5214b90fdf
Land #11292 , Add exploit for Nuuo CMS SQL injection
2019-02-21 11:05:53 -06:00
1cd7dc8bc9
Update rank, add note
2019-02-21 10:12:02 -06:00
696640a340
Timeout and cleanup files
2019-02-21 06:48:10 -06:00
4a4637d7a3
Move execute shell
2019-02-21 06:48:09 -06:00
efba6d2d9c
Reverse engineered JSOs
2019-02-20 16:45:47 -06:00
449307c7df
Additional style fixes
2019-02-20 15:33:33 -06:00
364460a787
Fixed heredoc and advanced options casing.
2019-02-20 14:42:56 -06:00
0f9a796d2f
Reverse engineered JSOs, used new ysoserial functionality
2019-02-20 14:28:09 -06:00
5f84cbc078
Reverse engineered JSOs, used new ysoserial functionality
2019-02-20 14:12:24 -06:00
c179e5cdad
Land #11291 , Add Nuuo CMS session bruteforcing module
2019-02-20 09:13:33 -06:00
49307ae6c7
Deregister unused options
2019-02-20 08:09:06 -06:00
1acc565335
Land #11290 , Add Nuuo CMS file upload exploit
2019-02-20 07:43:37 -06:00
bffacff78c
Land #11293 , Add Nuuo CMS file download
2019-02-20 07:06:49 -06:00
40b3fbaf05
removed unused lines of code
2019-02-19 22:33:10 +00:00
661e78beed
Land #11409 , Add Belkin Wemo UPnP RCE
2019-02-19 13:47:18 -06:00
0c8b260737
Revert ARCH_CMD payload to cmd/unix/generic
...
There is no telnetd, so cmd/unix/bind_busybox_telnetd won't work.
2019-02-19 13:23:25 -06:00
6d619217c5
Land #11430 , Deregister RHOSTS instead of RHOST
2019-02-19 13:10:07 -06:00
ce02d98dce
Minor changes
...
aux:nuuo_cms_file_download
2019-02-19 12:33:37 -06:00
73048edd97
Minor updates
...
exploit:nuuo_cms_sqli
2019-02-19 12:26:31 -06:00
bad53aeaf1
Genericize exploit (less Crock-Pot verbiage)
2019-02-19 12:13:08 -06:00
2b71410807
Minor updates
...
exploit:nuuo_cms_fu
2019-02-19 12:11:50 -06:00
e383bc2763
Minor updates
...
aux:nuuo_cms_bruteforce
2019-02-19 10:24:15 -06:00
db48f4bb56
Deregister RHOSTS instead of RHOST
...
Fixes this module now that the RHOSTS changes are in effect.
2019-02-18 14:59:29 -05:00
a90777303f
Debugging ci error
2019-02-17 19:05:51 +00:00
49975b7549
cookie not necessary
2019-02-17 18:08:30 +00:00
e434b6a40a
make the file for tidy
2019-02-17 17:25:04 +00:00
8d6114498d
added domain/realm support
2019-02-17 16:56:16 +00:00
708ae76cba
change method to follow style guide
2019-02-17 16:08:58 +00:00
20f208aa53
Changed print_status to print_good on line 87
...
Changed print_status to print_good on line 87
2019-02-16 14:42:12 -06:00
0e300d64dc
Moved bruteforce(ip) under the sys_name check.
...
Moving the bruteforce(ip) under the sys_name check stops the script from executing against the wrong systems.
2019-02-16 14:20:51 -06:00
99ae0d125f
Added systemd lower privlege service persistence
...
