Commit Graph

23553 Commits (17c8f7c4c769273ec30e72f99f9357e9f812821e)

Author SHA1 Message Date
Jacob Robles 615f6b02af
varnish no auth file read 2018-03-09 11:25:13 -06:00
Jacob Robles 1fd0087a97
Land #7654, varnish file read 2018-03-09 10:59:04 -06:00
Jacob Robles a458cb9ebc
varnish file read msftidy fixes 2018-03-09 10:56:52 -06:00
Jacob Robles 037559023a
Update connect/disconnect varnish
[ticket: #7654]
2018-03-09 10:37:14 -06:00
Jeffrey Martin b9ad1f2872
Land #9687, bump payloads, fix PHP meterpreter message parsing 2018-03-07 18:48:56 -06:00
Jeffrey Martin 26481d503e
one more payload size adjustment 2018-03-07 18:48:10 -06:00
Brent Cook b977b1c951 bump payload sizes 2018-03-07 17:41:58 -06:00
Jacob Robles 15269ec3ce
Land #9678, Add memcached UDP version scanner 2018-03-07 10:14:29 -06:00
Jacob Robles 86dd382e6a
Land #9554, Eclipse Equinoxe OSGi console RCE 2018-03-07 08:41:31 -06:00
Jon Hart a69c2e29d2
Correct comment 2018-03-06 18:16:22 -08:00
Jon Hart 1e04fa009f
Fix style 2018-03-06 18:13:50 -08:00
Jon Hart 74ec9f00e7
Add WIP memcached UDP version scanner 2018-03-06 17:54:00 -08:00
Jon Hart e72372d6d8
Add disclosure date and correct CVE for memcached amp 2018-03-06 16:04:00 -08:00
Brent Cook d6871f5733
Land #9614, Juniper post enum module 2018-03-06 10:29:56 -06:00
bwatters-r7 e878e19bbd Land #9665, Add missing reverse_tcp_rc4 payload tests.
Merge branch 'land-9665' into upstream-master
2018-03-05 17:18:04 -06:00
William Vu 176fb13c84 Fix #9650, missed code from TelnetEnable refactor
1. Functionality was added incrementally, and I missed an opportunity to
consolidate a few methods under @do_exploit.
2. The Capture mixin can raise RuntimeError for a number of different
reasons, not just a lack of root privileges.

tl;dr Fix my incompetence and laziness. :-)

I don't think EDB and friends usually get these updates. :(
2018-03-05 14:46:27 -06:00
Jon Hart 3028dccd7a
Land #9644, @xistence's memcached stats amplification scanner 2018-03-05 09:02:28 -08:00
Jeffrey Martin eac7cc63fc
add missing payload tests 2018-03-04 17:54:52 -06:00
Jon Hart f2de2a7f21
Appease most of rubocop's concerns 2018-03-04 07:17:25 -08:00
Jon Hart 2edb2dd8d0
Add CVE; clarify vuln name 2018-03-04 07:13:28 -08:00
h00die ea62497385
Land #9658 spelling and grammar fixes 2018-03-04 06:24:59 -05:00
Biswajit Roy 3925686173
Fixed error in my correction
Changed from `an username` to `a username`
2018-03-03 10:16:44 +05:30
William Vu 6dbf9445c9 Add MAC address discovery 2018-03-02 19:18:30 -06:00
William Vu 107512498c Add check method 2018-03-02 19:16:37 -06:00
William Vu 25f36fb926 Refactor code into new methods 2018-03-02 19:16:37 -06:00
William Vu 109bc87ffb Check for nil, EOFError, and zero-length response 2018-03-02 19:15:20 -06:00
William Vu bcdfebf93c Add a vprint for creds we chose 2018-03-02 19:15:19 -06:00
William Vu 4418a0de02 Enhance detection of telnetenabled vs. telnetd 2018-03-02 19:15:19 -06:00
William Vu fba30d47a2 Use default creds specific to protocol 2018-03-02 19:15:18 -06:00
William Vu 1f40afea9c Add automatic target for detection of TCP or UDP 2018-03-02 19:15:18 -06:00
William Vu a5e5b618fd Add print statements I forgot 2018-03-02 19:15:17 -06:00
William Vu e87681f2c4 Add NETGEAR TelnetEnable 2018-03-02 19:15:17 -06:00
bwatters-r7 0d07d44b14
ReLand #9565, Reverse TCP x64 RC4 via max3raza's rc4_x64 asm
This reverts commit 7964868fcd.
2018-03-02 16:09:52 -06:00
bwatters-r7 7964868fcd
Revert "Land #9565, Reverse TCP x64 RC4 via max3raza's rc4_x64 asm"
This reverts commit fcc579377f, reversing
changes made to 95cd149378.
2018-03-02 08:29:48 -06:00
bwatters-r7 fcc579377f
Land #9565, Reverse TCP x64 RC4 via max3raza's rc4_x64 asm 2018-03-02 07:34:45 -06:00
Biswajit Roy 38c42f3b10
Fixed Typos
Fixed minor typing errors.
2018-03-02 17:38:19 +05:30
Jon Hart e7a7b557bc
Randomize and doc memcached stats probe; catch multi-packet responses 2018-03-01 16:56:34 -08:00
Jon Hart 155f45fc28
Simplify memcached amplification scanner to use UDPScanner for most of the work 2018-03-01 15:37:23 -08:00
Sonny Gonzalez 883654f0ea
Land #9653, fix Y2k38 issue (until Jan 1, 2038) 2018-03-01 09:13:41 -06:00
Brent Cook 27bd2a4a9f workaround Y2k38 issues in java certificate generation 2018-03-01 08:41:28 -06:00
Jon Hart 9e1a7c869c
Use drdos mixin for memcached amp module 2018-02-27 22:51:27 -08:00
xistence 05c99ffb5c Add Memcached amplification scanner 2018-02-28 11:24:17 +07:00
Brent Cook 325ad7256e if multi/handler is disabled, exit 2018-02-27 04:30:09 -06:00
Rob Fuller 0c82b0a922
Support Windows 2008/7 and above
Probably about time that we supported versions less than 10 years old :)
2018-02-24 16:06:55 -05:00
Brent Cook cd728defed Merge branch 'master' into land-9607- 2018-02-23 11:09:20 -06:00
h00die c7bbc6eca4 juniper post enum module 2018-02-22 21:08:21 -05:00
William Vu 7663e5c1f6
Land #9601, ms17_010_eternalblue reliability fixes 2018-02-22 15:30:45 -06:00
James Barnett e531dbc976
Fix bug causing all logins to appear valid
The headers we were looking for were a little too loose
and were incorrectly identifying all responses as successful
login attempts
2018-02-22 11:25:35 -06:00
bwatters-r7 4b8a8fa2b1
Land #9441, Create exploit for AsusWRT LAN RCE
Merge branch 'land-9441' into upstream-master
2018-02-22 10:40:45 -06:00
Jacob Robles 738d6ab33a
Land #9604, Fix logged errors when running without Python 3.6 / gmpy2 2018-02-22 08:11:30 -06:00