f9e7715adb
Fixed formatting
2017-04-29 16:07:45 +02:00
1569d2cf8e
MediaWiki SyntaxHighlight extension exploit module
...
This module exploits an option injection vulnerability in the SyntaxHighlight extension of MediaWiki. It tries to create & execute a PHP file in the document root. The USERNAME & PASSWORD options are only needed if the Wiki is configured as private.
2017-04-29 14:29:56 +02:00
c4b3ba0d14
Actually removing msf/core this time... ><
...
Helps to actually remove the bits that were failing. Now with even more
removal of msf/core!
2017-04-28 21:42:06 -04:00
ff263812fc
Fix msftidy warnings
...
Remove explicitly loading msf/core and self.class from the register_
functions.
2017-04-28 21:26:53 -04:00
afc804fa03
Quick Ghostscript module based on the public PoC
2017-04-28 09:56:52 -05:00
f8fb03682a
Fix issue in ps_wmi_exec and powershell staging
...
The staging function in the post/windows/powershell class was broken
in a previous commit as the definition for env_variable was removed and
env_prefix alone is now used. This caused an error to be thrown when
attempting to stage the payload. This changes the reference from
env_variable to env_prefix.
Additionally, the ps_wmi_exec module created a powershell script to be
run that was intended to be used with the EncodedCommand command line
option; however the script itself was never actually encoded. This
change passes the compressed script to the encode_script function to
resolve that issue.
2017-04-28 03:31:56 -04:00
cd73bd137a
Making use of while loop and solving StagerRetryWait issue
2017-04-27 11:50:13 +05:30
1a402ed1d8
Add arch to smb_ms17_010 DOUBLEPULSAR detection
2017-04-26 20:59:13 -05:00
037fdf854e
move common json-rpc bits to a library
2017-04-26 18:08:08 -05:00
480a0b4273
update payload sizes
2017-04-26 18:02:14 -05:00
a60e5789ed
update mettle->meterpreter references in modules
2017-04-26 17:55:10 -05:00
078ba66e5f
remove unneeded msf/core requires
2017-04-26 17:17:20 -05:00
353191992f
move mettle payloads to meterpreter, add reverse_http/s stageless
2017-04-26 17:06:34 -05:00
f8792956ee
fix one module for testing
2017-04-26 16:21:13 -05:00
a3a4ba7605
Buffer Overflow on Dup Scout Enterprise v9.5.14
2017-04-26 15:19:00 +01:00
da6c03d13f
Fix function names to always be snake_case
2017-04-26 09:30:29 -04:00
bbee7f86b5
Land #8263 , Mercurial SSH exec module
2017-04-26 01:38:01 -05:00
f60807113b
Clean up module
2017-04-26 01:37:49 -05:00
a3bcd20b26
Minor cleanups for multi-platform railgun
2017-04-25 17:45:07 -04:00
5476f6066c
Land #8271 , DOUBLEPULSAR detection for MS17-010
2017-04-25 16:31:39 -05:00
4019a14865
The local HWBridge now does not print out status for each URI request per default. This can be enabled by setting verbose to true.
...
Signed-off-by: Craig Smith <agent.craig@gmail.com>
2017-04-24 20:42:03 -07:00
5537348e28
Addes Statistics support from the API. When typing status in a hardware bridge it will also print packet statistics.
...
Signed-off-by: Craig Smith <agent.craig@gmail.com>
2017-04-24 20:42:03 -07:00
320898697a
Land #8266 , Add Buffer Overflow Exploit on Disk Sorter Enterprise
2017-04-24 17:17:30 -05:00
1d86905fca
Land #8288 , Minor changes to WiPG-1000 module
2017-04-24 17:09:25 -05:00
e333cb65e5
Restore require 'msf/core'
2017-04-24 17:09:02 -05:00
c573628e10
Fix header
2017-04-24 17:01:35 -05:00
e775f9ccbd
Land #8259 , Add post module to upload and execute a file
2017-04-24 17:00:55 -05:00
d3aba846b9
Make minor changes
2017-04-24 23:35:36 +02:00
5bbb4d755a
Land #8254 , Add CVE-2017-0199 - Office Word HTA Module
2017-04-24 16:05:00 -05:00
6029a9ee2b
Use a built-in HTA server and update doc
2017-04-24 16:04:27 -05:00
55f01d3fc7
made the plugin less spammy with more vprintf
2017-04-24 13:33:05 -06:00
453ca6e3bf
added OS printing on vulnerable systems
2017-04-24 13:20:44 -06:00
47898717c9
Minor documentation improvements
...
