+    ],
+    "platform": "",
+    "arch": "",
+    "rport": 9090,
+    "autofilter_ports": [
+      80,
+      8080,
+      443,
+      8000,
+      8888,
+      8880,
+      8008,
+      3000,
+      8443
+    ],
+    "autofilter_services": [
+      "http",
+      "https"
+    ],
+    "targets": null,
+    "mod_time": "2023-08-15 18:04:59 +0000",
+    "path": "/modules/auxiliary/gather/prometheus_api_gather.rb",
+    "is_install_path": true,
+    "ref_name": "gather/prometheus_api_gather",
+    "check": false,
+    "post_auth": false,
+    "default_credential": false,
+    "notes": {
+      "Stability": [
+        "crash-safe"
+      ],
+      "Reliability": [
+
+      ],
+      "SideEffects": [
+        "ioc-in-logs"
+      ]
+    },
+    "session_types": false,
+    "needs_cleanup": false
+  },
+  "auxiliary_gather/prometheus_node_exporter_gather": {
+    "name": "Prometheus Node Exporter And Windows Exporter Information Gather",
+    "fullname": "auxiliary/gather/prometheus_node_exporter_gather",
+    "aliases": [
+
+    ],
+    "rank": 300,
+    "disclosure_date": "2013-04-18",
+    "type": "auxiliary",
+    "author": [
+      "h00die"
+    ],
+    "description": "This modules connects to a Prometheus Node Exporter or Windows Exporter service\n          and gathers information about the host.\n\n          Tested against Docker image 1.6.1, Linux 1.6.1, and Windows 0.23.1",
+    "references": [
+      "URL-https://github.com/prometheus/node_exporter",
+      "URL-https://sysdig.com/blog/exposed-prometheus-exploit-kubernetes-kubeconeu/"
+    ],
+    "platform": "",
+    "arch": "",
+    "rport": 9100,
+    "autofilter_ports": [
+      80,
+      8080,
+      443,
+      8000,
+      8888,
+      8880,
+      8008,
+      3000,
+      8443
+    ],
+    "autofilter_services": [
+      "http",
+      "https"
+    ],
+    "targets": null,
+    "mod_time": "2023-08-15 15:55:23 +0000",
+    "path": "/modules/auxiliary/gather/prometheus_node_exporter_gather.rb",
+    "is_install_path": true,
+    "ref_name": "gather/prometheus_node_exporter_gather",
+    "check": false,
+    "post_auth": false,
+    "default_credential": false,
+    "notes": {
+      "Stability": [
+        "crash-safe"
+      ],
+      "Reliability": [
+
+      ],
+      "SideEffects": [
+        "ioc-in-logs"
+      ]
+    },
+    "session_types": false,
+    "needs_cleanup": false
+  },
   "auxiliary_gather/pulse_secure_file_disclosure": {
     "name": "Pulse Secure VPN Arbitrary File Disclosure",
     "fullname": "auxiliary/gather/pulse_secure_file_disclosure",
@@ -160461,7 +160574,7 @@
       "TheWack0lian",
       "OJ Reeves"
     ],
-    "description": "This module abuses the Capcom.sys kernel driver's function that allows for an\n            arbitrary function to be executed in the kernel from user land. This function\n            purposely disables SMEP prior to invoking a function given by the caller.\n            This has been tested on Windows 7, 8.1 and Windows 10 (x64).",
+    "description": "This module abuses the Capcom.sys kernel driver's function that allows for an\n            arbitrary function to be executed in the kernel from user land. This function\n            purposely disables SMEP prior to invoking a function given by the caller.\n            This has been tested on Windows 7, 8.1, 10 (x64) and Windows 11 (x64) upto build 22000.194.\n            Note that builds after 22000.194 contain deny lists that prevent this driver from loading.",
     "references": [
       "URL-https://twitter.com/TheWack0lian/status/779397840762245124"
     ],
@@ -160475,9 +160588,9 @@
 
     ],
     "targets": [
-      "Windows x64 (<= 10)"
+      "Windows x64"
     ],
-    "mod_time": "2023-05-25 12:45:30 +0000",
+    "mod_time": "2023-09-08 13:05:44 +0000",
     "path": "/modules/exploits/windows/local/capcom_sys_exec.rb",
     "is_install_path": true,
     "ref_name": "windows/local/capcom_sys_exec",