Jacob Robles
615f6b02af
varnish no auth file read
2018-03-09 11:25:13 -06:00
Jacob Robles
1fd0087a97
Land #7654 , varnish file read
2018-03-09 10:59:04 -06:00
Jacob Robles
a458cb9ebc
varnish file read msftidy fixes
2018-03-09 10:56:52 -06:00
Jacob Robles
037559023a
Update connect/disconnect varnish
...
[ticket: #7654 ]
2018-03-09 10:37:14 -06:00
Jeffrey Martin
b9ad1f2872
Land #9687 , bump payloads, fix PHP meterpreter message parsing
2018-03-07 18:48:56 -06:00
Jeffrey Martin
26481d503e
one more payload size adjustment
2018-03-07 18:48:10 -06:00
Brent Cook
b977b1c951
bump payload sizes
2018-03-07 17:41:58 -06:00
Jacob Robles
15269ec3ce
Land #9678 , Add memcached UDP version scanner
2018-03-07 10:14:29 -06:00
Jacob Robles
86dd382e6a
Land #9554 , Eclipse Equinoxe OSGi console RCE
2018-03-07 08:41:31 -06:00
Jon Hart
a69c2e29d2
Correct comment
2018-03-06 18:16:22 -08:00
Jon Hart
1e04fa009f
Fix style
2018-03-06 18:13:50 -08:00
Jon Hart
74ec9f00e7
Add WIP memcached UDP version scanner
2018-03-06 17:54:00 -08:00
Jon Hart
e72372d6d8
Add disclosure date and correct CVE for memcached amp
2018-03-06 16:04:00 -08:00
Brent Cook
d6871f5733
Land #9614 , Juniper post enum module
2018-03-06 10:29:56 -06:00
bwatters-r7
e878e19bbd
Land #9665 , Add missing reverse_tcp_rc4 payload tests.
...
Merge branch 'land-9665' into upstream-master
2018-03-05 17:18:04 -06:00
William Vu
176fb13c84
Fix #9650 , missed code from TelnetEnable refactor
...
1. Functionality was added incrementally, and I missed an opportunity to
consolidate a few methods under @do_exploit.
2. The Capture mixin can raise RuntimeError for a number of different
reasons, not just a lack of root privileges.
tl;dr Fix my incompetence and laziness. :-)
I don't think EDB and friends usually get these updates. :(
2018-03-05 14:46:27 -06:00
Jon Hart
3028dccd7a
Land #9644 , @xistence's memcached stats amplification scanner
2018-03-05 09:02:28 -08:00
Jeffrey Martin
eac7cc63fc
add missing payload tests
2018-03-04 17:54:52 -06:00
Jon Hart
f2de2a7f21
Appease most of rubocop's concerns
2018-03-04 07:17:25 -08:00
Jon Hart
2edb2dd8d0
Add CVE; clarify vuln name
2018-03-04 07:13:28 -08:00
h00die
ea62497385
Land #9658 spelling and grammar fixes
2018-03-04 06:24:59 -05:00
Biswajit Roy
3925686173
Fixed error in my correction
...
Changed from `an username` to `a username`
2018-03-03 10:16:44 +05:30
William Vu
6dbf9445c9
Add MAC address discovery
2018-03-02 19:18:30 -06:00
William Vu
107512498c
Add check method
2018-03-02 19:16:37 -06:00
William Vu
25f36fb926
Refactor code into new methods
2018-03-02 19:16:37 -06:00
William Vu
109bc87ffb
Check for nil, EOFError, and zero-length response
2018-03-02 19:15:20 -06:00
William Vu
bcdfebf93c
Add a vprint for creds we chose
2018-03-02 19:15:19 -06:00
William Vu
4418a0de02
Enhance detection of telnetenabled vs. telnetd
2018-03-02 19:15:19 -06:00
William Vu
fba30d47a2
Use default creds specific to protocol
2018-03-02 19:15:18 -06:00
William Vu
1f40afea9c
Add automatic target for detection of TCP or UDP
2018-03-02 19:15:18 -06:00
William Vu
a5e5b618fd
Add print statements I forgot
2018-03-02 19:15:17 -06:00
William Vu
e87681f2c4
Add NETGEAR TelnetEnable
2018-03-02 19:15:17 -06:00
bwatters-r7
0d07d44b14
ReLand #9565 , Reverse TCP x64 RC4 via max3raza's rc4_x64 asm
...
This reverts commit 7964868fcd
.
2018-03-02 16:09:52 -06:00
bwatters-r7
7964868fcd
Revert "Land #9565 , Reverse TCP x64 RC4 via max3raza's rc4_x64 asm"
...
This reverts commit fcc579377f
, reversing
changes made to 95cd149378
.
2018-03-02 08:29:48 -06:00
bwatters-r7
fcc579377f
Land #9565 , Reverse TCP x64 RC4 via max3raza's rc4_x64 asm
2018-03-02 07:34:45 -06:00
Biswajit Roy
38c42f3b10
Fixed Typos
...
Fixed minor typing errors.
2018-03-02 17:38:19 +05:30
Jon Hart
e7a7b557bc
Randomize and doc memcached stats probe; catch multi-packet responses
2018-03-01 16:56:34 -08:00
Jon Hart
155f45fc28
Simplify memcached amplification scanner to use UDPScanner for most of the work
2018-03-01 15:37:23 -08:00
Sonny Gonzalez
883654f0ea
Land #9653 , fix Y2k38 issue (until Jan 1, 2038)
2018-03-01 09:13:41 -06:00
Brent Cook
27bd2a4a9f
workaround Y2k38 issues in java certificate generation
2018-03-01 08:41:28 -06:00
Jon Hart
9e1a7c869c
Use drdos mixin for memcached amp module
2018-02-27 22:51:27 -08:00
xistence
05c99ffb5c
Add Memcached amplification scanner
2018-02-28 11:24:17 +07:00
Brent Cook
325ad7256e
if multi/handler is disabled, exit
2018-02-27 04:30:09 -06:00
Rob Fuller
0c82b0a922
Support Windows 2008/7 and above
...
Probably about time that we supported versions less than 10 years old :)
2018-02-24 16:06:55 -05:00
Brent Cook
cd728defed
Merge branch 'master' into land-9607-
2018-02-23 11:09:20 -06:00
h00die
c7bbc6eca4
juniper post enum module
2018-02-22 21:08:21 -05:00
William Vu
7663e5c1f6
Land #9601 , ms17_010_eternalblue reliability fixes
2018-02-22 15:30:45 -06:00
James Barnett
e531dbc976
Fix bug causing all logins to appear valid
...
The headers we were looking for were a little too loose
and were incorrectly identifying all responses as successful
login attempts
2018-02-22 11:25:35 -06:00
bwatters-r7
4b8a8fa2b1
Land #9441 , Create exploit for AsusWRT LAN RCE
...
Merge branch 'land-9441' into upstream-master
2018-02-22 10:40:45 -06:00
Jacob Robles
738d6ab33a
Land #9604 , Fix logged errors when running without Python 3.6 / gmpy2
2018-02-22 08:11:30 -06:00