Update the module to support systemd --user as a target for the
service_persistence module. This creates a file in a set of "supported"
local directories and triggers the systemctl calls with --user. The unit
files in question can be seen documented in systemd.unit(5)
2019-02-15 15:04:03 -06:00
1be838d1fd
Add Belkin Wemo UPnP RCE (tested on Crock-Pot)
2019-02-14 12:45:36 -06:00
09b0d0fa66
adding fortinet ssl vpn bruteforce
2019-02-14 09:35:02 +01:00
3648f598c7
Land #11399 , cisco_rv320_config updates
2019-02-13 17:00:35 -06:00
e671fbd037
cisco_rv320_config: Updated documentation and incorporating team feedback
2019-02-13 15:45:48 -06:00
85066938df
Land #11157 , Add Windows Gather Power Shell History module
2019-02-13 12:39:28 -06:00
366d060b5d
Minor changes for psreadline_history
2019-02-13 12:38:36 -06:00
a0b5291c30
Space slipped in
2019-02-13 10:25:21 -05:00
2caf98c4d0
jboss_vulnscan: add app to test auth bypass
2019-02-13 16:10:32 +01:00
930d1fb78a
Land #11351 , many new John the Ripper module improvements
2019-02-13 03:05:14 -06:00
e716c24f2d
Style police :P
2019-02-13 00:35:54 -05:00
cdc0728c44
Land #10731 , Add Crock-Pot slow cooker remote control
2019-02-12 15:11:01 -06:00
1ef451c3e6
Correct cook time to minutes, not seconds
2019-02-12 13:29:52 -06:00
a2758cc187
Actually implement ForceExploit
2019-02-12 12:18:26 -06:00
7bad1eefd7
Land #11335 , Update hash parsing formats for JTR
2019-02-12 08:32:47 -06:00
b55fdc7323
Minor updates
2019-02-11 21:39:43 -05:00
2820da5e1b
Update Cache Sizes
2019-02-11 15:41:04 -06:00
237a42b633
Refactor check method
2019-02-11 14:31:19 -06:00
810592afd7
Land #11220 , Add new PCOM module to send admin commands
2019-02-11 14:03:06 -06:00
160856bc42
Move module
2019-02-11 13:46:00 -06:00
4b177b607f
Cosmetic cleanup
2019-02-11 13:44:46 -06:00
c5bff76dc7
Cosmetic changes for office_exel_slk module and documentation
2019-02-11 12:37:17 -06:00
18afc8f546
Bring PR 11249 up to date with upstream master
2019-02-11 12:19:21 -06:00
b49b7ca9db
Remove unneeded require
2019-02-11 11:24:04 -05:00
08e1f86390
Add Webmin 1900 Remote Code Exec Module
...
Adding Webmin RCE module affecting Webmin <= 1.900. Module attempts to
use the Running Processes (proc) permission to determine upload dir,
if the permission is not set the module fails. The user can attempt the
exploit without this permission by setting the 'GUESSUPLOAD' opt to
true.
The default path is in an array of 1 to allow for other OS/Version
default paths to be added in future.
2019-02-11 10:45:03 -05:00
f1675cddad
Documentation
2019-02-10 23:16:45 -05:00
ced3ad0bfd
BMC Patrol CMD Exec Module
2019-02-10 22:26:24 -05:00
6d0797986b
PowerShell check less strict, updated docs.
2019-02-10 14:26:13 +08:00
f589db6831
Land #11152 , add macOS adobe flash player type confusion RCE
2019-02-09 18:46:48 +08:00
5c1f4a4703
fix include -> include?
