f355a3ce2e
Land #10792 , Add support for ms17_010_eternalblue ProcessName option
...
Merge branch 'land-10792' into upstream-master
2018-11-05 12:21:11 -08:00
69e72e6a1f
Land #10847 - Add blueimp's jQuery (Arbitrary) File Upload
...
CVE-2018-9206
2018-11-05 09:39:35 -08:00
c2405c2750
Land #10888 , Fix Net::SSH::CommandStream session open failure
2018-11-05 09:16:54 -08:00
f29dc68353
Land #10919 , Add doc for ftp capture module.
...
And add a custom option banner for it.
2018-11-04 22:20:29 -08:00
fc46f671d8
Landing #10910 , update writable? method in modules.
2018-11-04 19:20:51 -08:00
1c8a355f84
Land #10834 , For real this time
...
Merge branch 'land-10834' into upstream-master
2018-11-02 12:37:13 -07:00
3ca98b0fe0
Land #10834 , messagebox payload for x64
...
Merge branch 'land-10834' into upstream-master
2018-11-02 12:19:55 -07:00
9b495913dc
Land #10873 , Add notes to exploit modules
2018-11-02 12:13:37 -07:00
ea1c4596d9
Land #10901 , Add modules for iOS images and texts
2018-11-02 11:49:40 -07:00
549c835af5
Land #10836 , Add Morris worm sendmail debug mode exploit
2018-11-02 09:22:22 -07:00
1ae0455b2e
Land #10700 , Add Morris worm fingerd exploit and VAX reverse shell
2018-11-02 09:22:21 -07:00
008c73ee29
Land #10858 , bypassuac_eventvwr optimizations - reduce created processes and artifacts
...
Merge branch 'land-10858' into upstream-master
2018-10-31 14:47:00 -07:00
5463191e51
Land #10553 , add x86/xor_dynamic and x64/xor_dynamic encoders
...
Merge branch 'land-10553' into upstream-master
2018-10-30 07:59:08 -07:00
d6c4f5e08e
Land #10853 , Add universal targeting to Mercury/32 IMAP LOGIN exploit
2018-10-29 07:59:52 -07:00
67572e2c37
Merge pull request #10870 from jmartin-r7/backport_cache_updates
...
Backport cache updates
2018-10-25 17:57:09 -05:00
4a9f6f5d06
Land #10561 , Add Windows local privilege escalation - CVE-2018-0824
...
Merge branch 'land-10561' into upstream-master
2018-10-25 12:33:06 -07:00
609e706e63
Land #10866 , libssh_auth_bypass check updates
2018-10-25 12:33:06 -07:00
a43edc4fbf
Land #10864 , Add Cisco WebEx RCE Modules
2018-10-25 12:33:06 -07:00
e423d5c358
Land #10707 , module traits to augment module rank
2018-10-24 17:18:09 -05:00
f0096227e7
Land #10505 , post-auth and default creds info
2018-10-24 17:09:28 -05:00
faf1a44cc4
Land #10848 , improve play_youtube post module
2018-10-23 14:48:44 -07:00
a7f9d4f23a
Land #10856 , add SSL support to php meterpreter
2018-10-23 16:45:54 -05:00
2c347d51b1
Land #10855 , Enable non-session command output for SSH modules
2018-10-23 16:44:03 -05:00
e6b2ddbc02
Land #10845 , glassfish_traversal typo fix
2018-10-22 14:19:45 -07:00
5f25c977ec
Land #10837 , QNX qconn module rename (redux)
2018-10-22 14:19:45 -07:00
43b0e56b09
Land #10817 , QNX qconn module rename
2018-10-22 14:19:44 -07:00
833807973c
Land #10835 , libssh fingerprint improvements
2018-10-19 19:13:36 -07:00
2b997432f2
Land #10819 , os_name population for ssh_login*
2018-10-19 13:55:10 -07:00
a0af98b4e2
Land #10832 , TARGETURI for tomcat_utf8_traversal
2018-10-19 13:49:08 -07:00
f88790c2c0
Land #10820 , Add libssh authentication bypass scanner/"exploit"
2018-10-19 12:03:28 -07:00
3cbc33204c
Land #10664 , add Windows SetImeInfoEx Win32k NULL Pointer Dereference
2018-10-18 21:02:13 -07:00
7d04ebcf5f
Land #9642 , support version 5 for GetGo Download Manager bof exploit
2018-10-15 13:49:36 -07:00
fcc59c3600
Land #10668 rsh stack clash solaris priv esc
2018-10-14 07:36:58 -07:00
34a1c48d7c
Land #10671 , struts2_namespace_ognl updates
...