Space after ,
2017-04-24 14:47:25 +01:00
bd2379784e
Improved error handling for the python reverse_tcp payload
...
Handling all kinds of errors
Removing 'e'
Updating payload cached sizes
Updating payload cached sizes 2.0
Adding option to set retry time
2017-04-23 20:43:57 +05:30
a69aba0eab
added XOR Key calculation
2017-04-22 23:54:30 -06:00
8e4c093a22
added version numbers
2017-04-22 09:45:55 -04:00
ffe6d35b4d
Add a module to dump network passwords from gnome
2017-04-21 16:17:18 -04:00
8a77bf7b60
removed wrong comments
2017-04-21 08:27:13 -06:00
714ada2b66
Inline execute_cmd function
2017-04-21 15:32:15 +02:00
9fab64c60e
added references
2017-04-20 15:22:37 -06:00
dd12afd717
added DoublePulsar detection
2017-04-20 15:03:29 -06:00
8218f024e0
Add WiPG-1000 Command Injection module
2017-04-20 16:32:23 +02:00
55ab800f13
Minor code fixes.
2017-04-19 14:41:11 +02:00
f1c51447c1
Add files via upload
...
Buffer Overflow on Disk Sorter Enterprise
2017-04-19 10:57:41 +01:00
f5430e5c47
Revert Msf::Exploit::Remote::Tcp
2017-04-18 19:27:35 -04:00
9a870a623d
Make use of Msf::Exploit::Remote::Tcp
2017-04-18 19:17:48 -04:00
03e3065706
Fix MSF tidy issues
2017-04-18 18:56:42 -04:00
32f0b57091
Fix new line issues
2017-04-18 18:52:53 -04:00
bdeeb8ee1d
Add a check
2017-04-18 16:32:06 -05:00
3b38d0d900
Land #8262 , PR ref for huawei_hg532n_cmdinject
2017-04-18 16:29:13 -05:00
bfca4da9b0
Add mercurial ssh exec
2017-04-18 16:33:23 -04:00
1fcc1f7417
Trailing comma. Why isn't this Lua?
2017-04-18 14:27:44 -05:00
0428e12b10
Land #8216 , Add CVE-2016-7552/CVE-2016-7547 exploit
2017-04-18 14:26:55 -05:00
4ec71f9272
Add a reference to the original PR
...
This was the source of first public disclosure, so may as well include
it.
2017-04-18 14:20:25 -05:00
84dd5cd01a
Add a simple upload exec module
2017-04-17 19:34:21 -05:00
92e7183a74
Small typo fix
...
Running msfconsole would generate an Ubuntu crash report (?). This seems to be the culprit.
2017-04-17 11:14:51 -06:00
942959f7e8
Land #8255 , fixes for smb_ms17_010
2017-04-17 11:38:34 -05:00
7b936b0012
Land #8184 , convert IPMI protocol and modules to bindata
2017-04-17 07:40:15 -05:00
6f70efcfa1
add module documentation
2017-04-17 07:39:43 -05:00
b1c7f1302b
Fix report_vuln and prefer vprint_error
2017-04-17 02:48:56 -05:00
e21504b22d
huawei_hg532n_cmdinject: Use send_request_cgi() 'vars_get' key
...
Instead of rolling our own GET parameters implementation.
Thanks @wvu-r7!
2017-04-17 09:11:50 +02:00
3d082814cb
Fix default options
2017-04-17 01:09:48 -05:00
7daec53106
huawei_hg532n_cmdinject: Improve overall documentation
...
