Showing 1 - 2 of 2

CVE-2024-28741

Status Candidate

Overview

Cross Site Scripting vulnerability in EginDemirbilek NorthStar C2 v1 allows a remote attacker to execute arbitrary code via the login.php component.

NorthStar C2 Cross Site Scripting / Code Execution: Posted May 22, 2024; Authored by h00die, chebuya | Site metasploit.com; NorthStar C2, prior to commit 7674a44 on March 11 2024, contains a vulnerability where the logs page is vulnerable to a stored cross site scripting issue. An unauthenticated user can simulate an agent registration to cause the cross site scripting attack and take over a users session. With this access, it is then possible to run a new payload on all of the NorthStar C2 compromised hosts (agents), and kill the original agent. Successfully tested against NorthStar C2 commit e7fdce148b6a81516e8aa5e5e037acd082611f73 running on Ubuntu 22.04. The agent was running on Windows 10 19045.; tags | exploit, xss; systems | linux, windows, ubuntu; advisories | CVE-2024-28741; SHA-256 | e5fdc1eb511aee9e0ced55911325ab4ed7c9efe59d20347fc192d3a17a7fa844; Download | Favorite | View

NorthStar C2 Agent 1.0 Cross Site Scripting / Remote Command Execution: Posted Mar 12, 2024; Authored by chebuya; NorthStar C2 agent version 1.0 applies insufficient sanitization on agent registration routes, allowing an unauthenticated attacker to send multiple malicious agent registration requests to the teamserver to incrementally build a functioning javascript payload in the logs web page. This cross site scripting payload can be leveraged to execute commands on NorthStar C2 agents.; tags | exploit, web, javascript, xss; advisories | CVE-2024-28741; SHA-256 | e3d03b1bb5d42cd9ee527169a57dc6bfa52c6c6b50d4e1a990a6c9443e01b3b1; Download | Favorite | View

Page 1 of 1 Back 1 Next