enable MeterpreterTryToFork by default for aerohive_netconfig_lfi_log_poison_rce #16735
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
💯 |
|
@ErikWynter thanks for circling back around to this and making improvements, we appreciate it. |
Release NotesThis change sets the MeterpreterTryToFork advanced payload option to true by default for the Linux target in the aerohive_netconfig_lfi_log_poison_rce module to prevent the application from hanging once exploited. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
About
This change sets the
MeterpreterTryToForkadvanced payload option to true by default for the Linux target in theaerohive_netconfig_lfi_log_poison_rcemodule. It also updates the documentation to reflect this.Justification
When this module was originally added in #15700, it was suggested during code review that enabling
MeterpreterTryToForkcould possibly prevent the target app from hanging whenever a shell was obtained. At the time, I was unable to test this. so this option was only mentioned as a suggestion in the documentation. However, since then I have successfully tested this module withMeterpreterTryToForkenabled against about a dozen different target apps. Setting this option consistently prevented the app from hanging, while no side effects were observed. I have not saved spool files from these sessions because the difference was not observable in the spool files, other than that the option was shown to be enabled.