There are still some outstanding concerns, but I want to unblock this.
2018-10-12 09:16:44 -07:00
ccde27756e
Land #10789 , typo fix
2018-10-10 15:20:13 -07:00
2f202583be
Land #10335 , Add vlc_mkv exploit module
2018-10-10 11:49:11 -07:00
424fa77c17
Land #10783 , Make WritableDir an advanced option
2018-10-10 07:54:02 -07:00
b13bc4b460
Land #10554 , Rescue REX runtime errors in x86 encoders
2018-10-09 21:38:32 -07:00
064683495e
Land #10776 , Fix references in #10672
2018-10-08 14:11:52 -07:00
ff95dbb806
Land #10775 , ZDI reference for delta_ia_commgr_bof
2018-10-08 12:08:15 -07:00
ec5530ece1
Land #10672 , Add COMMGR Buffer Overflow module
2018-10-08 08:07:41 -07:00
2c34813e6b
Land #9745 , Update QNX iwatchd to use newer APIs
2018-10-06 02:09:05 -07:00
2be1b87d0d
Land #9745 , Add ifwatchd QNX privilege escalation exploit module
2018-10-06 02:06:28 -07:00
1ff5d8f6bd
Land #10616 , update Unitrends UEB module to support vulnerabilities in version 10
2018-10-05 14:23:01 -07:00
5f43c7f3e9
Land #10745 , Update lastore_daemon_dbus_priv_esc tested versions
2018-10-05 08:37:12 -07:00
12cb3b4d3e
Land #10750 , formatting and AKA reference fixes
2018-10-05 01:34:14 -07:00
d325b8eb2f
Land #10749 , Ruby shovel operator fix for Beetel
2018-10-05 00:23:36 -07:00
0f4ef19555
Land #10418 , Add DCOM/RPC NTLM Reflection (MS16-075) Via Reflective DLL
...
Merge branch 'land-10418' into upstream-master
2018-10-04 14:57:20 -07:00
9762f921b8
Land #10738 , Add Zahir Enterprise 6 build 10b BOF
2018-10-04 09:03:40 -07:00
097a00bcab
Land #10712 , Make exploit/linux/http/axis_srv_parhand_rce more stable
2018-10-04 08:12:20 -07:00
ff06f81f89
Land #10704 , Navigate CMS Unauthenticated RCE
2018-10-04 04:48:35 -07:00
7142c29de1
Land #10686 , ARGS, TIMEOUT, and output to upload_exec module
...
Merge remote-tracking branch 'upstream/pr/10686' into upstream-master
2018-10-04 02:31:30 -07:00
874ed3ca72
Land #10733 , Fix typo in module documentation
2018-10-02 11:46:31 -07:00
0049efc603
Land #10725 , move post/android/gather/subinfo
2018-10-02 11:46:31 -07:00
3ad5bd429a
Land #10732 , add api key for android wlan_geolocate
2018-10-02 11:46:30 -07:00
d340eeecf9
Land #10427 , add OSX VNC password gather module
2018-10-02 11:46:30 -07:00
b42af6cd96
Land #10728 , metadata updates for @rastating
2018-10-02 11:46:30 -07:00
92cd40c8db
Land #10594 , Fix hashdump and user enumeration on new macOS versions
2018-09-24 20:20:38 -07:00
d904fcb866
Land #10695 , Add docs for Apple iOS WebKit DoS
2018-09-24 10:48:42 -07:00
c3f335ebb7
Land #10663 extremeparr solaris LPE
2018-09-24 10:48:42 -07:00
62dacb3d1e
Land #10534 , Add FrontPage Credential Dump Module
...
This module downloads and parses the '_vti_pvt/service.pwd',
'_vti_pvt/administrators.pwd', and '_vti_pvt/authors.pwd' files
used by FrontPage to find credentials.
2018-09-24 10:48:42 -07:00
2b194e2b47
Land #10643 , CVE-2018-8440 ALPC Scheduler
...
