William Vu
|
8f65ca4108
|
Land #11463, NOCVE for Wemo exploit
|
2019-02-22 14:32:55 -08:00 |
Brent Cook
|
37c6bb3902
|
Land #11460, Changing print_line to print_good
|
2019-02-22 12:04:17 -08:00 |
|
Brent Cook
|
d6e6f21a4d
|
Land #11462, Add Reliability REPEATABLE_SESSION to Wemo exploit
|
2019-02-22 12:04:17 -08:00 |
Jacob Robles
|
f73b2dbc09
|
Land #11292, Add exploit for Nuuo CMS SQL injection
|
2019-02-21 10:45:14 -08:00 |
|
Jacob Robles
|
61cd6205a8
|
Land #11291, Add Nuuo CMS session bruteforcing module
|
2019-02-20 10:21:06 -08:00 |
|
Jacob Robles
|
973c7dac32
|
Land #11290, Add Nuuo CMS file upload exploit
|
2019-02-20 10:21:05 -08:00 |
|
Jacob Robles
|
80147f5ad8
|
Land #11293, Add Nuuo CMS file download
|
2019-02-20 10:21:05 -08:00 |
Wei Chen
|
74a4c79d04
|
Land #11409, Add Belkin Wemo UPnP RCE
|
2019-02-19 11:51:37 -08:00 |
|
Jacob Robles
|
a2ecece55a
|
Land #11430, Deregister RHOSTS instead of RHOST
|
2019-02-19 11:51:37 -08:00 |
Brendan Coles
|
22c9aec987
|
Land #11424, change `print_status` to `print_good`
|
2019-02-19 04:22:57 -08:00 |
|
William Vu
|
b4fed15d40
|
Land #11399, cisco_rv320_config updates
|
2019-02-13 15:02:13 -08:00 |
|
Wei Chen
|
658a5bc8a4
|
Land #11157, Add Windows Gather Power Shell History module
|
2019-02-13 10:42:32 -08:00 |
|
Wei Chen
|
a2a02669b4
|
Land #10731, Add Crock-Pot slow cooker remote control
|
2019-02-12 13:12:54 -08:00 |
|
Brent Cook
|
b8efc279c0
|
Land #11335, Update hash parsing formats for JTR
|
2019-02-12 07:16:08 -08:00 |
bwatters
|
99c9f88bba
|
Land #11388, Bump metasploit-payloads to 1.3.62
Merge branch 'land-11388' into upstream-master
|
2019-02-12 09:14:06 -06:00 |
|
Wei Chen
|
635ba7abaa
|
Land #11220, Add new PCOM module to send admin commands
|
2019-02-11 12:05:02 -08:00 |
|
Wei Chen
|
2fd623b58f
|
Land #11249, Add .SLK command execution for MSFT Excel
|
2019-02-11 10:40:02 -08:00 |
Tim W
|
3c5cf0441c
|
Land #11152, add macOS adobe flash player type confusion RCE
|
2019-02-09 02:57:19 -08:00 |
|
Wei Chen
|
f3952e4eca
|
Land #11219, New PCOM client module
|
2019-02-08 17:28:08 -08:00 |
|
Wei Chen
|
d2d9d06d1e
|
Land #11239, Add check for writable and nosuid WritableDir
|
2019-02-08 17:16:28 -08:00 |
|
Wei Chen
|
ed4acd6b31
|
Land #11279, improve imap_open exploit to be more robust
|
2019-02-08 16:30:14 -08:00 |
|
Wei Chen
|
78a7242cb7
|
Land #11282, Support to retrieve data from ListConfigFiles SAP webmethod
|
2019-02-08 16:03:41 -08:00 |
|
Brent Cook
|
d7085ddf67
|
Land #11345, Add Solaris pfexec Upgrade Shell module
|
2019-02-08 12:23:56 -08:00 |
|
Brendan Coles
|
f4b4e29b94
|
Land #11352, Add JVC/Siemens/Vanderbilt IP-Camera Password Disclosure module
|
2019-02-08 01:21:33 -08:00 |
|
Brent Cook
|
5c97118bd0
|
Land #10812, add 32-bit trident exploit support
|
2019-02-07 09:47:18 -06:00 |
|
William Vu
|
e895201c11
|
Land #11366, Cisco RV320/RV325 config dumper
|
2019-02-07 09:44:54 -06:00 |
|
Brent Cook
|
0dd514eb41
|
Land #11165, Fix intermittent problem with native osx stager
|
2019-02-07 09:44:53 -06:00 |
|
Brent Cook
|
62ac7c92e9
|
Land #11193, increase capacity for meterpreter 'stat' command
|
2019-02-07 09:39:38 -06:00 |
