Weaponizing Perl Serialization Flaws with MetaSploit

Comments off | script By · 05/03/2023



Weaponizing Perl Serialization Flaws with MetaSploit

Weaponizing Perl Serialization Flaws with MetaSploit

Talk at the Houston Perl Mongers that walks through the weaponization of CVE-2015-1592 in MovableType.

The metasploit modules and payload generating source code is available here:

https://github.com/lightsey/cve-2015-1592

Final version merged to metasploit is here:

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/sixapart_movabletype_storable_exec.rb

53GB.COM GPTSTORE CPU Yougpt Gptsio Gpt-store-Nav