2019-02-09 18:46:35 +08:00
ab5c59f3ba
Land #11219 , New PCOM client module
2019-02-08 19:26:25 -06:00
c9d18b1613
Make cosmetic changes
2019-02-08 19:22:48 -06:00
a380bb6df1
Land #11239 , Add check for writable and nosuid WritableDir
2019-02-08 19:14:54 -06:00
18a4af1d1d
Land #11279 , improve imap_open exploit to be more robust
2019-02-08 18:28:08 -06:00
bb97a5eba0
Land #11282 , Support to retrieve data from ListConfigFiles SAP webmethod
2019-02-08 18:01:29 -06:00
016ef1116e
Land #11345 , Add Solaris pfexec Upgrade Shell module
2019-02-08 14:19:15 -06:00
25af2b4a6b
\s over \r\n ipcamera
2019-02-07 15:14:13 -05:00
24b899d6d2
Merge branch 'master' of https://github.com/rapid7/metasploit-framework into ipcamera
2019-02-07 14:33:39 -05:00
eab31eba4a
update to latest mettle with dylib support
2019-02-07 09:33:36 -06:00
5fc7167beb
Merge remote-tracking branch 'upstream/master' into land-10812-
2019-02-07 09:31:02 -06:00
e0f597f25f
fix license URL
2019-02-07 08:18:04 -06:00
9676ed17ba
Land #11366 , Cisco RV320/RV325 config dumper
2019-02-07 00:01:46 -06:00
35b591a4d1
Moved files to be consistent wtih other 'auxiliary/gather' modules
2019-02-06 23:36:41 -06:00
ab3729cc7b
Improved string matching for patched firmwares
2019-02-06 23:33:52 -06:00
1250811e38
Added disclosure date, cleaned up conditionals, fixed parsing code
2019-02-06 23:27:18 -06:00
b320662751
Putting RPORT back
2019-02-06 23:14:42 -06:00
3cd4dde2f0
Added disclosure date
2019-02-06 23:13:10 -06:00
ba1a03dd30
Updated registered/default options
2019-02-06 22:59:42 -06:00
cb6d7fa210
Land #11165 , Fix intermittent problem with native osx stager
2019-02-06 22:39:07 -06:00
3bc4456a39
Land #11193 , increase capacity for meterpreter 'stat' command
2019-02-06 22:34:25 -06:00
4a344093a4
bump payloads
2019-02-06 22:32:24 -06:00
3a12592976
Land #11072 , Add nuuo_nvrmini_upgrade_rce
2019-02-06 22:30:45 -06:00
c8d79cb7c0
Make minor changes for nuuo module
2019-02-06 22:26:31 -06:00
759960cc33
Provide feedback if the device appears to be patched
2019-02-06 21:46:13 -06:00
69dcd7e53f
Updated errors and failure mechanisms
2019-02-06 21:34:54 -06:00
5631c9a213
Fixed default options
2019-02-06 21:25:53 -06:00
6b8963ee4b
Addressed code review suggestions
2019-02-06 21:14:27 -06:00
51f8259206
Land #11331 , Add C2S DVR Management Password Disclosure module
2019-02-07 01:41:10 +00:00
4db4342a5f
Added database-reporting functionality, removed some debugging
2019-02-06 18:47:12 -06:00
0dbad5d2e3
Land #11349 , Add Evince CBT File Command Injection module
2019-02-06 17:54:07 -06:00
a47115352a
Module to dump configuration of the Cisco RV320/RV325
2019-02-06 17:05:18 -06:00
5e4139dcef
Add notes on stability and side effects
2019-02-05 20:51:34 -06:00
16a58ab3c3
Merge remote-tracking branch 'upstream/master' into feature/crockpot
2019-02-05 20:48:05 -06:00
15f624b745
Land #11304 , Add CVE-2018-1000999 to MailCleaner module
2019-02-05 07:19:32 -06:00
39d0fff909
add support for read and write SDW and MDW operands
2019-02-04 15:56:16 +00:00
b13129f9fb
Land #11348 , Add nil check to enum_patches
2019-02-04 05:25:42 -06:00
ac94557a15
Land #11347 , add version check to Safari RCE exploit
2019-02-04 05:22:01 -06:00
45cb54d265
remove comment from jtr_oracle_fast
2019-02-03 14:31:58 -05:00
fbd81dd6aa
ipcamera password disclosures
2019-02-03 13:40:22 -05:00
e93f215ac1
apply_pot delete files
2019-02-03 10:24:05 -05:00
748e1468b3
creds upgrade and apply_pot
2019-02-03 10:17:25 -05:00
6f31b1a110
Change default payload to reverse_bash
2019-02-03 06:18:31 +00:00
9c3368f325
Add Evince CBT File Command Injection module
2019-02-03 05:38:56 +00:00
28283809f9
Add nil check to enum_patches
2019-02-02 15:33:48 +00:00
787c4400e4
Add Solaris pfexec Upgrade Shell module
2019-02-01 22:58:21 +00:00
239cce53ea
Land #11039 , Add linux x64 ipv6 reverse shell
...
Merge branch 'land-11039' into upstream-master
2019-02-01 16:21:24 -06:00
61b468ac7d
Add URL reference to blog post
2019-02-01 14:49:33 -06:00
7b88277c6f
Prefer case statement over long if block
2019-02-01 14:40:09 -06:00
2640ecb4c4
Land #11338 , Add module to discover Ubiquiti devices
...