|
Wei Chen
|
8df9fc9473
|
Land #11072, Add nuuo_nvrmini_upgrade_rce
|
2019-02-06 20:32:33 -08:00 |
|
Brendan Coles
|
0858e8fe04
|
Land #11331, Add C2S DVR Management Password Disclosure module
|
2019-02-06 17:29:12 -08:00 |
Pearce Barry
|
a6a391de0a
|
Land #11349, Add Evince CBT File Command Injection module
|
2019-02-06 15:56:45 -08:00 |
|
Jacob Robles
|
8fd229f883
|
Land #11304, Add CVE-2018-1000999 to MailCleaner module
|
2019-02-05 05:22:26 -08:00 |
|
Brent Cook
|
34b307dee7
|
Land #11348, Add nil check to enum_patches
|
2019-02-04 03:27:45 -08:00 |
|
Brent Cook
|
99cc417a5c
|
Land #11347, add version check to Safari RCE exploit
|
2019-02-04 03:23:51 -08:00 |
|
bwatters
|
1b21bffb11
|
Land #11039, Add linux x64 ipv6 reverse shell
Merge branch 'land-11039' into upstream-master
|
2019-02-01 14:24:06 -08:00 |
|
William Vu
|
8a7c42e09d
|
Land #11343, Ubiquiti discovery PR fixes
|
2019-02-01 13:13:26 -08:00 |
|
bwatters
|
4b8cc4dece
|
Land #11338, Add module to discover Ubiquiti devices
Merge branch 'land-11338' into upstream-master
|
2019-02-01 09:45:38 -08:00 |
|
Wei Chen
|
1fcafb98d8
|
Land #11310, MSF API to zip instead of relying on system()
|
2019-02-01 09:34:38 -08:00 |
|
bwatters
|
6e4e89e9ff
|
Land #13366, Bump mettle 0.5.4
Merge branch 'land-11336' into upstream-master
|
2019-01-31 11:40:56 -06:00 |
Jeffrey Martin
|
649e528875
|
Land #11330, Fix HTTP/SMB mixin order to restore SSL option
|
2019-01-29 15:56:24 -08:00 |
|
Brent Cook
|
a81290a39b
|
Land #11325, bump mettle, fix MIPS targets and a few other memory issues
|
2019-01-29 17:51:45 -06:00 |
|
William Vu
|
2a823ac315
|
Land #10119, Linux post-exploitation metashell
|
2019-01-24 09:29:40 -08:00 |
Shelby Pace
|
4ff023d825
|
Land #11243, Add ASan SUID Privesc
|
2019-01-22 13:54:45 -08:00 |
|
sinn3r
|
845c8aa9b1
|
Land #11297, Fix a typo in auxiliary/dos/scada/allen_bradley_pccc
typo fixed
|
2019-01-22 09:42:42 -08:00 |
|
William Vu
|
29ba9732fa
|
Land #11287, corrected attibution for blueman
|
2019-01-22 09:16:47 -08:00 |
|
William Vu
|
a2f81988c7
|
Land #11267, RHOST fix for ms17_010_psexec
|
2019-01-17 11:26:39 -08:00 |
h00die
|
56d622e53d
|
land #11169 blueman priv esc on linux
|
2019-01-17 11:09:45 -06:00 |
|
Brent Cook
|
4533c86a4f
|
Land #11230, add JuicyPotato local privilege escalation
|
2019-01-17 08:48:45 -08:00 |
|
Wei Chen
|
9256c6f0c1
|
Land #11125, Import/generate `ysoserial` Java serialization objects
|
2019-01-17 10:46:29 -06:00 |
|
Jacob Robles
|
3109f65062
|
Land #11263, uppercase KoreLogic in JTR modules
|
2019-01-15 06:53:20 -08:00 |
|
Jacob Robles
|
1e295cfa6d
|
Land #11245, doc update for chrome_cookies
|
2019-01-15 06:06:37 -08:00 |
Green-m
|
d449761782
|
Land #11255, Assign CVE number to spark unauth rce
|
2019-01-14 19:21:41 -08:00 |
|
William Vu
|
9c5725b25c
|
Land #11234, @bcoles revisionism
|
2019-01-11 18:17:42 -08:00 |
|
Brent Cook
|
83264b8894
|
Land #11215, success
|
2019-01-10 11:00:36 -08:00 |
|
Brent Cook
|
13022ca1ad
|
Land #11217, fix syntax and logic errors in badpdf module
|
2019-01-10 10:55:38 -08:00 |
|
sinn3r
|
40c2e9ae78
|
Land #11223 - ueb priv esc suggestion
ueb priv esc suggestion.