- Add section on compiling custom binaries for the device
- Add documentation for Huawei's wget flavor (thanks @h00die)
- Abridge the module's info hash contents (thanks @wwebb-r7)
- Abridge the module's comments; reference documentation (@h00die)
2017-04-17 08:00:51 +02:00
8a302463ab
huawei_hg532n_cmdinject: Use minimum permissions for staged binary
...
Use u+rwx permissions only, instead of full 777, while staging the
wget binary to target. As suggested by @wvu-r7 and @busterb.
2017-04-17 03:27:57 +02:00
7ca7528cba
huawei_hg532n_cmdinject: Spelling fixes suggested by @wvu-r7
2017-04-17 03:23:20 +02:00
7b8e5e5016
Add Huawei HG532n command injection exploit
2017-04-15 21:01:47 +02:00
7950087804
Merge branch 'upstream-master' into land-8237-
2017-04-14 21:53:26 -05:00
fb001180c4
Fix generate_uri
2017-04-14 21:52:31 -05:00
590816156f
rename exp module
2017-04-14 21:32:48 -05:00
1952529a87
Format Code
2017-04-14 21:30:26 -05:00
a9857eb1c2
Land #8099 , Aux module to launch instances in AWS
2017-04-14 14:12:10 -05:00
42122d2835
Land #8238 , move SMB2 support back into smb_login, add simpler permissions checks
2017-04-14 14:06:46 -05:00
8ab0b448fd
CVE-2017-0199 exploit module
2017-04-14 13:22:59 -05:00
eb61241673
Land #8228 , New mainframe privesc payload for z/OS
2017-04-14 13:19:41 -05:00
d75f852d01
Land #8167 , Add MS17-010 auxiliary detection module
2017-04-14 13:00:16 -05:00
91fb3ce6b8
collapse SMB2 support into smb_login
...
converge the SMB and SMB loginscanners so that
there is only one SMB loginscanner that supports both
MS-2636
2017-04-13 15:22:03 -05:00
adeb4d10d7
smb2 login scanner admin check now working
...
we can now check for admin privs in the smb2
login scanner
MS-2636
2017-04-13 14:40:32 -05:00
48560d29f3
remove keyscan_extract and modify calling modules
2017-04-13 10:42:28 -05:00
5e42dde6b6
msftidy clean up
2017-04-12 16:25:21 +01:00
9f289bdf52
Fixed error messages and some syntax.
2017-04-12 13:48:11 +02:00
c21d78b23b
Land #8186 , Convert DNS Fuzzer to use bindata
2017-04-11 23:27:08 -05:00
fa8011fd07
New mainframe privesc payload for z/OS
...
This module performs a privilege escaltion on mainframe systems
runing z/OS and using RACF for their security manager. A user
with any non-privileged credentials and the ability to write to
an apf authorized library can use this payload to add "root level"
privileges (e.g. SPECIAL / BPX.SUPERUSER) to their profile.
2017-04-11 15:04:44 -05:00
c867b7e228
Land #8204 , Add Cambian ePMP SNMP Configuration download
2017-04-11 10:59:13 -05:00
3c2dc68e9c
improved description, no point repeating the same thing\!
