1abbd61cee
Land #10246 , add documentation for APK injection
2018-07-05 15:28:41 -07:00
b5981caa0b
Land #10219 , Add HP VAN SDN Controller exploit
2018-07-05 12:23:50 -07:00
144923db3a
Land #10237 , Add Boxoft WAV to MP3 Converter exploit module
2018-07-02 12:03:05 -07:00
fa95c0c2a1
Land #9958 , Nagios xi 2 electric
2018-06-29 10:18:13 -07:00
9bed9f0797
Land #10213 , Add FTPShell client 6.70 Stack Buffer Overflow exploit
2018-06-29 07:39:54 -07:00
87b50e57cc
Land #9933 , auxiliary/scanner/db2/discovery docs
2018-06-27 14:03:34 -07:00
165fb9dc79
Land #10109 , Teradata login scanner and SQL runner
2018-06-27 13:39:02 -07:00
f14597bcb2
Land #10199 , Kace Systems Management Command Injection
2018-06-26 10:11:07 -07:00
0a9dca2b5a
Land 10200, Add SickRage Password Leak Auxiliary Module
2018-06-25 15:27:22 -07:00
679378d025
Land #10156 , WebKit, as used in WebKitGTK+ Crash - CVE-2018-11646
2018-06-21 14:33:05 -07:00
cc293b54c4
Land #10193 , Updated Documentation for httpdasm module
2018-06-21 11:06:35 -07:00
17c0bc1fa7
Land #10183 , Add auxiliary mod to exploit httpdasm dir traversal vuln
2018-06-19 12:58:49 -07:00
95cb9f3654
Land #9825 , Add 'phpMyAdmin Authenticated Remote Code Execution'
2018-06-18 06:55:53 -07:00
94abd923f3
Land #10021 , post/multi/recon/sudo_commands module
2018-06-14 14:35:32 -07:00
fff6d2ebb7
Lad #10017 , D-Link DSL-2750B Unauthenticated OS Command Injection
...
Merge branch 'land-10017' into upstream-master
2018-06-14 15:09:38 -05:00
7e2c1fae2c
Land #10148 , Add New Module - Badpdf
...
Merge branch 'land-10148' into upstream-master
2018-06-12 15:21:25 -07:00
0a19221af2
Land #10101 , Add glibc 'realpath()' Privilege Escalation exploit
2018-06-12 14:43:57 -07:00
7f372d178d
Land #10059 , CVE-2018-1111 exploit
2018-06-12 13:04:36 -07:00
aa5c114364
Land #10067 , Added `auxiliary/fileformat/odt_badodt`
2018-06-06 09:29:34 -07:00
f6e0f5bd81
Land #10115 , Added module `auxiliary/fileformat/multidrop`
2018-06-05 14:32:25 -07:00
1df5b7655f
Land #10106 , Add the scanner/smb/impacket/wmiexec module
2018-06-05 06:39:34 -07:00
31ce48502c
Land #9528 , WebKit apple safari trident exploit (CVE-2016-4657)
2018-06-04 15:37:57 -07:00
650c5c7a93
Land #10121 , finish deprecating modules
2018-06-04 15:37:56 -07:00
e7ab118aaf
Land #9777 , Slui File Handler Hijack LPE
2018-06-01 07:03:22 -07:00
c8ff6cb5a4
Land #9701 , Flexense HTTP Server DoS exploit
2018-06-01 07:03:22 -07:00
016ee4d460
Land #9987 , AF_PACKET chocobo_root exploit
2018-05-21 15:22:51 -07:00
81368bef7a
Land #9966 , Add Reliable Datagram Sockets (RDS) Privilege Escalation exploit
...