|
2019-01-10 08:36:44 -08:00 |
|
Jacob Robles
|
7711d2a700
|
Land #11206, add coldfusion ckeditor file upload
|
2019-01-10 05:30:05 -08:00 |
|
William Vu
|
c859d4ec50
|
Land #11106, Allen-Bradley legacy protocol DoS
|
2019-01-09 10:15:42 -08:00 |
|
Jacob Robles
|
85f74e3ffc
|
Land #11148, Adding Module MailCleaner RCE
|
2019-01-08 12:14:09 -08:00 |
|
Jacob Robles
|
1792ecf380
|
Land #11052, Add gather chrome cookies post module
|
2019-01-08 05:35:09 -08:00 |
|
William Vu
|
f6856d2b1c
|
Land #10648, auth bypass for couchdb_enum
|
2019-01-07 10:55:53 -08:00 |
|
Brent Cook
|
cad4c34448
|
Land #11182, bump mettle, change debug and background options
|
2019-01-03 17:39:16 -06:00 |
|
Brendan Coles
|
290b617fa7
|
Land #11141, Ensure Byte XORi Encoder uses cacheflush()
|
2018-12-29 02:10:12 -08:00 |
|
Brendan Coles
|
8a3101f6e3
|
Land #11140, Ensure MIPS Long XOR Encoder uses cacheflush()
|
2018-12-29 02:08:33 -08:00 |
|
Shelby Pace
|
3fae01b403
|
Land #10444, add Consul rexec RCE module
|
2018-12-28 07:16:49 -08:00 |
|
Shelby Pace
|
11abb03056
|
Land #10443, add Consul service RCE module
|
2018-12-28 06:37:21 -08:00 |
|
Green-m
|
774b03ae4a
|
Land #11174, Fix platform bug when upgrade shell.
The platform on windows powershell should be 'win', rather than
'windows', this bug leads to failure when upgrade powershell session
to meterpreter.
|
2018-12-25 19:39:05 -08:00 |
|
Brent Cook
|
a9e2f1f7d2
|
Land #11137, Clean up linux/local/vmware_alsa_config exploit module
|
2018-12-21 15:53:34 -08:00 |
|
Brent Cook
|
9150d3c4b9
|
Land #11156, Add CmdStager to erlang_cookie_rce
|
2018-12-21 12:46:53 -08:00 |
|
Brent Cook
|
a5c40c1de5
|
Land #11149, fix a PTY leak in Python Meterpreter
|
2018-12-20 17:46:37 -06:00 |
|
William Vu
|
1a7c9d3a45
|
Land #11143, nc -j fix for cups_root_file_read
|
2018-12-19 20:39:32 -08:00 |
asoto-r7
|
78d6394c60
|
Land #10401, java_jmx_server scanner for Java JMX MBean servers
|
2018-12-19 11:14:22 -08:00 |
|
Wei Chen
|
e6482537a5
|
Land #11083, set user agent in Windows reverse_http(s) stagers
|
2018-12-19 09:39:54 -08:00 |
|
Jacob Robles
|
a0df69c94f
|
Land #11089, Erlang cookie rce exploit module
|
2018-12-19 06:16:51 -08:00 |
|
Brent Cook
|
a9f6c81aa8
|
Land #11135, strip comments from source code before uploading it to the target
|
2018-12-17 19:25:27 -08:00 |
|
Brent Cook
|
183ad8f842
|
Land #11138, add reverse_tcp mixin for vax payload
|
2018-12-17 19:19:22 -08:00 |
|
bwatters
|
0b5c241aff
|
Land #11101, temp fix for x64/xor stage encoder
Merge branch 'land-11101' into upstream-master
|
2018-12-17 12:17:14 -08:00 |
|
Shelby Pace
|
fd2886b499
|
