filmov
tv
Metasploit Demo Meeting 2020-07-14
Показать описание
The Rapid7 Metasploit development team discusses (and demonstrates!) ongoing Metasploit work and features during their bimonthly sprint meeting, including the following NEW modules:
* Netgear R6700v3 Unauthenticated LAN Admin Password Reset to RCE (CVE-2020-10923, ZDI-20-0703, CVE-2020-10924, ZDI-20-704)
* F5 BIG-IP TMUI Directory Traversal and File Upload to RCE (CVE-2020-5902)
* AnyDesk GUI Format String Write RCE (CVE-2020-13160)
* ATutor 2.2.4 - Directory Traversal Remote Code Execution (CVE-2019-12169)
* Bolt CMS 3.7.0 - Authenticated Remote Code Execution
* openSIS Unauthenticated PHP Code Execution (CVE-2020-13383)
* FortiMail Unauthenticated Login Bypass Scanner (CVE-2020-9294)
* Directory Traversal in Spring Cloud Config Server (CVE-2020-5410)
Also included in this recording are demonstrations of the NETGEAR, F5 BIG-IP, AnyDesk, and ATutor modules, plus our new msfconsole command: 'debug'. Check 'em out!
And there's some enhancements and bug fixes we cover, too!
* Netgear R6700v3 Unauthenticated LAN Admin Password Reset to RCE (CVE-2020-10923, ZDI-20-0703, CVE-2020-10924, ZDI-20-704)
* F5 BIG-IP TMUI Directory Traversal and File Upload to RCE (CVE-2020-5902)
* AnyDesk GUI Format String Write RCE (CVE-2020-13160)
* ATutor 2.2.4 - Directory Traversal Remote Code Execution (CVE-2019-12169)
* Bolt CMS 3.7.0 - Authenticated Remote Code Execution
* openSIS Unauthenticated PHP Code Execution (CVE-2020-13383)
* FortiMail Unauthenticated Login Bypass Scanner (CVE-2020-9294)
* Directory Traversal in Spring Cloud Config Server (CVE-2020-5410)
Also included in this recording are demonstrations of the NETGEAR, F5 BIG-IP, AnyDesk, and ATutor modules, plus our new msfconsole command: 'debug'. Check 'em out!
And there's some enhancements and bug fixes we cover, too!
0:27:05
0:27:53
0:19:16
0:20:31
0:28:05
0:19:15
0:38:51
0:15:37
0:34:37
0:18:31
0:24:51
0:33:16
0:42:30
0:28:16
0:18:26
0:22:56
0:10:03
0:34:49
0:00:29
0:04:22
2:48:33
0:04:24
0:06:53
0:04:32