Merge branch 'land-11338' into upstream-master
2019-02-01 11:40:52 -06:00
ba69a0b26a
Land #11310 , MSF API to zip instead of relying on system()
2019-02-01 11:32:20 -06:00
f0519a5af5
Minor syntax; add logging for unhandled fields
2019-01-31 18:41:27 -08:00
5a63e629e4
update payload sizes for mettle 0.5.4
2019-01-31 00:12:45 -06:00
0ac3004fe1
fix review comments
2019-01-30 20:27:19 -05:00
9f6b9d586b
updating jtr formats in hashdumpers
2019-01-30 20:16:08 -05:00
4681ed9669
Update docs, strip empty essid
2019-01-30 14:31:20 -08:00
603d2a0c04
Add docs
2019-01-30 14:26:15 -08:00
96d612fb40
WIP commit on module to disover Ubiquiti devices on 10001/UDP
2019-01-30 14:19:02 -08:00
da27c3eeae
centralize hash to jtr formatting
2019-01-30 16:24:05 -05:00
a0f63629b8
Check if we actually downloaded a file
2019-01-30 21:56:11 +07:00
9070435603
Change to support the new nuuo lib
2019-01-30 21:32:33 +07:00
e2c1d0d7fa
Merge branch 'master' of https://github.com/rapid7/metasploit-framework into c2password
2019-01-29 16:37:39 -05:00
febb049668
more info for c2s
2019-01-29 16:36:06 -05:00
95ae4996eb
spelling and spacing
2019-01-29 16:24:35 -05:00
4c14815343
c2s dvr password disclosure
2019-01-29 16:18:30 -05:00
b7bc52d20b
Fix HTTP/SMB mixin order to restore SSL option
...
Mixin order matters. Mixins kinda suck.
2019-01-29 11:09:34 -06:00
6c9a5b3fea
Update Cache Sizes
2019-01-28 15:53:19 -06:00
9930edf704
jtr modernizations
2019-01-25 14:07:24 -05:00
c8bf8781f5
Strip e-mail
2019-01-24 13:49:22 -06:00
156851009b
Remove incorrect documentation
...
The comment is a lie.
2019-01-24 13:48:45 -06:00
0e6fbb439f
Prefer Msf::Util::EXE.to_zip over system()
2019-01-24 13:47:47 -06:00
f0aa002009
Land #10119 , Linux post-exploitation metashell
2019-01-24 11:24:12 -06:00
8cdcba81fe
Fix SessionTypes
2019-01-24 11:22:19 -06:00
006faa3d17
Fix prompt
2019-01-24 11:21:45 -06:00
bb9f50c771
Reverted FILE changes
2019-01-24 22:04:01 +07:00
f5afe98111
Add github and full disc URL
2019-01-24 22:01:02 +07:00
7e592bb8a9
Add github and full disc URL
2019-01-24 22:00:41 +07:00
e0eb802c16
Add github and full disc urls
2019-01-24 22:00:12 +07:00
2bf663cf7d
Add full disclosure URL
2019-01-24 21:59:45 +07:00
2d1cecd4d5
Fix request pattern matching
2019-01-23 13:39:52 -05:00
daa3076d42
Add CVE-2018-1000999 to MailCleaner module
...
See PR #11148
This adds the new CVE assigned by DWF for this vulnerability.
Note that [CVE-2018-10933](https://www.cvedetails.com/cve/CVE-2018-10933/ )
describes a vulnerability in libssh, but this one describes the issue as
it pertains to MailCleaner specifically.
