Pearce Barry
7e62a69e16
Land #11660 , Update use_single_quotes to wrap_double_quotes
2019-04-06 15:44:39 -05:00
Shelby Pace
fff129ae9f
Land #11587 , add Wordpress core RCE module
2019-04-04 15:22:56 -05:00
Shelby Pace
6efd80e139
added note in info
2019-04-04 15:19:58 -05:00
Shelby Pace
2884d9afcb
modified checks, added function
2019-04-04 15:09:12 -05:00
William Vu
e164c2350c
Properly encode command input with XML entities
...
REXML would make this less ghetto.
2019-04-03 19:10:27 -05:00
Shelby Pace
d5ac1e3a33
minor adjustments to indentation and requests
2019-04-03 19:03:47 -05:00
Ben Schmeckpeper
7d1f6afd4a
Remove trailing space from CVE reference
2019-04-03 09:21:55 -05:00
todb-r7
9e3984ea51
Remove duplicate CVE for Mailcleaner module
...
See #11304
2019-04-02 12:51:09 -05:00
wilfried
3081b13a1f
Adding payload in exploit code
2019-04-02 10:24:48 +02:00
surefire
1b6cd64016
Land #11136 , exploit/multi/misc/weblogic_deserialize_unicastref
2019-04-01 18:15:26 -05:00
surefire
40191e5a01
Dissected JSOs, randomized strings, copied T3 header breakdown from @acamro
2019-04-01 18:05:45 -05:00
William Vu
06397bb087
Land #11636 , postgres_createlang version check fix
2019-04-01 15:21:57 -05:00
surefire
f292befed4
Land #11134 , exploit/multi/misc/weblogic_serialize_marshalledobject
2019-04-01 14:11:30 -05:00
surefire
4d0e47044b
Fixed a hardcoded payload length resulting in 40% failures
2019-04-01 14:05:39 -05:00
Brendan Coles
ddbd7ba080
Case insensitive match
2019-04-01 18:58:14 +00:00
William Vu
5867158238
Land #11595 , can_flood post module
2019-04-01 12:38:46 -05:00
William Vu
f5f4c4bec2
Clean up module
2019-04-01 12:24:35 -05:00
PietroBiondi
2afd27a671
1)Fixed documentation format 2)Refactoring and more efficient loop
2019-03-30 17:12:15 +01:00
William Vu
496f270b30
Update use_single_quotes to wrap_double_quotes
2019-03-29 18:14:56 -05:00
Brent Cook
82b7c926fe
Land #11579 , Add support for splunk 7.2.4 to splunk_upload_app_exec
2019-03-29 16:22:26 -05:00
Brent Cook
9c38d58e9f
Land #11625 , add es file explorer open port CVE-2019-6447 module
2019-03-29 15:46:09 -05:00
William Vu
269cb4bca6
Land #11635 , Authors check for msftidy
2019-03-29 10:45:31 -05:00
William Vu
af494300ec
Add timwr as an author to his own modules
2019-03-29 10:44:58 -05:00
Brent Cook
0a24266029
Land #11482 , RV320 Unauthenticated RCE
2019-03-28 17:53:05 -05:00
h00die
1e6850fa53
land #11623 oracle 12 support for hashdumper
2019-03-28 10:07:54 -04:00
h00die
2a311931d3
oracle hashdump cleanup
2019-03-28 10:06:56 -04:00
7043mcgeep
f2a19d5e32
Final revisions
2019-03-27 21:53:52 -05:00
Wei Chen
927d20cb95
Land #11592 , Add CMS Made Simple (CMSMS) Showtime2 File Upload RCE
2019-03-27 15:21:07 -05:00
Wei Chen
38bdccb91a
Use instance variables instead of datastore options
2019-03-27 15:17:32 -05:00
fabiocogno
fdb1f4adea
Update cmsms_showtime2_rce.rb
...
Fix to CSRF Token stealing function for older versions of CMSMS
2019-03-27 20:09:14 +01:00
h00die
3f9c9341f9
add 2016 authors
2019-03-26 19:39:17 -04:00
asoto-r7
399532154d
Fix a git snafu when landing #11131
...
While landing PR #11131 , I tripped over my own shoelaces and overwrote `weblogic_deserialize_rawobject.rb` with `weblogic_deserialize_unicastref.rb`, destroying my changes and introducing a great deal of confusion.
This PR gets us back to where we should have been, with #11131 landed and a few changes to add randomization and expanding on the T3 protocol.
2019-03-26 17:54:37 -05:00
asoto-r7
385cfd679a
Land #11131 , Weblogic_serialize_rawobject CVE-2015-4852
2019-03-26 17:07:04 -05:00
asoto-r7
26b67bbf91
Fix two-byte error, add randomization, T3 notes from @acamro
2019-03-26 16:45:17 -05:00
asoto-r7
5f5d475c2e
Add expected traceback error to documentation
2019-03-26 16:44:45 -05:00
asoto-r7
f9361324bd
Merge branch 'weblogic_serialize_rawobject' of git://github.com/acamro/metasploit-framework into acamro-weblogic_serialize_rawobject
2019-03-26 16:38:27 -05:00
Brendan Coles
d9fc7af68e
Fix version detection
2019-03-26 20:17:34 +00:00
h00die
75ec3e7df6
add date and more docs
2019-03-26 16:13:42 -04:00
Brent Cook
b2d047b0b1
Land #11622 , merge common hash identifier code between modules
2019-03-26 13:12:00 -05:00
Shelby Pace
d185e8a018
indentation fix
2019-03-25 14:54:46 -05:00
Shelby Pace
3a8b09f08e
added checks on scan method
2019-03-25 14:48:19 -05:00
Shelby Pace
59f5c291c9
removed spare spaces and modified some indentation
2019-03-25 14:25:09 -05:00
7043mcgeep
a8ccc7eb25
Remove tabbed indents
2019-03-25 11:13:28 -05:00
7043mcgeep
b91231021a
Hashdump adheres to better coding style. Add docs
2019-03-25 02:36:34 -05:00
rwincey
9d71020d9c
Removed credit
2019-03-24 19:11:22 -04:00
rwincey
8a36a0f410
Added support for later versions of Outlook, rubocop complaints
2019-03-24 18:39:55 -04:00
h00die
656ea5240d
remove space at EOL
2019-03-24 08:11:24 -04:00
h00die
dfa1ab3a9b
es file explorer
2019-03-24 08:01:32 -04:00
7043mcgeep
170d28d46b
12c hashdump supported
2019-03-23 13:37:19 -05:00
7043mcgeep
d1cad4eb21
Add 12c support for hashdump
2019-03-23 13:15:38 -05:00