2017-04-11 09:55:11 -05:00
c359e15de6
updated the print statement
2017-04-11 09:31:17 -05:00
84ac9d905c
improved the description of the module
2017-04-11 09:24:43 -05:00
374d7809b5
last fixes and tests
2017-04-11 09:48:57 +01:00
288e384164
Land #8189 , irssi password post gather module
2017-04-10 23:34:54 -05:00
96927b449c
Rework module to grab entire irssi configs
2017-04-11 00:02:40 -04:00
6a1531da34
Fix loot name attributes
2017-04-10 23:52:31 -04:00
d92f94e077
Fix grammar issue
2017-04-10 23:44:18 -04:00
d9e96a8b4f
Consolidate loot into single file
2017-04-10 23:42:50 -04:00
7f6bbb6ff2
Fix trailing space issue
2017-04-10 21:38:30 -04:00
9432a3543f
Extend irssi post mod to grab network passwords
2017-04-10 15:35:26 -04:00
b1d127e689
satisfied travis
2017-04-10 14:11:18 -05:00
47d74819a5
Update regex per reviewer request
2017-04-10 14:45:10 -04:00
d816092c56
Fix missing new line
2017-04-10 14:41:25 -04:00
0f07875a2d
added CVE-2016-7552/CVE-2016-7547 exploit
2017-04-10 13:32:58 -05:00
06ca406d18
Fix weird whitespace
2017-04-09 22:23:58 -05:00
f7c8bd2464
add rescue for ::Rex::Proto::SMB::Exceptions::LoginError
2017-04-07 15:37:56 -06:00
3c189f0cb0
Adding Cambium SNMP Loot module
2017-04-07 01:32:45 +05:30
74dc7e478f
update piwik module
2017-04-05 20:19:07 +02:00
9a0789f839
Exploit for pmmasterd Buffer Overflow (CVE-2017-6553)
2017-04-05 17:59:54 +01:00
dd5a91f153
Land #8008 , Added archmigrate module for windows sessions
2017-04-05 08:55:27 -05:00
08b2a97293
Changed styling to be more in line with rubocop.
2017-04-05 10:05:56 +02:00
b8af7c1db0
Add irssi password post gather module
2017-04-05 00:56:24 -04:00
64c06a512e
Land #8020 , ntfs-3g local privilege escalation
2017-04-04 09:48:15 -05:00
891e7e465e
convert DNS fuzzer to bindata
2017-04-04 03:03:32 -05:00
46c7e822c8
convert IPMI protocol and modules to bindata
2017-04-04 02:44:17 -05:00
30c4a665f4
update iis exploit
2017-04-03 20:06:16 +02:00
98ffa4d380
Land #7652 , add varnish cache CLI authentication scanner module
2017-04-02 21:52:45 -05:00
4c0539d129
Land #8178 , Add support for non-Ruby modules
2017-04-02 21:02:37 -05:00
a34c01ebd2
Land #8137 shodan honeyscore module
2017-04-02 21:37:36 -04:00
0092818893
Land #8169 add exploit rank where missing
2017-04-02 20:59:25 -04:00
151ed16c02
Re-ranking files
...
../exec_shellcode.rb
Rank Great -> Excellent
../cfme_manageiq_evm_upload_exec.rb
Rank Great -> Excellent
../hp_smhstart.rb
Rank Average -> Normal
2017-04-02 18:33:46 -04:00
26fc6bc920
added report_vuln()
2017-04-01 21:48:19 -06:00
e80b8cb373
move sploit.c out to data folder
2017-03-31 20:51:33 -04:00
035f37cf42
Land #8144 , Add Moxa Device Discovery Scanner Module
2017-03-31 19:11:27 -05:00
f870f94fa9
Land #8163 , Add Cambium ePMP Arbitrary Command Execution
2017-03-31 19:06:19 -05:00
6910cb04dd
Add first exploit written in Python
2017-03-31 17:07:55 -05:00
823c1a6286
added more verifieds
2017-03-31 16:52:20 -04:00
23ac9214ea
land #8010 post gather module for tomcat creds
2017-03-31 16:15:55 -04:00
34a152dc76
handle no sysinfo from ssh_login
2017-03-31 16:15:16 -04:00
ab4d86fd21
Land #8168 , change description of alpha encoders
2017-03-31 11:37:12 -05:00
1ce7bf3938
Land #8126 , Add SolarWind LEM Default SSH Pass/RCE
2017-03-31 11:21:32 -05:00
c445a1a85a
Wrap ssh.loop with begin/rescue
2017-03-31 11:16:10 -05:00
22b2215d2e
Fixed a typo causing bot to fail.
2017-03-31 16:40:21 +02:00
3a674b731c
Added error handling, added documentation and fixed some style issues.
2017-03-31 16:35:25 +02:00
628827cda9
Added some documentation and gracefull error handeling.