2019-01-23 09:27:12 -06:00
47fd066a29
Msftidy
2019-01-22 21:06:11 -05:00
1f56bccf31
Small improvements from review
2019-01-22 20:46:28 -05:00
2ae6142de7
Land #11243 , Add ASan SUID Privesc
2019-01-22 15:50:53 -06:00
fae1b52115
Land #11297 , Fix a typo in auxiliary/dos/scada/allen_bradley_pccc
...
typo fixed
2019-01-22 11:41:29 -06:00
23e0389bf0
typo fixed
2019-01-22 13:33:24 +00:00
f4aaf6c816
Add https to msf link
2019-01-22 19:14:52 +07:00
e767af4533
add https to msf link
2019-01-22 19:14:24 +07:00
a099418bb8
Update nuuo_cms_file_download.rb
2019-01-22 19:00:26 +07:00
fbde697e3f
Update nuuo_cms_fu.rb
2019-01-22 18:57:02 +07:00
f6fc8a750d
Update modules/auxiliary/gather/nuuo_cms_file_download.rb
...
Co-Authored-By: pedrib <pedrib@gmail.com>
2019-01-22 18:55:09 +07:00
d45f38c88f
Update modules/auxiliary/gather/nuuo_cms_file_download.rb
...
Co-Authored-By: pedrib <pedrib@gmail.com>
2019-01-22 18:55:02 +07:00
5fc0c66109
add version to check to safari exploit
2019-01-22 16:10:51 +08:00
f336f41182
Update nuuo_cms_sqli.rb
2019-01-22 12:50:02 +07:00
fa4c6896d2
Update nuuo_cms_file_download.rb
2019-01-22 12:49:20 +07:00
49beac7010
Update nuuo_cms_bruteforce.rb
2019-01-22 12:47:09 +07:00
4e1d79ac4b
Update nuuo_cms_fu.rb
2019-01-22 12:45:47 +07:00
da4bd2e9b8
Remove peer
2019-01-22 12:10:45 +07:00
636461c363
remove peer
2019-01-22 12:10:08 +07:00
4c9d5ad9a7
Remove peer
2019-01-22 12:09:39 +07:00
0685ebed76
Remove peer as that is not needed
2019-01-22 12:08:41 +07:00
9a068e9221
Repair CMS installation and use getsystem
2019-01-22 11:57:54 +07:00
688ee3d579
Remove tested versions since that is already on the docs
2019-01-22 11:43:33 +07:00
27cac0a9fe
Update nuuo_cms_file_download.rb
2019-01-21 18:10:19 +07:00
dc0f388b26
Update nuuo_cms_bruteforce.rb
2019-01-21 18:01:25 +07:00
100fd7b80a
Make description shorter
2019-01-21 17:40:50 +07:00
15d4ca9070
Add CMS link and manual ranking
2019-01-21 17:33:58 +07:00
f8de99422d
Add correct rand call
...
Co-Authored-By: pedrib <pedrib@gmail.com>
2019-01-21 17:31:23 +07:00
5b699768fb
Add correct rand call
...
Co-Authored-By: pedrib <pedrib@gmail.com>
2019-01-21 17:31:08 +07:00
88c74fcd40
add https for link
...
Co-Authored-By: pedrib <pedrib@gmail.com>
2019-01-21 17:30:54 +07:00
01e510b48f
add failure tag
...
Co-Authored-By: pedrib <pedrib@gmail.com>
2019-01-21 17:30:35 +07:00
d0861811c2
Add files via upload
2019-01-21 17:17:36 +07:00
bd3d6ee6bf
Create nuuo_cms_sqli.rb
2019-01-21 17:14:41 +07:00
3a3d163474
Add nuuo CMS bruteforce module
2019-01-21 17:11:27 +07:00
9ffff16e95
Add Nuuo CMS file upload exploit
2019-01-21 17:06:10 +07:00
060d20694d
Attribution
2019-01-20 09:18:43 +00:00
4ec5e7d23a
msftidy cleanup
2019-01-19 18:16:26 +01:00
2bcdc550c6
Support to retrieve data from ListConfigFiles SAP webmethod
2019-01-19 17:36:47 +01:00
8dffa35f04
Support to retrieve data from ListConfigFiles webmethod
2019-01-19 14:45:34 +01:00
f47060870a
horde imp h3 imap_open
2019-01-18 19:43:45 -05:00
2585e4b708
horde imp h3 imap_open
2019-01-18 19:38:30 -05:00
f8af9a9e4d
Merge remote-tracking branch 'upstream/master' into pr/10119
2019-01-18 10:43:34 -06:00
1121ce1127
Change default filename to random
2019-01-17 20:12:53 -05:00
5d49f04948
not working horde imp imap_open
2019-01-17 19:55:42 -05:00
2577160449
update print_error, add PrependFork and adjust timeout
2019-01-16 23:20:06 -08:00
31a7b13c19
ms17_010_psexec: fix RHOST in "authenticating..." message
2019-01-16 11:23:21 +01:00
1947bae45b
Land #11230 , add JuicyPotato local privilege escalation
2019-01-15 21:20:25 -06:00
06de16a36f
Merge remote-tracking branch 'upstream/master' into pr/10119
2019-01-15 18:33:48 -06:00
ffe5db4010
new pcom client mode that allows to read and write
...
