Vagrant Synced Folder Vagrantfile Breakout
This Metasploit module exploits a default Vagrant synced folder (shared
folder) to append a Ruby payload to the Vagrant project Vagrantfile config file. By default, unless a Vagrant project explicitly disables shared
folders, Vagrant mounts the project directory on the host as a writable
vagrant directory on the guest virtual machine. This directory includes
the project Vagrantfile configuration file. Ruby code within the
Vagrantfile is loaded and executed when a user runs any vagrant command
from the project directory on the host, leading to execution of Ruby code
on the host.
https://packetstormsecurity.com/files/169533/vagrant_synced_folder_vagrantfile_ breakout.rb.txt
Thu, 27 Oct 2022 12:53:18 GMT
________________________________
--- The information is for inforamtional purposes only.
* Origin: Read us with
http://winpoint.org JID:
rs@captflint.com