Rancher Modules This week, Metasploit community member h00die added the second of two modules targeting Rancher instances. These modules each leak sensitive information from vulnerable instances of the application which is intended to manage Kubernetes clusters. These are a great addition to Metasploit’s coverage for testing Kubernetes environments. PAN-OS RCE Metasploit also released an exploit for the unauthenticated RCE in PAN-OS that has been receiving a lot of attention recently. This vulnerability is an unauthenticated file creation that can be leveraged to trigger the execution of remote commands. See Rapid7’s analysis on AttackerKB for an in depth explanation of the root cause. New module content (8) Rancher Authenticated API Credential Exposure Authors: Florian Struck, Marco Stuurman, and h00die Type: Auxiliary Pull request: #18956 contributed by h00die Path: gather/rancher_authenticated_api_cred_exposure AttackerKB reference: CVE-2021-36782 Description: This adds an exploit for CVE-2021-36782, a vulnerability which can be leveraged by an authenticated attacker to leak API credentials from an affected Rancher instance. Gitlab Version Scanner Author: Julien (jvoisin) Voisin Type: Auxiliary Pull request: #18723 contributed by jvoisin Path: scanner/http/gitlab_version Description: A web page exists that can be reached without authentication that contains a hash that can be used to determine the approximate version of gitlab running on the endpoint. This PR enhances…Read More