This Metasploit module exploits a command injection vulnerability on WiFi Pineapples versions 2.0 and below and pineapple versions prior to 2.4. We use a combination of default credentials with a weakness in the anti-csrf generation to achieve command injection on fresh pineapple devices prior to configuration. Additionally if default credentials fail, you can enable a brute force solver for the proof-of-ownership challenge. This will reset the password to a known password if successful and may interrupt the user experience. These devices may typically be identified by their SSID beacons of ‘Pineapple5_….’; details derived from the TospoVirus, a WiFi Pineapple infecting worm.

This Metasploit module exploits a login/csrf check bypass vulnerability on WiFi Pineapples versions 2.0 and below and pineapple versions prior to 2.4. These devices may typically be identified by their SSID beacons of ‘Pineapple5_….’; Provided as part of the TospoVirus workshop at DEFCON23.

This Metasploit module exploits a vulnerability in the OpenNMS Java object which allows an unauthenticated attacker to run arbitrary code against the system.

Red Hat Security Advisory 2016-2077-01 – MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Galera is a synchronous multi-master cluster for MariaDB. Security Fix: It was discovered that the MySQL logging functionality allowed writing to MySQL configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server.

Debian Linux Security Advisory 3695-1 – It was discovered that the zebra daemon in the Quagga routing suite suffered from a stack-based buffer overflow when processing IPv6 Neighbor Discovery messages.