Commit Graph

10893 Commits (10b2833e7c96cfd2237b89555d3074405a0abfae)

Author SHA1 Message Date
Daniel Teixeira 10b2833e7c
Update ayukov_nftp.rb 2017-12-31 17:00:17 +00:00
Daniel Teixeira 21717ae0a2
Create ayukov_nftp.rb 2017-12-31 15:43:16 +00:00
h00die 3516305517
land #9191 an exploit against HP LoadRunner magentproc 2017-12-29 16:35:43 -05:00
h00die 4dacc70b9a slight updates to magentproc docs 2017-12-29 16:35:12 -05:00
h00die b698095c49 slight updates to magentproc docs 2017-12-29 16:30:32 -05:00
Pearce Barry e614e9b732
Land #9268, Update DiskBoss Module (EDB 42395) 2017-12-28 16:39:26 -06:00
Tod Beardsley e6de25d63b
Land #9316 Cambium modules and mixins, tx @juushya
These cover several of the CVEs mentioned in

https://blog.rapid7.com/2017/12/19/r7-2017-25-cambium-epmp-and-cnpilot-multiple-vulnerabilities/
2017-12-26 12:39:51 -06:00
juushya 8b0f2214b1 few more updates 2017-12-23 03:04:11 +05:30
juushya 038119d9df Use of get_cookies_parsed, changing dirs, marking deprecated in 2 mods, more 2017-12-23 00:14:27 +05:30
Jon Hart b29948412e
Correct permissions, fixing warning 2017-12-22 07:27:11 -08:00
William Vu caae33b417
Land #9170, Linux UDF for mysql_udf_payload 2017-12-21 20:48:24 -06:00
juushya a86abb0297 Implemented get_cookies_parsed 2017-12-22 05:36:36 +05:30
Tod Beardsley 5dfb5d581a
Switch get_cookies to get_cookies_parsed
Am I doing it right? See #9333
2017-12-21 09:00:56 -06:00
Brent Cook 210f137b7b Merge branch 'upstream-master' into land-9296- 2017-12-20 12:07:53 -06:00
EgiX a4098803b3
Remove OSVDB reference 2017-12-20 13:10:42 +01:00
Jon Hart 7b386ea2c8
Fix msftidy warnings wrt Set-Cookie 2017-12-19 06:58:23 -08:00
Tod Beardsley 85350a9645
Add Rapid7 blog references 2017-12-18 17:11:47 -06:00
Tod Beardsley ae4edd65e1
Hard wrap descriptions 2017-12-18 17:03:13 -06:00
Tod Beardsley 27a324237b
Initial commit for Cambium issues from @juushya
Note, these will trigger a bunch of WARNING msftidy messages for setting
cookies directly. This is on purpose.
2017-12-18 16:32:55 -06:00
William Vu e9b9c80841
Fix #9307, credit to @r0610205 2017-12-18 03:55:01 -06:00
William Vu 76823e9fe6
Land #9183, Jenkins Groovy XStream RCE 2017-12-18 03:38:27 -06:00
William Vu d3638d0487
Land #9154, Tuleap PHP object injection exploit 2017-12-18 03:19:42 -06:00
William Vu 0e2a158abd Fix global var $is_check (make ivar @is_check) 2017-12-18 03:15:33 -06:00
William Vu 8e4b007edc Move verify_arch to dcerpc_getarch
We can use this code elsewhere, such as the MS17-010 scanner.
2017-12-14 02:08:25 -06:00
Brent Cook c6a2ae2551
Land #9248, Add wd_mycloud_multiupload_upload exploit 2017-12-13 18:51:02 -06:00
Brent Cook 125a079fa9 add cve reference 2017-12-13 18:50:21 -06:00
Wei Chen b99663fb6c
Bring #9282 up to date with upstream-master 2017-12-13 13:16:30 -06:00
Wei Chen 37514eec17
Land #9234, Add exploit for ClickJacking vuln for pfSense
Land #9234
2017-12-12 14:56:21 -06:00
Wei Chen c7019e5aee Only load files once 2017-12-12 14:54:49 -06:00
Tim c4e20e01e3 iOS meterpreter 2017-12-12 23:23:21 +08:00
securekomodo b335cacfc1
Update wp_slideshowgallery_upload.rb
Variable on line 67 needs to be changed to "user" from "username" which was undefined and causing error during exploit execution.

[-] Exploit failed: NameError undefined local variable or method `username' for #<Msf::Modules::Mod6578706c6f69742f756e69782f7765626170702f77705f736c69646573686f7767616c6c6572795f75706c6f6164::MetasploitModule:0x0055c61ab093f8>

After changing the incorrect variable name from "username" to "user", the exploit completes.
2017-12-12 00:33:28 -05:00
Matthew Kienow d79b0ad981
Land #9286, Advantech WebAccess webvrpcs BOF RCE 2017-12-12 00:25:56 -05:00
mr_me e7a2dd2e71 fixed email 2017-12-11 23:20:46 -06:00
mr_me 26e2eb8f1a Changed to good ranking 2017-12-11 23:14:36 -06:00
Pearce Barry 9a6c54840b
Minor tweak to use vprint... 2017-12-11 16:48:47 -06:00
mr_me f8977ed72c added some fixes 2017-12-11 11:34:17 -06:00
Chris Higgins e91830efe7 Add Dup Scout Enterprise login buffer overflow 2017-12-09 02:20:05 -06:00
Pearce Barry 604b949e23
Updated per review comments. 2017-12-08 10:42:43 -06:00
mr_me 34ef650b0d fixed up msftidy, opps. 2017-12-07 17:03:39 -06:00
mr_me 75a82b3fe7 Advantech WebAccess webvrpcs ViewDll1 Stack-based Buffer Overflow Remote Code Execution Vulnerability 2017-12-07 16:34:26 -06:00
Austin 5a81f8091d
change some options for somethinf for sensible 2017-12-07 14:44:36 -05:00
Austin 335cc13cab
remove option, advanced Message seems to break it. 2017-12-07 14:17:14 -05:00
Austin 7bdc99a153
Fix HANDLER + some default options! 2017-12-07 13:53:39 -05:00
Austin 09aa433fdc
Add MESSAGE field for "obfuscation" 2017-12-07 08:04:31 -05:00
Austin 8bb6a8f47c
Rename office_dde_delivery to office_dde_delivery.rb 2017-12-06 22:40:37 -05:00
Austin 9d11c60d88
Office DDE Payload Delivery
Generate / Inject existing RTF files with DDE Payloads!
2017-12-06 21:41:00 -05:00
William Webb adba277be0
axe errant spaces at EOL 2017-12-04 16:57:48 -08:00
William Webb 69b01d26bb
Land #9226, Microsoft Office OLE object memory corruption 2017-12-04 16:50:27 -08:00
William Vu 19b37c7070
Land #9263, drb_remote_codeexec fixes
See pull requests #7531 and #7749 for hysterical raisins.
2017-12-04 18:45:03 -06:00
Brent Cook b13f4e25e1 thanks for making this well-known 2017-12-04 18:32:31 -06:00