HomeMalware & ThreatsPrivilege Escalation Vulnerability in Kemp LoadMaster Local Sudo

Privilege Escalation Vulnerability in Kemp LoadMaster Local Sudo

Published on

spot_img

The module mentioned in the news article is a Metasploit exploit module that targets a vulnerability in the Progress Kemp LoadMaster device. The vulnerability allows for a local sudo privilege escalation, which can be exploited to execute arbitrary commands with elevated privileges.

The module takes advantage of a feature in the sudo command on the LoadMaster device, where certain binary files are allowed to automatically elevate when invoked through sudo. This elevation is based on the file name, and some of these files are not protected from being overwritten by the default ‘bal’ user. By overwriting a specific binary file, such as the /bin/loadkeys file, with a malicious executable, an attacker can gain elevated privileges on the system.

The module was created by Dave Yesland with Rhino Security Labs and bwatters-r7. It is designed to overwrite the target binary file with a payload that grants the attacker the necessary privileges to carry out malicious activities on the compromised system. The module is classified as having an Excellent Ranking in terms of its effectiveness and impact.

The exploit module includes a check function that looks for specific indicators on the target system to determine if it is a Kemp product vulnerable to this exploit. If the indicators are found, the module proceeds with the exploit, otherwise, it returns a safe status.

The module provides two main functions for executing the exploit: execute_dropper and execute_command. The execute_dropper function is used to write a payload to a temporary file, move it to the target binary file, and then execute the target binary with elevated privileges using sudo. On the other hand, the execute_command function is used to execute a specified command with elevated privileges by copying /bin/bash to the target binary file and then running the command through sudo.

During the exploit process, the module ensures that the target binary file is successfully overwritten with the payload and that the original contents are restored after the exploit is completed. This is done to cover any tracks and avoid detection by the target system’s security mechanisms.

In conclusion, the Metasploit exploit module for the Kemp LoadMaster local sudo privilege escalation vulnerability provides attackers with a powerful tool to escalate their privileges on compromised systems. It is essential for users of Kemp LoadMaster devices to apply security patches and updates to prevent such exploits from being successful and to maintain the security of their systems.

Source link

Latest articles

India and Estonia Form Cyber Security Partnership to Address Risks Posed by Chinese Hackers

India and Estonia, two countries with different strengths in the field of cybersecurity, are...

93% of vulnerabilities remain unanalyzed by NVD since February

The recent slowdown at the National Vulnerability Database has caused a backlog of 93%...

CyberArk Embraces Machine Identity with Venafi Deal

The recent trend in cyber attacks has shifted to targeting machine identities in addition...

ShrinkLocker: Turning BitLocker into ransomware – Source: securelist.com

In a recent incident response engagement, a clever technique involving the misuse of the...

More like this

India and Estonia Form Cyber Security Partnership to Address Risks Posed by Chinese Hackers

India and Estonia, two countries with different strengths in the field of cybersecurity, are...

93% of vulnerabilities remain unanalyzed by NVD since February

The recent slowdown at the National Vulnerability Database has caused a backlog of 93%...

CyberArk Embraces Machine Identity with Venafi Deal

The recent trend in cyber attacks has shifted to targeting machine identities in addition...
en_USEnglish