Merge branch 'land-9966' into upstream-master
2018-05-21 17:01:36 -05:00
d5019be697
Land #10049 , fix docs for android/gather/wireless_ap
2018-05-17 08:16:35 -07:00
a51c1209ab
Land #9956 , add module to extract wireless credentials on Android
2018-05-17 08:16:35 -07:00
bacab0507b
Land #9947 , AF_PACKET packet_set_ring exploit
2018-05-17 08:16:34 -07:00
6e71f5c5fd
Land #9816 , Add the scanner/smb/impacket/dcomexec module
2018-05-17 08:16:34 -07:00
bbb5ff8ad4
Land #7815 , CVE-2016-9299 exploit
2018-05-17 08:16:33 -07:00
1de1b04c4f
Land #9919 , add libuser roothelper privilege escalation exploit
2018-05-15 11:58:14 -07:00
b2b97db28b
Land #9878 , Add MSF module for EDB 6768, Mantis <= v1.1.3 Post-auth RCE
2018-05-09 17:48:53 -07:00
0aaae09e5c
Land #9980 , PAN-OS readSessionVarsFromFile exploit
2018-05-09 17:48:53 -07:00
dcbc871883
Land #9988 , playsms_uploadcsv_exec
2018-05-07 09:35:08 -07:00
75196b4fc6
Land #9944 , playsms_filename_exec.rb
2018-05-07 09:35:08 -07:00
935fa6414e
Land #9968 , second round of Drupalgeddon 2 updates
2018-05-04 09:38:34 -05:00
38465e69a8
Land #8795 , Added CVE-2016-0040 Windows Privilege Escalation
...
Merge branch 'land-8795' into upstream-master
2018-05-04 09:38:28 -05:00
8739befa70
Land #9821 , osCommerce 2.3.4.1 - Remote Code Execution
2018-05-03 09:21:02 -07:00
c38bca1799
Land #9908 , msfd_rce_remote and msfd_rce_browser
2018-04-30 09:49:50 -05:00
3b8280c33f
Land #9918 , XDebug Unauthenticated OS command execution
2018-04-30 09:42:26 -05:00
3b7d2c8177
Land #9853 , Update Linux sock_sendpage local exploit module
2018-04-26 16:06:10 -07:00
d340ef2632
Land #9876 , Drupalgeddon 2
2018-04-26 08:29:59 -07:00
0949bedf67
Land #9628 , Add GitStack v2.3.10 Unauth REST API Aux Module
...
Land #9628
2018-04-23 11:21:11 -07:00
a44bcff2d8
Land #9756 , Add lastore-daemon D-Bus Privilege Escalation exploit
...
Merge branch 'land-9756' into upstream-master
2018-04-23 11:21:10 -07:00
6cbd7ba895
Land #9862 , Post-exploitation module for meterpreter (Windows) to send wireless probe requests
...
Merge branch 'land-9862' into upstream-master
2018-04-23 11:21:10 -07:00
d2a43d934d
Land # 9247, Add ASUS infosvr Auth Bypass Command Execution exploit
...
Merge branch 'land-9247' into upstream-master
2018-04-23 11:21:10 -07:00
b958526b6a
Land #9784 , add osx high sierra APFS password disclosure post module
2018-04-18 15:31:20 -07:00
5b42a81d3a
Land #9823 , Private IP leak via WebRTC
2018-04-12 09:27:21 -07:00
084e6b1db3
Land #9813 , Add etcd library and version scanner
2018-04-10 06:55:58 -07:00
62c6340d70
Land #9794 , Added support for regional dialects
2018-04-06 14:20:42 -07:00
ded6a50883
Land #8539 , ProcessMaker Plugin Upload exploit
2018-04-04 19:06:18 -07:00
4765ffc05a
Land #9595 , Add post module RID Hijacking on Windows
2018-04-04 19:06:17 -07:00
ef4fd1dc75
Land #9742 , QNX exploit improvements
2018-04-03 09:13:57 -05:00
c2bf848ba9
Land #9748 , Convert the smbloris DoS into an external module
...
Help reliability and performance. This some Ruby-specific external module
tooling as a result as well.