Merge branch 'land-10643' into upstream-master
2018-09-24 10:48:41 -07:00
6c2d09d4e4
Land #10683 , to_s fixes for Heartbleed
2018-09-24 10:48:41 -07:00
53c1adcb41
Land #10628 , Add Solaris srsexec Arbitrary File Reader module
2018-09-24 10:48:41 -07:00
7ef006fcf9
Land #10680 , LEAK_COUNT option for Heartbleed
2018-09-24 10:48:40 -07:00
858b67f943
Land #10681 , payload cached sizes fix
2018-09-24 10:48:40 -07:00
058eabbd24
Land #10625 , repeat command to repeat commands
2018-09-20 13:27:24 -07:00
d16189a295
Land #10677 , Pimcore and Dolibarr module renames
2018-09-19 20:20:37 -07:00
785cf9e5aa
Land #10670 , Pimcore SQLi module
2018-09-19 18:52:40 -07:00
4ca0566e10
Land #10673 , dolibarr_list_creds{,_sqli} rename
2018-09-19 16:57:51 -07:00
65a19a92eb
Land #10652 , iOS Safari blur denial of service
2018-09-19 13:16:04 -07:00
a2213a3c1c
Land #10627 , Add SMB2 support to smb_enumshares
2018-09-17 20:36:27 -07:00
1ee8734717
Land #10570 , AKA Metadata Refactor
2018-09-17 20:31:07 -07:00
fd59cbb61f
Land #10620 Solaris 10 LPE for libnspr
2018-09-17 15:12:51 -07:00
2ee6a49a27
Land #10649 , https://seclists.org references
2018-09-17 15:09:39 -07:00
fa81a0802a
Land #10560 , ms17_010_eternalblue: use SMBDomain value when provided
...
instead of ignoring it
Merge branch 'land-10560' into upstream-master
2018-09-13 08:11:09 -07:00
eceb7d1702
Land #10589 , multidrop support for word xml docs
2018-09-12 09:03:42 -07:00
bd8dea2c21
Land #9897 , Fix #8404 ListenerComm Support For Exploit::Remote::TcpServer
2018-09-10 14:27:34 -07:00
42784dceb1
Land #10593 , Refactor SSH mixins and update modules
2018-09-10 13:43:30 -07:00
29b16e1ee7
Land #10611 , mRemote creds gather module fixes
...
Also update #10612 to align with these changes.
2018-09-10 13:27:13 -07:00
67e1742bd0
Land #10612 , store_loot text/xml ctype fixes
2018-09-10 13:09:13 -07:00
5861087061
Land #10598 , Store Credentials Found with PhpMyAdmin Password Extractor
2018-09-10 09:51:51 -07:00
3e801c22fb
Land #10546 , Add Apache Struts exploit: CVE-2018-11776
2018-09-07 12:56:02 -07:00
cc7f500b83
Land #10604 , CVE for ghostscript_failed_restore
2018-09-07 12:36:01 -07:00
1c05bb6ef3
Land #10584 , fix session upgrade HANDLE_TIMEOUT and upgrading osx shells
2018-09-06 03:54:18 -07:00
e9a94595c2
Land #10592 , support ERB for foxit_reader_uaf.rb
2018-09-05 19:50:30 -07:00
eb39f6da51
Land #10564 , Add Ghostscript exploit from taviso
2018-09-05 19:09:11 -07:00
d1d308e542
Land #10565 , Add Dolibarr ERP/CRM Auxiliary Module
2018-08-31 11:49:23 -07:00
4360b9e82e
Land #10566 , struts2_rest_xstream normalize_uri
2018-08-30 14:00:53 -07:00
2ecff39be4
Land #10484 , Add PhpMyAdmin password extractor
2018-08-30 10:18:38 -07:00
bc87643ea3
Land #10482 , Add Network Manager VPNC Privesc
2018-08-30 08:49:38 -07:00
d7728afe42
Land #10540 , weblogic_deserialize, add check method and linux target
2018-08-30 04:13:58 -07:00
7a99fc7066
Land #10545 , foxit fix generated strings, update doc
2018-08-30 03:58:19 -07:00
2269f7eb43
Land #10594 , Remove trailing space from CVE number
2018-08-29 14:39:19 -05:00
ec9cedf4fc
Land #10536 , https:// reference check for msftidy
2018-08-29 09:18:46 -07:00
08e069bbe1
Land #10542 , CVE ref for office_ms17_11882 exploit
2018-08-28 22:44:41 -07:00
add03ca7f8
Land #10543 , struts2_rest_xstream targeting fixes
2018-08-28 16:55:02 -07:00
11ae0d2a78
Land #10541 , Correct claymore_dos.py's CVE ref
2018-08-28 16:55:01 -07:00
631e8bf110
Land #8983 , Add peinjector post module
...
