Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix loadmaster privesc check method and refs #19810

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Fix loadmaster privesc check method and refs #19810

wants to merge 2 commits into from

Conversation

h00die
Copy link
Contributor

@h00die h00die commented Jan 16, 2025

linux/local/progress_kemp_loadmaster_sudo_privesc_2024 has 2 issues when running on a non-loadmaster device:

  1. CVE in URL isn't listed as CVE in references
  2. check method crashes if the files don't exist.
  3. While in there, also moved the prints into the returned check code

Pre

[msf](Jobs:2 Agents:1) exploit(linux/local/progress_kemp_loadmaster_sudo_privesc_2024) > recheck
[*] Reloading module...
[-] Failed to open file: /usr/wui/index.js: core_channel_open: Operation failed: 1
[-] Exploit failed: NoMethodError undefined method `include?' for nil:NilClass
[-] Check failed: The state could not be determined.

Post

[msf](Jobs:2 Agents:1) exploit(linux/local/progress_kemp_loadmaster_sudo_privesc_2024) > recheck
[*] Reloading module...
[*] The target is not exploitable. Found 0 indicators this is a KEMP product

@h00die h00die added the bug label Jan 16, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jvoisin jvoisin jvoisin approved these changes

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
bug
Projects
Metasploit Kanban
Status: Todo
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@h00die @jvoisin