2017-03-31 12:45:30 +02:00
df2a9a4af3
Added documentation file and implemented fixes for output and linux parsing.
2017-03-31 11:19:12 +02:00
5e31a32771
Add missing ranks
...
../exec_shellcode.rb
Rank = Great
This exploit is missing autodetection and version checks,
but should be ranked Great due to high number of possible targets
../cfme_manageiq_evm_upload_exec.rb
Rank = Great
This exploit implements a check to assess target availability,
and the vulnerability does not require any user action
../dlink_dcs_930l_authenticated_remote_command_execution
Rank = Excellent
Exploit utilizes command injection
../efw_chpasswd_exec
Rank = Excellent
Exploit utilizes command injection
../foreman_openstack_satellite_code_exec
Rank = Excellent
Exploit utilizes code injection
../nginx_chunked_size
Rank = Great
Exploit has explicit targets with nginx version auto-detection
../tp_link_sc2020n_authenticated_telnet_injection
Rank = Excellent
See dlink_dcs_930l_authenticated_remote_command_execution,
exploit uses OS Command Injection
../hp_smhstart
Rank = Average
Must be specific user to exploit, no autodetection,
specific versions only
2017-03-31 02:39:44 -04:00
0a398a59c5
change description
2017-03-30 20:06:23 +02:00
6bcb9b523b
Land #8165 , Fix x86 mettle shellcode
2017-03-30 11:45:11 -05:00
4bd50b0ad2
Merge branch 'ms17-010' of github.com:RiskSense-Ops/metasploit-framework into ms17-010
2017-03-30 10:10:08 -06:00
a125566fc7
removed unnecessary arguments
2017-03-30 10:09:31 -06:00
a13d6a7810
Land #8166 , Add new SMB LoginScanner using RubySMB for SMB1/SMB2 Support
2017-03-30 11:08:17 -05:00
ac83ff7e48
Land #8155 , Style fixes for HWBridge RF and a couple small bug fixes
2017-03-29 20:37:13 -05:00
ef7de6d49e
added MSB to description, moved a print statement
2017-03-29 17:43:49 -06:00
4bdbdc0e00
Fix response parsing
2017-03-29 18:21:12 -05:00
68f5c0e663
removed a print statement
2017-03-29 16:24:59 -06:00
7e6b8b02b8
replaced magic constant with setup_count
2017-03-29 15:37:28 -06:00
9923c39799
removed superfluous status
2017-03-29 15:32:29 -06:00
f0a1e12a7e
small typos
2017-03-29 15:30:35 -06:00
691811af5a
Land #7994 , Add Windows Gather DynaZIP Saved Password Extraction post module
2017-03-29 16:04:09 -05:00
ffa376c514
added MS17-010 auxiliary detection module
2017-03-29 14:33:02 -06:00
a571bcdba4
update module description
2017-03-29 13:58:36 -05:00
418e371e35
add SMB2 login scanner and module
...
add smb2_login module backed by an smb2
LoginScanner class. This is a temporary alternative
to smb_login until ruby_smb catches up more on feature parity
MS-2557
2017-03-29 11:36:33 -05:00
2758010355
Fix x86 mettle shellcode
2017-03-28 17:59:13 -05:00
8b3fe0ac06
Merge branch 'dmchell-cve-2017-7269' into iis_6_sc-dev
2017-03-28 19:33:37 +01:00
697d3978af
Update iis_webdav_scstoragepathfromurl.rb
2017-03-28 19:14:32 +01:00
d7bed334b0
Add Metasploit header
2017-03-28 12:07:57 -05:00
ebbed949c2
Get rid of double header
2017-03-28 12:05:44 -05:00
d1c269e5e8
Update iis_webdav_scstoragepathfromurl.rb
2017-03-28 11:54:52 -05:00
4972b510d1
Use HttpClient instead of Tcp
2017-03-28 11:37:40 -05:00
c203fa71d1
Create iis_webdav_scstoragepathfromurl.rb
2017-03-28 11:34:11 -05:00
ffdd5fb471
Update iis_webdav_scstoragepathfromurl.rb
...