2018-04-03 09:13:56 -05:00
c3f9ee2ae3
Land #9802 , update kerberoasting setup docs
2018-04-03 09:13:29 -05:00
d6f23071ca
Land #9718 , Add get_user_spns 'kerberoasting' module
2018-04-03 09:13:29 -05:00
36ba1468e8
Land #9760 , @h00die's etcd scanner
2018-03-29 09:17:54 -07:00
3b87bf5a03
Land #9666 , Add 2017-8917 RCE for Joomla 3.7.0
2018-03-29 09:17:54 -07:00
6108d79dcd
Land #9684 , Adding ManageEngine Application Manager RCE
...
Land #9684
2018-03-27 15:44:50 -07:00
409ae22a7e
Land #9633 , Exodus Wallet Remote Code Execution
...
Land #9633
2018-03-27 15:44:49 -07:00
fdf9ea04a6
Land #9775 , module doc improvements to MS17-010
2018-03-27 15:44:49 -07:00
5b1577e46d
Land #9670 , Gitstack v2.3.10 RCE
...
Land #9670
2018-03-27 14:24:23 -05:00
c56e571b18
Land #9702 exploit for clipbucket
2018-03-27 13:55:43 -05:00
ef7b77ed01
Land #9529 , Add module for HP iLO CVE-2017-12542 authentication bypass
2018-03-17 20:33:05 -07:00
715279311a
Land #8422 , Typo3 News Module Sql Injection exploit
2018-03-15 09:21:14 -07:00
8af0d9ceaa
Land #9713 update to juniper config docs
2018-03-15 06:49:02 -07:00
028d329b4d
Land #9632 , owa_login and auth_brute enhancements
2018-03-12 10:14:19 -07:00
bcc0a2a94c
Land #7654 , varnish file read
2018-03-09 12:53:20 -08:00
49bc0024c1
Land #9678 , Add memcached UDP version scanner
2018-03-07 18:47:47 -08:00
fbee660136
Land #9554 , Eclipse Equinoxe OSGi console RCE
2018-03-07 07:49:31 -08:00
f6223c0193
Land #9614 , Juniper post enum module
2018-03-07 07:49:29 -08:00
6909c635bc
Land #9644 , @xistence's memcached stats amplification scanner
2018-03-05 15:29:20 -08:00
e57a1fbd43
Land #9650 netgear telnetenable exploit
2018-03-05 07:42:48 -08:00
fc8cafe81a
Land #9310 docs for many aux scanners
2018-02-25 23:25:02 -08:00
ac6fede928
Land #9441 , Create exploit for AsusWRT LAN RCE
...
Merge branch 'land-9441' into upstream-master
2018-02-23 08:31:01 -08:00
826b986018
Land #9602 , Create sessions with the Fortinet SSH backdoor scanner
2018-02-22 08:27:36 -08:00
dc913b60e4
Land #9444 - `hsts_eraser` module and docs
2018-02-22 08:27:35 -08:00
40220b5ab6
Land #9594 , CloudMe Sync v1.10.9 Buffer Overflow
2018-02-22 08:27:35 -08:00
72cb9f358e
Land #9561 , Disk Savvy Enterprise v10.4.18 built-in server buffer overflow
2018-02-22 08:27:34 -08:00
d2c203bcb9
Lands #9504 , MagniComp SysInfo privilege escalation
2018-02-20 09:24:13 -06:00
d2e71cfc8b
Land #9512 , Add Claymore Dual GPU Miner<= 10.5 DoS module
2018-02-16 15:34:48 -08:00
004e228a52
Land #9509 , Ulterius Server < v1.9.5.0 Directory Traversal
...