Merge branch 'land-8983' into upstream-master
2018-08-28 16:55:01 -07:00
98ee549705
Land #10538 , PSH target for struts2_rest_xstream
2018-08-28 16:55:01 -07:00
6f42bcafcf
Land #10531 , fix NOP generator for sparc
2018-08-27 09:41:14 -07:00
f22e6ec2bf
Land #10527 , Fix msftdiy EDB link check, enable HTTPS
2018-08-27 08:53:05 -07:00
376a343472
Land #10487 , add php5 session file target
2018-08-27 08:49:42 -07:00
0294d7eed1
Land #10516 , Add brace expansion encoder and update ${IFS} encoder
2018-08-27 08:49:42 -07:00
cca98bce25
Land #8914 , refactor auxiliary/admin/http credential storage
2018-08-24 11:20:26 -07:00
3c0f3f68f2
Land #10523 , Update Foxit Reader PoC Link
2018-08-24 09:38:06 -07:00
415379e7ee
Land #9364 , HP PJL/SNMP CVE-2017-2741 exploit
...
Finally!
2018-08-23 20:50:23 -07:00
7b7c5a73c4
Land #10504 , add Foxit Reader UAF Module and Docs
2018-08-23 16:57:43 -07:00
91bab0d842
Land #10510 , full disclosure for CVE-2018-15473
2018-08-22 12:52:48 -07:00
0739892cc8
Land #10498 , module doc for ssh_enumusers
2018-08-21 09:05:07 -07:00
8c29a3b5da
Land #10471 , Import target DefaultOptions into the datastore
2018-08-21 09:05:06 -07:00
5970f4882d
Land #10479 , Add CVE-2018-15473 to ssh_enumusers
2018-08-21 09:05:06 -07:00
dd32b8bd76
Land #10491 , fix error generating PPC NOPS
2018-08-21 09:05:06 -07:00
f295b22290
Land #10313 , add linux autostart persistence module
2018-08-20 03:19:57 -07:00
e5ef254155
Land #10320 , add module for persistence in /etc/rc.local
2018-08-19 00:33:19 -07:00
e1097f7e38
Land #10120 , npm "marked" ReDoS module
2018-08-16 13:43:26 -07:00
bf7c530f7e
Land #10456 , known_hosts fix for SSH modules
2018-08-16 13:43:26 -07:00
7cfe93133b
Land #10394 , Cleanup aws_ec2_instance_metadata
2018-08-15 12:52:58 -07:00
9617c79f44
Land #10420 , cgit < 1.2.1 Directory Traversal
2018-08-13 14:28:21 -07:00
1a86d57bce
Land #10404 , Add Path Traversal Oracle GlassFish
2018-08-13 09:18:05 -07:00
8b75c7d9ab
Land #10436 , Add WebLogic exploit (CVE-2018-2628)
2018-08-09 12:54:19 -07:00
b42cf88276
Land #10386 , Add IEC104 client module
2018-08-04 05:44:48 -07:00
714fdb12fd
Land #10417 , Update check method of Hadoop exploit
2018-08-04 05:30:08 -07:00
3fd0119d27
Land #9692 , Add DoS module for Siemens Siprotec 4
2018-08-04 05:23:03 -07:00
9ac0d0cf6e
Land #10358 , Add Dicoogle PACS Directory Traversal scanner module
2018-08-03 22:30:03 -07:00
937174d321
Land #10412 , Add Cisco directory traversal auxiliary module
2018-08-02 14:47:24 -07:00
65fcdcfd2f
Land #9884 , add linux ufo priv esc module
2018-08-02 02:56:27 -07:00
43f1f8eeb2
Land #10405 , Cleanup dropped files for CMSMS
2018-08-01 12:46:44 -07:00
f49f37f76d
Land #10406 , Fix notes service, port, protocol
2018-08-01 12:42:35 -07:00
133291e85b
Land #10409 , Add Meterpreter target for axis_srv_parhand_rce
2018-08-01 10:49:29 -07:00
0bad10de4e
Land #10403 , joomla_pages fixes
2018-07-31 09:03:18 -07:00
580f4cf509