converted to Msf::Exploit::Remote::HttpClient
2017-03-28 17:16:35 +01:00
ed90971489
Update iis_webdav_scstoragepathfromurl.rb
2017-03-28 16:16:51 +01:00
1552cc4cac
Update iis_webdav_scstoragepathfromurl.rb
2017-03-28 16:11:44 +01:00
b301a8d0c0
Update iis_webdav_scstoragepathfromurl.rb
2017-03-28 16:07:12 +01:00
20a9b88eb6
Update and rename iis_webdav_ScStoragePathFromUrl.rb to iis_webdav_scstoragepathfromurl.rb
2017-03-28 15:53:18 +01:00
f7cecaf31e
Update and rename cve-2017-7269.rb to iis_webdav_ScStoragePathFromUrl.rb
2017-03-28 15:47:20 +01:00
9e8ec532a2
Create cve-2017-7269.rb
...
Exploit for cve-2017-7269.rb
2017-03-28 15:33:20 +01:00
30896d1fab
Add Cambium ePMP Arbitrary Command Execution Module
2017-03-28 00:17:36 +05:30
66a585ab41
Land #8050 , Add Cambium ePMP System Hash Dumper
2017-03-27 12:08:53 -05:00
935c59306b
Land #7897 , Add Cambium ePMP 1000 Device Configuration file dumper
2017-03-27 12:05:11 -05:00
d705949b37
Land #7784 , Cambium ePMP 1000 Login Scanner
2017-03-27 12:01:56 -05:00
31c03840bb
Style fixes for HWBridge RF and a couple small bug fixes
...
I should have tweaked these earlier, my bad.
2017-03-26 13:45:19 -05:00
dd7cf39678
updated references
2017-03-25 12:31:08 +05:30
63d88c159a
updated references
2017-03-25 12:27:38 +05:30
fd5e25bcc2
restored version check
2017-03-25 12:08:00 +05:30
68e4b8a855
Updated user data param to load aggregator
2017-03-24 22:58:04 -07:00
82ebbfb9a7
Fix msftidy warnings
2017-03-24 23:12:48 -04:00
3e2173d4f9
Add key length check and remove mixin
...
Also add a reference to the original honeyscore website
2017-03-24 22:33:09 -04:00
581d523d5b
Fix things from review
2017-03-24 21:22:23 -04:00
9db2e9fbcd
Land #8146 , Add Default Secret & Deserialization Exploit for Github Enterprise
2017-03-24 14:38:47 -05:00
92c0748447
Land #8102 , Add a plugin to notify new sessions via SMS
2017-03-24 11:17:59 -05:00
e04f01ed6b
Land #7778 , RCE on Netgear WNR2000v5
2017-03-23 15:34:16 -05:00
3b062eb8d4
Update version info
2017-03-23 13:46:09 -05:00
fdb52a6823
Avoid checking res.code to determine RCE success
...
Because it's not accurate
2017-03-23 13:39:45 -05:00
39682d6385
Fix grammar
2017-03-23 13:23:30 -05:00
ee21377d23
Credit Brent & Adam
2017-03-23 11:22:49 -05:00
196a0b6ac4
Add Default Secret & Deserialization Exploit for Github Enterprise
2017-03-23 10:40:31 -05:00
d37966f1bb
Remove old file
2017-03-23 12:53:08 +03:00
8a43a05c25
Change name of the module
2017-03-23 12:49:31 +03:00
8dd0f953b0
remove unnecessary require
2017-03-22 19:48:24 -04:00
420df11c44
Change up the way shodan is reached
2017-03-22 19:39:45 -04:00
a93aef8b7a
Land #8086 , Add Module Logsign Remote Code Execution
2017-03-22 11:33:49 -05:00
2200c9faee
Create moxa_discover.rb
2017-03-22 10:49:26 -04:00
fa61d67761
Fix score comparison
2017-03-21 19:17:20 -04:00
3af0f814c3
Land #8138 , fix mettle UAF and add initial http/https transport support
2017-03-21 16:51:09 -05:00
1a8e8402ae
Land #8113 , SysGauge SMTP server validation sploit
2017-03-21 16:45:42 -05:00
9542087642
bump mettle to 0.1.8
2017-03-21 16:45:25 -05:00
d10b3da6ec
Land #8132 , Support Python 2 & 3 for web_delivery
2017-03-21 13:48:27 -05:00
6b3cfe0a98
Support both Python 2 and Python 3 in one line
...