Land #9509
2018-02-16 15:34:47 -08:00
37cb2d77e7
Land #9422 abrt race condition priv esc on linux
2018-02-12 11:55:21 -06:00
6c3168c541
Land #9536 , Add Ubuntu notes to documentation
2018-02-12 11:55:19 -06:00
73bcec5d11
Land #9408 , Add Juju-run Agent Privilege Escalation module (CVE-2017-9232)
2018-02-12 11:55:19 -06:00
090f7c8bd6
Land #9467 linux priv esc against glibc origin
2018-02-12 11:55:19 -06:00
cd7187023c
Land #9469 linux local exploit for glibc ld audit
2018-02-12 11:55:18 -06:00
cd723ac86e
Add scanner for Bleichenbacher oracle (ROBOT)
2018-02-09 11:14:30 -06:00
b696665adc
Land #9478 , Improve Dup Scout BOF exploit
2018-02-08 10:25:39 -06:00
5457cec81c
Land #9493 updates to various docs
2018-02-06 23:33:58 -06:00
6c350be24e
Land #9473 , new MS17-010 aux and exploit modules
2018-02-02 11:32:40 -06:00
016af01fd8
Land #9399 a linux priv esc against apport and abrt
2018-02-02 11:32:29 -06:00
ec12d61702
Land #9354 , Debut embedded httpd server (Brother printers) DoS
2018-02-02 11:31:59 -06:00
64746d8325
Land # 9407, Add BMC Server Automation RSCD Agent RCE exploit module
...
Merge branch 'land-9407' into upstream-master
2018-02-01 11:23:59 -06:00
4fa68f29d9
Land #9457 , Dup Scout Enterprise v10.4.16 - Import Command Buffer Overflow
2018-02-01 11:23:26 -06:00
395320ba97
Land #9379 , Oracle Weblogic RCE exploit and documentation
2018-01-26 18:08:56 -06:00
926ce42a01
Land #8632 , colorado ftp fixes
2018-01-24 17:13:20 -06:00
2ea9ab2625
Land #9416 , Sync Breeze Enterprise 9.5.16 Import Command buffer overflow
...
Merge branch 'land-9416' into upstream-master
2018-01-24 17:13:16 -06:00
a4022f7b8f
Land #9430 , Improve Hyper-V checkvm checks
2018-01-24 17:13:12 -06:00
8f2de5cd41
Land #9205 , Documentation for Kaltura <= 13.1.0 RCE (CVE-2017-14143)
...
Merge branch 'land-9205' into upstream-master
2018-01-24 17:13:05 -06:00
5ec3da843e
Land #9349 , GoAhead LD_PRELOAD CGI Module
2018-01-24 17:12:47 -06:00
b8fc2c0213
Land #9389 , Update commvault_cmd_exec module documentation
2018-01-24 17:11:34 -06:00
593813cdef
Fix small grammar issues in ms08_067 and ms17_010
...
Also includes very small changes to improve punctuation consistency
within CONTRIBUTING.md
2018-01-15 19:32:44 -08:00
736d438813
Address second round of feedback
...
Brain fart on guard clauses when I've been using them all this time...
Updating the conditions made the ternary fall out of favor.
Changed some wording in the doc to suggest the domain name for a
particular NIS server may be different from the bootparamd client's
configuration.
2018-01-13 22:55:01 -06:00
c080329ee6
Update module after feedback
...
Looks like I can't decide on certain style preferences.
Not keen on using blank?, but I've used it before. Time to commit?
Also, fail_with has been fixed for aux and post since #8643 . Use it!
2018-01-13 15:40:11 -06:00
ff1c85552b
Add module doc
2018-01-12 19:34:59 -06:00
e6c4fb1dab
Land #9269 , Add a new target for Sync Breeze Enterprise GET BoF
...
Land #9269
2018-01-11 16:54:23 -06:00
f395e07fc6
Land #9269 , add new target for Sync Breeze Enterprise GET BoF
...
Land #9269
2018-01-11 16:53:02 -06:00
4b225c30fd
Land #9368 , ye olde NIS ypserv map dumper
2018-01-10 22:02:36 -06:00
f5210ed6d6
Update module doc with missing options
2018-01-10 20:18:50 -06:00
6510ee53bc
Land #9204 , Add exploit for Samsung SRN-1670D (CVE-2017-16524)
...
Land #9204
2018-01-10 20:15:29 -06:00
18c179a091
Update module and add documentation
...
This updates the module to pass:
* msftidy
* Ruby style guidelines
* Proper usage of Metasploit API
* Mostly other cosmetic fixes
A documentation is also added.
2018-01-10 20:13:42 -06:00
7e2c7837e5
Land #9325 , Add CVE-2017-6090 phpCollab 2.5.1 file upload exploit module
...
