Add missing ranks #8169
Merged
Add missing ranks #8169
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
../exec_shellcode.rb Rank = Great This exploit is missing autodetection and version checks, but should be ranked Great due to high number of possible targets ../cfme_manageiq_evm_upload_exec.rb Rank = Great This exploit implements a check to assess target availability, and the vulnerability does not require any user action ../dlink_dcs_930l_authenticated_remote_command_execution Rank = Excellent Exploit utilizes command injection ../efw_chpasswd_exec Rank = Excellent Exploit utilizes command injection ../foreman_openstack_satellite_code_exec Rank = Excellent Exploit utilizes code injection ../nginx_chunked_size Rank = Great Exploit has explicit targets with nginx version auto-detection ../tp_link_sc2020n_authenticated_telnet_injection Rank = Excellent See dlink_dcs_930l_authenticated_remote_command_execution, exploit uses OS Command Injection ../hp_smhstart Rank = Average Must be specific user to exploit, no autodetection, specific versions only
|
a lot of those are command execution modules and correct with the excellent ranking. I think exec_shellcode and cfme_manageiq_evm_upload_exec should be excellent as well since its just code exec I think hp_smhstart i think can be normal. |
../exec_shellcode.rb Rank Great -> Excellent ../cfme_manageiq_evm_upload_exec.rb Rank Great -> Excellent ../hp_smhstart.rb Rank Average -> Normal
|
Hi h00die! I've made the changes to the files - verification remains the same :) Please tell me if there's anything else preventing a merge! |
Release NotesExploit rankings have been added for 8 modules. |
|
@farkwun thanks for the submission, and all the explanations you added! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR hopes to resolve some of the missing exploit module rankings as per #7923
I've also included a few lines of justification for each ranking - tell me if I'm off the mark!
../exec_shellcode.rb
Rank = Great
This exploit is missing autodetection and version checks,
but should be ranked Great due to high number of possible targets
../cfme_manageiq_evm_upload_exec.rb
Rank = Great
This exploit implements a check to assess target availability,
and the vulnerability does not require any user action
../dlink_dcs_930l_authenticated_remote_command_execution
Rank = Excellent
Exploit utilizes command injection
../efw_chpasswd_exec
Rank = Excellent
Exploit utilizes command injection
../foreman_openstack_satellite_code_exec
Rank = Excellent
Exploit utilizes code injection
../nginx_chunked_size
Rank = Great
Exploit has explicit targets with nginx version auto-detection
../tp_link_sc2020n_authenticated_telnet_injection
Rank = Excellent
See dlink_dcs_930l_authenticated_remote_command_execution,
exploit uses OS Command Injection
../hp_smhstart
Rank = Average
Must be specific user to exploit, no autodetection,
specific versions only
Verification