Tested on:
* Python 2.7.13 on Windows
* Python 3.5.3 on Windows
2017-03-21 13:47:07 -05:00
fef8ec10bc
Fix author formatting
2017-03-21 13:23:41 -04:00
d7640713df
Add more checks and formatting
2017-03-21 13:23:06 -04:00
1f68a3bda6
Rename honeypot.rb to shodan_honeyscore.rb
2017-03-21 13:10:31 -04:00
2e096be869
Remove debugging output
2017-03-21 11:26:02 -05:00
79c7b84f08
Create honeypot.rb
2017-03-21 11:15:12 -04:00
be41df6de0
Land #8036 , Fix run_as_psh with domain accounts
2017-03-21 09:05:50 -05:00
f397624a69
Land #7935 , HWBridge RF transceiver extension
2017-03-21 06:12:32 -05:00
aa5e9cd702
Land #8058 , Allow the http_payload stager to sleep before retry
2017-03-21 00:07:10 -05:00
c4279a837a
Minor formatting/spelling/verbiage changes.
2017-03-20 17:37:12 -05:00
2fde287424
Initial patch for rftransceiver (RfCat / YardstickOne)
2017-03-20 17:36:16 -05:00
2acd941b16
Merge branch 'master' into dtc_fix
2017-03-20 14:10:01 -05:00
0be6b8c905
Fixes #8022
...
Adds detection for ELM327 chips reporting CAN ERROR when vehicle is off.
Addes some enhanced UDS Error codes.
Cleaned up reporting from getvinfo if the vehicle is off or not connected.
2017-03-20 13:49:39 -05:00
06ebb22a8f
Land #8065 , Zigbee Hardware Bridge Extension
2017-03-20 10:44:15 -05:00
ffe77c484e
fixed spacing
2017-03-20 16:37:35 +01:00
e51063aa56
added the python3 syntax to the web_delivery script
2017-03-20 16:08:08 +01:00
7bcd53d87d
Land #8079 , exploit and aux for dnaLims
2017-03-20 11:08:05 -04:00
fd5345a869
updates per pr
2017-03-20 10:40:43 -04:00
fe5167bf26
changes to file per pr
2017-03-20 10:16:42 -04:00
f9ecefe465
Land #8031 , nil fixes for HWBridge
2017-03-19 22:37:28 -05:00
aa1e76f28e
Land #8128 , ensure there is a response before deferencing
2017-03-19 22:17:31 -05:00
e2c6f959f4
Land #8129 , s/colom/colon/g
2017-03-19 22:14:38 -05:00
534ca8c5cb
fix: URL encoding userdata
2017-03-18 21:52:49 -07:00
26d344a0ef
Initial checkin of launch instances module
2017-03-18 21:52:49 -07:00
ae883d7f02
Update multi_meterpreter_inject.rb
2017-03-19 00:27:28 -04:00
661bf6e492
Update multi_meterpreter_inject.rb
2017-03-19 00:27:03 -04:00
93a6614ab3
Update multi_meterpreter_inject.rb
2017-03-19 00:25:46 -04:00
f88a522bf5
fix #8121
2017-03-18 14:50:24 -04:00
06e6a973ce
land #7944 a scanner for Carlo Gavazzi energy meters
2017-03-18 10:35:43 -04:00
84e4b8d596
land #8115 which adds a CVE reference to IMSVA
2017-03-18 09:51:52 -04:00
1d0024ee3c
tools/modules/update_payload_cached_sizes.rb update
2017-03-17 20:58:41 -03:00
d55b680394
Land #8088 , Add some binaries to enum_protections
2017-03-17 17:14:59 -05:00
6aa42dcf08
Add solarwinds default ssh user rce
2017-03-17 21:54:35 +03:00
1180bd6ed7
Land #8037 , priv_migrate improvements
2017-03-17 13:19:51 -05:00
52cea93ea2
Merge remote-tracking branch 'upstream/master' into land-8118-
2017-03-17 12:39:30 -05:00
e67c83e92c
Land #8119 , Updated rails_secret_deserialization to add '.' cookie regex
2017-03-17 12:34:25 -05:00
ea4ca7ecc5
Land #8116 , Handle ::Errno::ECONNRESET in telnet_version
2017-03-17 12:32:02 -05:00
095a110e65
Code and doc tweaks (minor).