Land #9325
2018-01-10 17:39:50 -06:00
b1f3f471f3
Update phpcollab_upload_exec code (also module documentation)
2018-01-10 17:38:52 -06:00
8d77f35b16
Land #9373 , Add LabF nfsAxe FTP Client 3.7 Stack Buffer Overflow
...
Land #9373
2018-01-09 22:40:50 -06:00
25280e3319
Update labf_nfsaxe and module documentation
2018-01-09 22:39:40 -06:00
777e383568
Land #9377 , Add HPE iMC dbman RestoreDBase Unauthenticated RCE exploit
...
Land #9377
2018-01-09 13:56:53 -06:00
a0c9cdd73d
Land #9376 , Add HPE iMC dbman RestartDB Unauthenticated RCE exploit
...
Land #9376
2018-01-09 13:28:03 -06:00
bbad416a86
Add module doc to appease the @h00die god
2018-01-08 15:02:39 -06:00
d138f1508c
Land #9340 , Add exploit for Commvault Remote Command Injection
...
Land #9340
2018-01-07 12:17:26 -06:00
a1a594d1f8
Add documentation
2018-01-06 05:09:24 +00:00
9ec17bdd54
Add documentation
2018-01-06 05:08:33 +00:00
160f960f78
Add files via upload
2018-01-04 20:25:41 +00:00
65f444ddcc
land #9362 exploit for pfsense graph injection
2018-01-04 14:35:52 -05:00
520e890520
Land #8581 , VMware Workstation ALSA Config File Local Privilege Escalation
2018-01-03 21:35:57 -06:00
b8dde2e650
Land #9360 , Ayukov NFTP FTP client buffer overflow vulnerability
...
Land #9360
2018-01-03 20:56:12 -06:00
04cf3017c0
Update ayukov_nftp exploit and module documentation
2018-01-03 20:52:57 -06:00
c3f10c1d57
Land #9336 , Linksys WVBR0-25 exploit
2018-01-03 18:13:44 -06:00
589de0483b
Clarification in product linkage and small syntax fixup in repro steps
2018-01-03 17:00:26 -06:00
a5fa63405f
Land #9206 , Add Xplico RCE exploit module
2018-01-03 16:02:51 -06:00
3b0f0aa358
Adding doc file for module linksys_wvbr0_user_agent_exec_noauth
2018-01-02 14:54:18 -06:00
8f0e41e159
requested changes
2018-01-01 17:30:43 -06:00
bc088cb379
added md
2018-01-01 05:46:04 -06:00
76d345039d
Create ayukov_nftp.md
2017-12-31 15:42:32 +00:00
3516305517
land #9191 an exploit against HP LoadRunner magentproc
2017-12-29 16:35:43 -05:00
b698095c49
slight updates to magentproc docs
2017-12-29 16:30:32 -05:00
bb97467b31
docs for auxiliary/scanner/http/directadmin_login
2017-12-29 14:43:20 -06:00
5e71be7772
add ard_root_pw documentation
2017-12-28 14:37:25 -06:00
ae17943d4c
fix documentation preformat blocks
2017-12-27 22:32:26 -06:00
bbed7db13c
Merge branch 'upstream-master' into feature/mqtt-login
2017-12-27 13:08:44 -08:00
e6de25d63b
Land #9316 Cambium modules and mixins, tx @juushya
...