Land #11112, Fix bpf_priv_esc exploit module
|
2018-12-17 08:04:33 -08:00 |
|
Wei Chen
|
76ec4781a3
|
Land #11127, Fix TARGETURI support in struts2_namespace_ognl
|
2018-12-15 07:35:20 -08:00 |
|
Wei Chen
|
07b81ebc2d
|
Land #11124, delete unused variable
|
2018-12-14 13:56:48 -08:00 |
|
Brent Cook
|
16e8ddf82d
|
Land #11119, Add WEBUI_PORT to hp_van_sdn_cmd_inject exploit
|
2018-12-13 14:19:19 -08:00 |
|
Jeffrey Martin
|
0e6ad05301
|
Land #11120, revert Bypassuac computerdefault
this reverts #10886 landed in error
|
2018-12-13 13:32:39 -08:00 |
|
Wei Chen
|
ec2b1c9995
|
Land #10944, Add macOS Safari exploit from pwn2own2018
|
2018-12-13 13:32:39 -08:00 |
|
bwatters-r7
|
bedc8f1514
|
Land #10886, Bypassuac computerdefault
Merge branch 'land-10886' into upstream-master
|
2018-12-13 11:22:38 -06:00 |
|
William Vu
|
3cb8ef82dc
|
Land #11103, CreateSession option for aux modules
|
2018-12-12 14:32:26 -08:00 |
|
Wei Chen
|
5ddd15f353
|
Land #10429, Add webdav delivery module
|
2018-12-12 11:33:45 -08:00 |
|
William Vu
|
d5309999db
|
Land #11107, double negative logic cleanup
|
2018-12-11 18:32:32 -08:00 |
|
Shelby Pace
|
b0569e7242
|
Land #10960, add wp duplicator code inject module
|
2018-12-11 10:06:00 -08:00 |
|
Jacob Robles
|
562ddb87a2
|
Land #11040, Add CyberLink LabelPrint Local BOF
|
2018-12-11 06:26:17 -08:00 |
|
William Vu
|
8f7c2eb6f6
|
Land #10318, Oracle function-based index privesc
|
2018-12-10 09:36:33 -08:00 |
|
Brent Cook
|
b45a6d7ef7
|
Land #11090, update code and style for exploit/linux/local/glibc_origin_expansion_priv_esc
|
2018-12-10 08:01:24 -08:00 |
|
William Vu
|
5b3d5b20cb
|
Land #11087, File::binread for exploit_data
|
2018-12-09 22:40:30 -08:00 |
|
Brent Cook
|
228e9ed99d
|
Land #11080, update mettle payloads
|
2018-12-08 12:11:35 -06:00 |
|
Brent Cook
|
696896510f
|
Land #11085, add lkrg_installed? checks to various modules
|
2018-12-08 12:10:18 -06:00 |
|
Brent Cook
|
50fc49ff5f
|
Land #11081, Add Msf::Post::Linux::Kernel.lkrg_installed? method
|
2018-12-08 12:10:18 -06:00 |
|
Brent Cook
|
c147c7e95c
|
Land #11079, add kernel configuration checks to local exploits
|
2018-12-08 12:10:17 -06:00 |
|
Brent Cook
|
a337e80f8e
|
Land #11066, add rpc output locking, fix logging
|
2018-12-08 12:10:17 -06:00 |
|
Brent Cook
|
d3c80e225a
|
Land #11076, Prevent storing empty config files as loot
|
2018-12-06 18:31:35 -08:00 |
|
Brent Cook
|
1e4ec29e45
|
Land #11060, Add checks to post/linux/gather/enum_protections
|
2018-12-06 18:19:49 -08:00 |
|
Brent Cook
|
2589010156
|
Land #11078, add additional CVE for exploit/linux/http/php_imap_open_rce
|
2018-12-06 18:17:40 -08:00 |