Commit Graph

45381 Commits (17c8f7c4c769273ec30e72f99f9357e9f812821e)

Author SHA1 Message Date
Brent Cook 17c8f7c4c7 support iterating across RHOSTS for exploits 2018-03-12 15:46:03 -05:00
Brent Cook 4ab36bc713 factor out exploit runner from command parsing 2018-03-12 15:46:02 -05:00
Brent Cook b456cd2c8c use RHOSTS in many places where we used RHOST 2018-03-12 15:46:02 -05:00
Jacob Robles b9e0b628ef
varnish anonymous file read 2018-03-09 11:30:22 -06:00
Jacob Robles 615f6b02af
varnish no auth file read 2018-03-09 11:25:13 -06:00
Jacob Robles 1fd0087a97
Land #7654, varnish file read 2018-03-09 10:59:04 -06:00
Jacob Robles a458cb9ebc
varnish file read msftidy fixes 2018-03-09 10:56:52 -06:00
Jacob Robles 037559023a
Update connect/disconnect varnish
[ticket: #7654]
2018-03-09 10:37:14 -06:00
Metasploit 1be34848d5
Weekly dependency update 2018-03-08 10:08:28 -08:00
Jeffrey Martin b9ad1f2872
Land #9687, bump payloads, fix PHP meterpreter message parsing 2018-03-07 18:48:56 -06:00
Jeffrey Martin 26481d503e
one more payload size adjustment 2018-03-07 18:48:10 -06:00
Brent Cook b977b1c951 bump payload sizes 2018-03-07 17:41:58 -06:00
Brent Cook e8e6d01581 bump payloads, fix PHP meterpreter message parsing 2018-03-07 17:28:49 -06:00
Jacob Robles 15269ec3ce
Land #9678, Add memcached UDP version scanner 2018-03-07 10:14:29 -06:00
Jacob Robles 86dd382e6a
Land #9554, Eclipse Equinoxe OSGi console RCE 2018-03-07 08:41:31 -06:00
Jon Hart a69c2e29d2
Correct comment 2018-03-06 18:16:22 -08:00
Jon Hart 1e04fa009f
Fix style 2018-03-06 18:13:50 -08:00
Jon Hart 7733662767
Add docs for memcached_udp_version 2018-03-06 18:12:40 -08:00
Jon Hart 74ec9f00e7
Add WIP memcached UDP version scanner 2018-03-06 17:54:00 -08:00
Jon Hart 0cc31eb7d4
Land #9676, correcting CVE and adding disclosure date for memcached
amplification
2018-03-06 16:18:34 -08:00
Jon Hart e72372d6d8
Add disclosure date and correct CVE for memcached amp 2018-03-06 16:04:00 -08:00
bwatters-r7 ccbc7fcefe
Land #9606, Add some tests for cmd_exec
Merge branch 'for-the-windows' into upstream-master
2018-03-06 15:13:07 -06:00
bwatters-r7 43bc159022
Fix if/end 2018-03-06 15:01:15 -06:00
bwatters-r7 4694ef6723
Make Rubocop less angy 2018-03-06 14:54:00 -06:00
Christian Mehlmauer 348a3496e3
Land #9672, fix docker build 2018-03-06 19:12:57 +01:00
Brent Cook d6871f5733
Land #9614, Juniper post enum module 2018-03-06 10:29:56 -06:00
bwatters-r7 b13a54ba2b
clean up some code and skip non-windows tests 2018-03-06 10:10:53 -06:00
dcylabs 36eb8cee66 Fix docker build 2018-03-06 14:16:39 +01:00
bwatters-r7 6c177b7c3b Add windows checks 2018-03-06 12:14:33 +07:00
bwatters-r7 e878e19bbd Land #9665, Add missing reverse_tcp_rc4 payload tests.
Merge branch 'land-9665' into upstream-master
2018-03-05 17:18:04 -06:00
William Vu 254833d5a1
Land #9671, missed code from TelnetEnable refactor 2018-03-05 15:00:02 -06:00
William Vu 176fb13c84 Fix #9650, missed code from TelnetEnable refactor
1. Functionality was added incrementally, and I missed an opportunity to
consolidate a few methods under @do_exploit.
2. The Capture mixin can raise RuntimeError for a number of different
reasons, not just a lack of root privileges.

tl;dr Fix my incompetence and laziness. :-)

I don't think EDB and friends usually get these updates. :(
2018-03-05 14:46:27 -06:00
Jon Hart 3028dccd7a
Land #9644, @xistence's memcached stats amplification scanner 2018-03-05 09:02:28 -08:00
Brent Cook ad6ceb0a7e
Land #9669, fix SSL cert generation in provider 2018-03-05 10:26:58 -06:00
dcylabs 708f1da0ed fix SSL certificate provider 2018-03-05 17:01:37 +01:00
xistence 86677b8a8d
Merge pull request #2 from jhart-r7/pr/fixup-9644
Simplify memcached amplification scanner to use UDPScanner for most of the work
2018-03-05 08:44:38 +07:00
Jeffrey Martin eac7cc63fc
add missing payload tests 2018-03-04 17:54:52 -06:00
Jon Hart f2de2a7f21
Appease most of rubocop's concerns 2018-03-04 07:17:25 -08:00
Jon Hart 2edb2dd8d0
Add CVE; clarify vuln name 2018-03-04 07:13:28 -08:00
h00die ea62497385
Land #9658 spelling and grammar fixes 2018-03-04 06:24:59 -05:00
Biswajit Roy 3925686173
Fixed error in my correction
Changed from `an username` to `a username`
2018-03-03 10:16:44 +05:30
h00die 818c28b901
Land #9650 netgear telnetenable exploit 2018-03-02 21:01:35 -05:00
h00die d454267ea5 update docs 2018-03-02 21:00:41 -05:00
William Vu dd2e15f959 Update doc a final time to appease the @h00die god 2018-03-02 19:40:11 -06:00
h00die c440d6f613
Land #9661 fix for heart logo 2018-03-02 20:25:10 -05:00
William Vu 6dbf9445c9 Add MAC address discovery 2018-03-02 19:18:30 -06:00
William Vu 107512498c Add check method 2018-03-02 19:16:37 -06:00
William Vu 25f36fb926 Refactor code into new methods 2018-03-02 19:16:37 -06:00
William Vu c343c926cf Add N300 version to module doc 2018-03-02 19:15:20 -06:00
William Vu 109bc87ffb Check for nil, EOFError, and zero-length response 2018-03-02 19:15:20 -06:00