These cover several of the CVEs mentioned in
https://blog.rapid7.com/2017/12/19/r7-2017-25-cambium-epmp-and-cnpilot-multiple-vulnerabilities/
2017-12-26 12:39:51 -06:00
7aa296577e
Added readme
2017-12-22 14:34:35 -05:00
d4bc98c13f
Merge branch 'upstream-master' into feature/mqtt-login
2017-12-22 08:07:40 -08:00
caae33b417
Land #9170 , Linux UDF for mysql_udf_payload
2017-12-21 20:48:24 -06:00
917e9aa328
Doc READ_TIMEOUT
2017-12-20 19:10:49 -08:00
962bc71d10
Merge branch 'feature/mqtt' into feature/mqtt-login
2017-12-20 18:58:36 -08:00
9c0df54f36
syntax
2017-12-20 18:54:09 -08:00
fa1536209a
syntax
2017-12-20 18:52:34 -08:00
508253eadc
More docs
2017-12-20 18:51:44 -08:00
0f72ce1ee5
Add WIP documentation for auxiliary/scanner/mqtt/connect
2017-12-20 18:45:10 -08:00
86ce3c8781
Made suggested changes and added documentation
2017-12-20 15:54:16 -05:00
a8b845fff9
Land #9283 , Add node.js ws websocket library DoS module
2017-12-20 14:20:42 -06:00
8c1f1696af
Kill trailing whitespace in docs
2017-12-18 17:35:49 -06:00
4aa480d655
Land #9311 , docs for #9180
2017-12-18 17:34:55 -06:00
c2b8d23854
Kill trailing whitespace
2017-12-18 16:56:09 -06:00
65da14c165
Adding docs for modules
2017-12-18 16:47:43 -06:00
a33ed82a40
Land #9214 , @realoriginal's update to the Cisco SMI scanner to also fetch Cisco IOS configs
2017-12-18 12:22:26 -08:00
369d74cdb2
Updating documentation
...
Added a missing backtick
2017-12-18 10:34:00 -05:00
76823e9fe6
Land #9183 , Jenkins Groovy XStream RCE
2017-12-18 03:38:27 -06:00
880a1d4283
Land #9312 , Module acting as a Pyrotechnical Device Deployment Tool (PDT) for Hardware Bridge
2017-12-17 18:32:28 -06:00
8344401484
Add docs, minor tweaks.
2017-12-17 18:15:49 -06:00
95e2f1da95
Update samsung_browser_sop_bypass.md
2017-12-17 11:02:24 +05:30
53a098a7f3
Update samsung_browser_sop_bypass.md
2017-12-16 22:46:29 +05:30
6b54fe6775
Create samsung_browser_sop_bypass.md
2017-12-16 22:26:08 +05:30
c6a2ae2551
Land #9248 , Add wd_mycloud_multiupload_upload exploit
2017-12-13 18:51:02 -06:00
c0a534140d
Land #9284 a regex dos for ua_parser_js npm module
2017-12-13 19:31:49 -05:00
544e4e3d0b
fix md formatting
2017-12-13 19:30:50 -05:00
dd5532c5de
Addressing Formatting Issues
...
There were several formatting and layout issues
that are fixed in this commit. Also changing
`RHOSTS` to `RHOST`.
2017-12-13 14:26:27 -06:00
b99663fb6c
Bring #9282 up to date with upstream-master
2017-12-13 13:16:30 -06:00
37514eec17
Land #9234 , Add exploit for ClickJacking vuln for pfSense
...
Land #9234
2017-12-12 14:56:21 -06:00
6149f51273
Land #9256 , Add aux module to discover WSDD enabled devices
...
Land #9256
2017-12-12 11:55:42 -06:00
d79b0ad981
Land #9286 , Advantech WebAccess webvrpcs BOF RCE
2017-12-12 00:25:56 -05:00
7f93cca446
Land #9288 , Add Dup Scout Enterprise login buffer overflow
2017-12-11 17:12:20 -06:00
2d23054a1f
Changes as per comments
...
A few things were changed as per the PR comments:
1) The module title was reworded
2) The module description was multi-lined
3) Negative logic was rewritten to use 'unless'
4) Strings which did not require interpolation were rewritten
5) Documentation markdown was added.
2017-12-11 14:11:40 -06:00
f8977ed72c
added some fixes
2017-12-11 11:34:17 -06:00
c5f218c84c
Addressing comments
...
1. Updated documentation
2. Made the Sec-WebSocket-Key header a random value
2017-12-11 11:49:31 -05:00
3a14ac3b37
Fixed a spelling error in documentation
2017-12-09 02:30:42 -06:00
e91830efe7
Add Dup Scout Enterprise login buffer overflow
2017-12-09 02:20:05 -06:00
668585a1f9
Adding documentation
...