several types of operands
2019-01-16 00:16:38 +00:00
27d6fffdad
Land #11125 , Import/generate `ysoserial` Java serialization objects
2019-01-15 17:09:56 -06:00
a73fe9433b
land #11169 blueman priv esc on linux
2019-01-15 10:32:46 -05:00
923a4ba098
Land #11263 , uppercase KoreLogic in JTR modules
2019-01-15 08:50:11 -06:00
9616a9f79d
Land #11245 , doc update for chrome_cookies
2019-01-15 07:27:35 -06:00
04363b7b7e
Doc update
...
post:chrome_cookies
2019-01-15 07:19:46 -06:00
93f66a1f22
uppercase
2019-01-15 08:04:11 -05:00
8c636f27d5
Update check method to confirm vulnerability
2019-01-15 11:31:31 +11:00
47f8738f74
Add Imran Rashid to CVE-2018-11770 credit
2019-01-14 15:28:08 -06:00
52ff0a8b75
Update exploits/linux/http/spark_unauth_rce as CVE-2018-11770
2019-01-14 15:10:29 -06:00
8cd26b74d7
Please msftidy gods
2019-01-13 19:22:51 -05:00
171d46db9b
Add disclosure date, more references, and authors
2019-01-13 19:11:05 -05:00
89e8ff9c80
Update office_excel_slk.rb
2019-01-13 18:08:51 -05:00
d88d1d0f1d
Create office_excel_slk.rb
2019-01-13 17:31:34 -05:00
c6f4eda7f9
Add ASan SUID Executable Privilege Escalation module
2019-01-12 09:14:20 +00:00
e69d509bdf
chore: update description and ranking
2019-01-12 04:32:21 +01:00
3a865a0c05
feat: spawn as NT AUTHORITY\SYSTEM
2019-01-12 04:03:26 +01:00
e9a8d5708a
Land #11234 , @bcoles revisionism
2019-01-11 20:15:34 -06:00
fe6956d7f7
Use mixins
2019-01-11 22:46:58 +00:00
20fd6b6134
Add check for writable and nosuid WritableDir
2019-01-11 22:41:14 +00:00
149f895329
feat: add LOGFILE support for debug
2019-01-11 18:21:54 +01:00
dca99552e6
feat: pass payload length to the dll
2019-01-11 16:28:49 +01:00
7653d64c4a
fix: improve exploit check
2019-01-11 15:38:57 +01:00
24f807490f
revisionism
2019-01-10 19:19:14 +00:00
9f8bac59f7
Land #11215 , success
2019-01-10 12:57:46 -06:00
86850e7062
Land #11217 , fix syntax and logic errors in badpdf module
2019-01-10 12:52:08 -06:00
74330f87dc
Land #11223 - ueb priv esc suggestion
...
ueb priv esc suggestion.
2019-01-10 10:35:28 -06:00
dc2d3c5774
feat: add juicy potato post module, fixes #11229
2019-01-10 17:20:43 +01:00
2f939481e7
Land #11206 , add coldfusion ckeditor file upload
2019-01-10 07:27:38 -06:00
b81f59e7b1
Fix targets and syntax changes
2019-01-10 06:39:45 -06:00
71aa4c8d9e
Adding respond code/body check for successful command execution
2019-01-10 00:01:19 -08:00
3aabeee959
Update SSL, timeout and uid regex
2019-01-09 23:20:37 -08:00
5a956bb27b
Apply suggestions from code review
...