...
Only one behavior change in the scan loop of zstumbler.rb to, when doing a scan across all the channels, keep it from retrying channel 11 again one last time just before it exits.
2017-03-16 21:43:36 -05:00
db6bc6c784
Land #8100 , msfcrawler improvements
...
Does anyone use this anymore??
2017-03-16 21:31:23 -05:00
7a12e446a0
Updated documentation and fixed module header. Whoops, copy/paste fail.
2017-03-16 21:28:24 -05:00
ab75794cd4
Land #8071 , Add API to send an MMS message to mobile devices
2017-03-16 11:57:34 -05:00
78586f0dc9
Fixed an extra space at the EOL
2017-03-16 09:22:01 -07:00
80c33fc27f
adding '-' to rails deserialization regex for cookie matching
2017-03-16 10:54:32 -05:00
59c7de671e
Updated rails_secret_deserialization to add '.' regex for cookie matching.
2017-03-16 10:45:43 -05:00
f4bb1d6a37
Updated based on @wvu's comments
2017-03-15 19:15:12 -05:00
91a4657c36
Bumped the metasploit-payloads version and cache sizes with PR#8043
2017-03-15 19:02:21 -05:00
b2a7d18584
Update cached payload sizes
2017-03-15 18:43:48 -05:00
f706c4d7f6
Removing prefix
2017-03-16 00:49:55 +03:00
a1d7748d82
Fix #8061 , Handle ::Errno::ECONNRESET in telnet_version
...
Fix #8061
2017-03-15 16:33:37 -05:00
60186f6046
Adding CVE number
2017-03-16 00:31:21 +03:00
d4ee254057
Land #8076 , Add Easy File Sharing FTP Server Version 3.6 traversal
2017-03-15 16:17:13 -05:00
8afe6a9061
Update easy_file_sharing_ftp and add documentation
2017-03-15 16:14:41 -05:00
a0ba3f17e7
Land #8110 , process migration by name fix
2017-03-15 15:52:54 -05:00
456ddcebc0
Remove nil values that are default already
...
There are four lights!
2017-03-15 15:51:22 -05:00
8995629037
Land #7061 , allow chaining the service stub with other encoders
2017-03-15 13:56:09 -05:00
b65919e7b1
Land #7956 , Add QNAP NAS/NVR administrator hash disclosure
2017-03-15 11:12:59 -05:00
0a71e4a903
Update check with Exploit::CheckCode::Appears
2017-03-15 05:13:30 -05:00
Yorick Koster
Brandon Knight
HD Moore
itsmeroy2012
William Vu
Brent Cook
Brent Cook
Daniel Teixeira
Spencer McIntyre
Craig Smith
wchen-r7
Matthias Brun
zerosum0x0
h00die
zerosum0x0
Koen Riepe
Jonathan Claudius
James Lee
Tod Beardsley
Nate Caroe
Ahmed S. Darwish
nixawk
dmohanty-r7
David Maloney
William Webb
m0t
bigendiansmalls
mr_me
juushya
Christian Mehlmauer
bwatters-r7
Bryan Chu
Adam Cammack
Pearce Barry
Carter
dmchell
Javier Godinez
Mehmet Ince
Patrick DeSantis
Swiftb0y
alpiste
Chris Higgins
Dallas Kaman
Thomas Reburn