Adding module documentation for ws_dos.
2017-12-08 15:52:57 -05:00
073ffcb3bc
added some docs
2017-12-07 16:58:14 -06:00
900f7d6f69
docs on options
2017-12-07 14:47:40 -05:00
12425d962c
Rename office_dde_delivery to office_dde_delivery.md
2017-12-06 22:40:57 -05:00
1e4b707a60
MS Office DDE Documentation
2017-12-06 21:46:47 -05:00
ce2db3cd87
Land #9275 , CVE-2017-11882 (docs fix)
2017-12-05 10:16:54 -06:00
14226c5f33
missing docs on options
...
Missed fixes on documentation
2017-12-04 20:58:36 -05:00
69b01d26bb
Land #9226 , Microsoft Office OLE object memory corruption
2017-12-04 16:50:27 -08:00
b7f17f5519
fix documentation
2017-12-04 16:41:27 -05:00
f83e9815dd
Land #9210 , Add a Polycom HDX RCE
2017-12-04 12:49:35 -06:00
775529277f
Add documentation
2017-11-29 17:37:34 +00:00
9dc3d60fc2
Stupid Typos
2017-11-29 10:29:38 -06:00
efa8d566d7
Added documentation for iamroot
2017-11-29 10:26:06 -06:00
d174ef3a70
Add wd_mycloud_multiupload_upload exploit
2017-11-28 07:12:00 -06:00
244acc48b6
Land #9212 , pfsense group member exec module
2017-11-27 11:27:29 -06:00
43ff4f12e5
update docs
2017-11-22 06:57:35 -05:00
b5994bde79
Update pfsense_clickjacking.md
2017-11-22 11:10:47 +01:00
5b5c5520e6
Update pfsense_clickjacking.md
2017-11-22 11:09:54 +01:00
916ee05cce
Add exploit module for Clickjacking vulnerability in CSRF error page pfSense
2017-11-22 11:06:22 +01:00
73c692fb65
fix docs
2017-11-21 21:31:06 -05:00
879db5cf38
Land #9050 , @mpizala's improvements to the docker_daemon_tcp module
2017-11-21 17:13:24 -08:00
b6c81e6da0
Reimplement slowloris as external module
2017-11-21 16:21:01 -05:00
aa16288140
Update slow_loris.md
2017-11-21 15:49:45 -05:00
6d2007a4db
Update slow_loris.md
2017-11-21 15:49:44 -05:00
fbb9e9d473
Update slow_loris.md
2017-11-21 15:49:44 -05:00
4419c0d851
Create slow_loris.md
2017-11-21 15:49:44 -05:00
fcf2cfa134
Create office_ms17_11882.md
2017-11-21 14:45:56 -05:00
90d6165e68
bypass user namespaces docs
2017-11-19 22:10:39 +01:00
b7f7afb3be
version detect, 2.2.6 handling
2017-11-19 08:28:07 -05:00
40bb622b7a
update docs
...
Updating documentation
2017-11-18 13:07:24 -05:00
74a1b405c4
action addition DOWNLOAD
2017-11-16 12:46:31 -05:00
f8891952c6
pfsense group member exec module
2017-11-15 21:00:58 -05:00
c740f4369c
Land #9197 , Cleanup Mako Server exploit
2017-11-15 15:01:31 -06:00
256bf5a5ca
Create polycom_hdx_traceroute_exec.md
2017-11-15 10:38:53 -05:00
54936b6ac3
Updatig documentation and tweaking initiate_session
2017-11-15 01:04:06 +03:00
86e47589b0
Add xplico remote code execution
2017-11-14 09:30:57 +03:00
f3e2f4d500
Land #9167 , D-Link DIR-850L exploit
2017-11-10 18:15:39 -06:00
3936d3baa1
Clean up module
2017-11-10 18:15:22 -06:00
df2b62dc27
Add Mako Server CMD injection Linux support, update docs, move to multi
2017-11-10 16:28:39 -05:00
52888871e3
Land #8747 RCE for Geutebrueck GCore on Windows
2017-11-08 20:22:54 -05:00
7ad151e68b
gcore formatting update
2017-11-08 20:21:40 -05:00
39916ef61a
Land #9133 , Command injection in Mako Server examples
2017-11-08 15:11:01 -06:00
d95b333ae9
Added exploit module for HP LoadRunner command exec vuln CVE-2010-1549.
