Commit Graph

26235 Commits (master)

Author SHA1 Message Date
Jacob Robles 147b9fef98
Land #11665, Add APT persistence module 2019-04-27 12:32:21 -05:00
Jacob Robles 1faa41aafe
Dont require hook name 2019-04-26 13:11:40 -05:00
Jacob Robles 3d7f498bfe
Land #11783, Allow RHOST option sid_brute 2019-04-26 09:49:48 -05:00
Jacob Robles c282547a0b
Land #11745, Add spring-cloud-config-server dir traversal 2019-04-26 09:35:37 -05:00
Jacob Robles f195c4bde3
Update payload cache sizes 2019-04-26 08:40:07 -05:00
Jacob Robles e173507869
Allow RHOST option 2019-04-26 08:36:32 -05:00
Jacob Robles 306b0fd2e7
Randomize application and profile 2019-04-26 07:15:39 -05:00
Jacob Robles 96cb5ce917
Update documentation 2019-04-26 06:57:57 -05:00
@shellfail c643436383
Update modules/exploits/linux/local/apt_package_manager_persistence.rb
Changed Disclosure Date format

Co-Authored-By: aringo <ringo.aaron@gmail.com>
2019-04-25 20:08:50 -05:00
Aaron Ringo 261a4271fa Updated some formatting as requested along with some rubocob requested 2019-04-25 16:15:00 -05:00
CFP 315d7f28c1
Replace `path` with `uri` to fix #11776 2019-04-25 23:08:19 +02:00
Aaron Ringo bd1113d53c Updated some formatting as requested along with some rubocob requested 2019-04-25 15:55:22 -05:00
Jacob Robles 39aae367a5
Land #11765, Update NUUO mixin, move code to Rex 2019-04-25 09:35:47 -05:00
@shellfail 49a14a588c
Update modules/auxiliary/scanner/http/springcloud_traversal.rb
Co-Authored-By: RootUp <mishra.dhiraj95@gmail.com>
2019-04-25 00:40:20 +04:00
@shellfail aae4e86b71
Update modules/auxiliary/scanner/http/springcloud_traversal.rb
Co-Authored-By: RootUp <mishra.dhiraj95@gmail.com>
2019-04-25 00:40:10 +04:00
Brent Cook 470255cb2b
Land #11769, make sure Notes fields show up in `info` 2019-04-24 13:01:07 -05:00
William Vu b05c6c7587 Rearrange notes in drupal_restws_unserialize 2019-04-24 11:41:30 -05:00
William Vu 97545ceb9d Clarify NOCVE reason for Wemo exploit 2019-04-24 11:39:34 -05:00
William Vu 94994aa519 Update modules with RelatedModules and realign 2019-04-24 11:34:42 -05:00
William Vu 00cebda89e Fix typo of "reliability" - wow, I suck 2019-04-24 11:14:06 -05:00
Jacob Robles b0498d0991
Update nuuo bruteforce module
Module was updated to use the changes
in the nuuo mixin
2019-04-24 07:01:42 -05:00
Brent Cook 0e2fb0fb12
Land #11730, add module for CVE-2018-20250
(RARLAB WinRAR ACE Format Input Validation Remote Code Execution)
2019-04-24 05:45:18 -05:00
Brent Cook 2242c1f758 prefer File.binread for reading binary file contents 2019-04-24 05:43:28 -05:00
Brent Cook 9793c839f2
Land #11764, update tested versions for xor_x11_suid_server module 2019-04-24 05:11:41 -05:00
Brent Cook 4137135ad4
Land #11737, store password from osx/gather/password_prompt_spoof 2019-04-24 05:06:20 -05:00
William Vu 30b8625885 Update Ghostscript/ImageMagick modules 2019-04-23 16:31:40 -05:00
Jacob Robles 0174d1dd7e
Update nuuo_cms_sqli
Use updated nuuo mixin/rex
2019-04-23 06:29:51 -05:00
Jacob Robles 5686319271
Update nuuo_cms_fu
Use the updated mixin/rex implementation
2019-04-23 06:28:57 -05:00
Brendan Coles 163c66b5ba Update tested versions 2019-04-21 11:21:28 +00:00
L 3c237b945f fixed 2019-04-21 12:00:20 +08:00
Jacob Robles e0266b4543
Update nuuo module
aux:nuuo_cms_file_download
2019-04-19 14:26:35 -05:00
Adam Cammack f14571364f
Properly encode URL 2019-04-19 12:35:36 -05:00
Brent Cook 5ef5904296
Land #11747, updated test versions for abrt_raceabrt_priv_esc 2019-04-19 11:43:06 -05:00
h00die 072ac00acd
Land #11754 linux priv esc for SystemTap 2019-04-19 08:39:20 -04:00
bcoles 43c7b8bb63
Fix check 2019-04-19 12:54:30 +10:00
Wei Chen 8ceefce8bf
Land #11646, Add module for Rails "DoubleTap" vulnerability 2019-04-18 16:11:09 -05:00
Wei Chen 7ef9c18b58 Add another reference for rails_doubletap_file_read 2019-04-18 16:10:24 -05:00
Wei Chen 89096f374b Update check method to support vuln checks 2019-04-18 15:39:53 -05:00
Brent Cook 5ca87e985f
Land #11753, Update glibc_origin_expansion_priv_esc 2019-04-18 12:20:13 -05:00
Brendan Coles 64ed136f09 Add SystemTap MODPROBE_OPTIONS Privilege Escalation module 2019-04-18 17:15:22 +00:00
asoto-r7 1ecb309633
Land #11717, exploit/multi/http/confluence_widget_connector 2019-04-18 12:14:09 -05:00
asoto-r7 a84aa4e148
Adjusted imeout for the final POST, abort cleanly on failure 2019-04-18 11:57:23 -05:00
Brendan Coles 754255a2fa Fix file description and update tested versions 2019-04-18 15:35:37 +00:00
Brent Cook 5f75dd1bd2 bump payload sizes 2019-04-18 09:40:12 -05:00
Brendan Coles 10871fa115 Update tested versions 2019-04-18 09:01:51 +00:00
bcoles dd15bdd43a
Update modules/auxiliary/scanner/http/springcloud_traversal.rb
Co-Authored-By: RootUp <mishra.dhiraj95@gmail.com>
2019-04-18 12:17:41 +04:00
bcoles fe66786eca
Update modules/auxiliary/scanner/http/springcloud_traversal.rb
Co-Authored-By: RootUp <mishra.dhiraj95@gmail.com>
2019-04-18 12:17:31 +04:00
Dhiraj Mishra 5b4dbd034d
springcloud_traversal.rb 2019-04-18 11:24:34 +04:00
Imran E. Dawoodjee 521277691e
Allow users to add other files for realism.
Update docs to reflect this change.
2019-04-18 04:07:46 +08:00
Brent Cook 22085113ad
Land #11729, Add Libreoffice macro exec exploit module 2019-04-17 13:21:11 -05:00