Co-Authored-By: rsp3ar <rsp3ar@users.noreply.github.com>
2019-01-09 21:07:01 -08:00
799a79b715
ueb priv esc suggestion
2019-01-09 20:28:53 -05:00
4bfb90ce06
new PCOM module to send admin commands
2019-01-09 20:27:15 +00:00
913c80c352
Land #11106 , Allen-Bradley legacy protocol DoS
2019-01-09 12:12:02 -06:00
0f156140fe
Clean up module
2019-01-09 12:11:50 -06:00
307cc8c107
fix comment
2019-01-09 11:12:51 -06:00
cf1b4b43cb
auxiliary/fileformat/badpdf: fix syntax and logic error in options handling
2019-01-09 14:30:24 +01:00
0c984fa232
Fix messages /successfuly/successfully
2019-01-09 06:32:22 -06:00
24de5d6ee3
Update to use CmdStager
2019-01-08 20:07:35 -08:00
16b8cf7059
Land #11148 , Adding Module MailCleaner RCE
2019-01-08 14:10:31 -06:00
a0acfa79d7
Target payloads
2019-01-08 13:27:26 -06:00
c2da3dbbd3
Land #11052 , Add gather chrome cookies post module
2019-01-08 07:32:16 -06:00
a95384e288
Additional support and code cleanup
2019-01-08 06:57:56 -06:00
bab651e94d
Add Imperva SecureSphere module
2019-01-07 22:18:04 -08:00
f96514528b
Land #10648 , auth bypass for couchdb_enum
2019-01-07 12:53:11 -06:00
3a726554e9
Fix review comments
2019-01-07 12:51:52 -06:00
a63c057c3a
Integrate bcoles' comments (filename generation, conditional block improvement, etc.)
2019-01-06 22:50:46 +01:00
c03466d2f2
Fixed date format issue and added Bugtraq ID
2019-01-06 14:34:40 +01:00
4644ad8966
Add CVE-2018-15961 Adobe ColdFusion CKEditor unrestricted file upload
2019-01-06 04:55:20 +01:00
e990bb31df
Land #11182 , bump mettle, change debug and background options
2019-01-03 02:57:19 -06:00
811605a9b8
Cleanup headless Chrome process for meterpreter sessions
2018-12-30 18:05:41 +11:00
5957315167
Land #11141 , Ensure Byte XORi Encoder uses cacheflush()
2018-12-29 10:20:07 +00:00
005b2664b8
Land #11140 , Ensure MIPS Long XOR Encoder uses cacheflush()
2018-12-29 10:14:47 +00:00
9e109c7e7c
Update cache size
2018-12-28 16:08:15 -06:00
29e7c49332
Land #10444 , add Consul rexec RCE module
2018-12-28 09:14:28 -06:00
fb8f06b2f5
Land #10443 , add Consul service RCE module
2018-12-28 08:33:56 -06:00
4e8ad22a7a
Adding CVE number
2018-12-26 13:15:36 +03:00
69e7956adf
Land #11174 , Fix platform bug when upgrade shell.
...
The platform on windows powershell should be 'win', rather than
'windows', this bug leads to failure when upgrade powershell session
to meterpreter.
2018-12-26 11:31:39 +08:00
fa542b9691
Adding platform and arch to top level
2018-12-25 15:56:25 +03:00
ee7120d63a
fixed post/multi/manage/shell_to_meterpreter
2018-12-25 15:00:39 +08:00
18c844623a
Remove extra spaces.
2018-12-24 13:48:07 +01:00
Jacob Robles
asoto-r7
terrorbyte
Max Michels
Wei Chen
William Vu
Rob Fuller
John Q. Public
rwincey
Clément Notin
Brent Cook
bwatters
Ziconius
Imran E. Dawoodjee
Tim W
h00die
Brendan Coles
Pearce Barry
Luis Rosa
Jon Hart
Jeffrey Martin
Pedro Ribeiro
Carter Brainerd
Tod Beardsley
Shelby Pace
jdiog0
spinfoo
rsp3ar
phra
Qazeer
Qazeer
Alex
Mehmet İnce
Green-m
L
Quentin Kaiser