2017-11-09 03:59:18 +11:00
5a07be9b96
Land #9041 , Add LPE on Windows using CVE-2017-8464
2017-11-08 10:09:03 -06:00
19e3e181c1
Fix compiling instructions
2017-11-08 09:36:32 -06:00
fa8d017579
Change documentation from a first person context
2017-11-08 09:29:46 -05:00
11093b8393
Added documentation
2017-11-08 08:07:06 -06:00
fc87ee08d9
Land #9060 , IBM Lotus Notes DoS (CVE-2017-1130).
2017-11-07 11:20:12 -06:00
d770406049
Add docs
2017-11-07 10:58:28 -05:00
85b8b4116a
Create ibm_lotus_notes2.md
2017-11-07 12:08:08 +05:30
c9e3b8816b
remove old name
2017-11-04 13:53:04 -04:00
9236aff6ee
forgot to add my docs
2017-11-04 13:51:41 -04:00
646c7f7c0a
update doc
2017-11-04 11:40:32 -04:00
40bcb3f0c8
update documentation
2017-11-03 09:09:51 -04:00
697031eb36
mysql UDF now multi
2017-11-03 05:26:05 -04:00
caad1bbf27
Create dlink_dir850l_unauth_exec.md
2017-11-02 15:54:45 -04:00
e3ac6b8dc2
Land #9109 , wp-mobile-detector upload and execute
2017-11-01 13:25:16 -05:00
8613852ee8
Add Mako Server v2.5 command injection module/docs
2017-10-26 23:29:11 -04:00
cd35ae4661
Land #9106 negear dgn1000 unauth rce module
2017-10-22 22:18:53 -04:00
210f6f80b7
netgear1000dng cleanup
2017-10-22 22:17:40 -04:00
e9fdb5bd94
Create netgear_dgn1000_unauth_setup_exec.md
2017-10-22 16:54:06 -04:00
cfd7761818
wp_mobile_detector rce
2017-10-20 23:19:58 -04:00
9658776adf
Land #9079 , adding @h00die's gopher scanner
2017-10-20 17:16:08 -07:00
f250e15b6e
Land #9105 rename psh to polycom for name collision
2017-10-20 20:10:57 -04:00
fd028338e1
move psh to polycom so no more powershell name collision
2017-10-20 20:08:11 -04:00
5a6da487ab
Land #9043 two exploit modules for unitrends backup
2017-10-20 20:00:35 -04:00
e8de6a46d5
Update ueb9_bpserverd.md
2017-10-20 12:21:17 -06:00
f938a1029b
Make note about stopping container after
2017-10-20 10:30:12 -07:00
e82cb4577d
Show module selection + config
2017-10-20 10:12:46 -07:00
a8b4d4e4a2
Link to gopher container
2017-10-20 10:04:09 -07:00
Brent Cook
Wei Chen
Jacob Robles
Brendan Coles
William Vu
Adam Cammack
Shelby Pace
bwatters-r7
Aaron Soto
Tim W
h00die
Chris Higgins
Jon Hart
Pearce Barry
Brady Sullivan
Daniel Teixeira
headlesszeke
dmohanty-r7
wetw0rk
Jeffrey Martin
Tod Beardsley
b0yd
Nick Marcoccio
Ryan Knell
RootUp
Nicholas Starke
Matthew Kienow
mr_me
Austin
William Webb
Zenofex
Yorick Koster
Martin Pizala
Mehmet İnce
Steven Patterson
Patrick Webster
Spencer McIntyre
attackdebris
Steven Patterson
caleBot