Land #10255 , Adding Micro Focus Secure Messaging Gateway RCE
2018-07-30 19:08:43 -07:00
0bc84bb6c6
Land #10305 , SonicWall XML-RPC RCE
2018-07-30 12:15:59 -07:00
2cb4b97164
Land #10384 , upload_exec fixes
2018-07-30 11:57:09 -07:00
e6d9f39204
Land #10398 , unused option cleanup in enum_juniper
2018-07-30 11:55:22 -07:00
4b59552f8a
Land #10397 , Added line in psexec_psh to support SMB2
2018-07-30 11:09:36 -07:00
7e180a390c
Land #10060 , vTiger CRM v6.3.0 Upload RCE
2018-07-30 10:34:17 -07:00
ea2a9081a6
Land #10247 , add WordPress Arbitrary File Deletion
2018-07-30 07:09:04 -07:00
b42545a153
Land #10387 , Update mov_ss and add mov_ss_dll
2018-07-27 12:55:43 -07:00
3a67d89711
Land #10383 , Add WP Responsive Thumbnail Slider Plugin Exploit Module
2018-07-26 21:56:35 -07:00
e74ef65aa5
Land #9964 , android post module to extract subscriber info
2018-07-26 15:00:23 -07:00
4ec22c0ceb
Land #10376 , Handle connection errors and fail_with in check
2018-07-26 09:28:58 -07:00
5171e7edd2
Land #10319 , enable VHOST for ms15_034_http_sys_memory_dump
2018-07-25 16:53:51 -07:00
8e5639a081
Land #10374 , Net::SSH::CommandStream fixes
2018-07-25 16:23:47 -07:00
10ffd286d9
Land #10375 , smb_login defaults that suck less
2018-07-25 13:33:47 -07:00
3f53efe785
Land #10375 , DETECT_ANY_AUTH should be false
2018-07-25 13:33:47 -07:00
5fce9d8222
Land #10300 , Add root exploit for Axis network cameras
2018-07-25 12:47:50 -07:00
428623f890
Land #10370 , minor CouchDB fix
2018-07-24 23:13:33 -07:00
68272c410e
Land #10357 , CouchDB improvements and docs
2018-07-24 22:59:52 -07:00
3fbd4f8f2f
Land #10368 , PhpMyAdmin Login Scanner Module
2018-07-24 21:27:32 -07:00
e9b04b9750
Land #10362 , Fix reporting in backup_file, add more docs
2018-07-23 16:27:45 -07:00
6a5a19faca
Land #10364 , Handle nil for shell_reverse_tcp_ipv6
...
This makes things like `msfvenom --list-options` or `info` when options
are not set work.
2018-07-23 12:14:48 -07:00
28bb518dbd
Land #10349 , deconflict the method names in mix-ins
2018-07-23 11:40:49 -07:00
e075836ad5
Land #10346 , update check method and doc for CMS Made Simple
2018-07-20 15:49:07 -07:00
fdc24fe453
Land #10327 , Add CMS Made Simple Upload/Rename Authenticated RCE
2018-07-19 10:20:10 -07:00
64201ad782
Land #10282 , Add support for running external modules outside of msfconsole
2018-07-18 15:40:21 -07:00
6919d1a981
Land #10328 , Log errors in Python ETERNALBLUE
2018-07-18 12:53:38 -07:00
691d8f2c41
Land #9753 , Linux BPF sign extension local privesc
2018-07-18 11:05:32 -07:00
ba3fa4bf91
Land #10317 , nil fix for enum_dns
2018-07-17 11:04:55 -07:00
4c87d38a60
Land #10273 , [clean up] iis_webdav_scstoragepathfromurl
2018-07-17 07:36:22 -07:00
88518ec4ae
Land #10064 , Claymore Dual Miner API RCE
2018-07-16 16:04:38 -07:00
d138ddba8d
Land #10295 , Add QNAP Q'Center change_passwd Command Execution exploit
2018-07-14 08:20:32 -07:00
36f776d4a6
Land #10293 , fixup php/base64 and add docs for cmd/unix/reverse_bash
2018-07-13 15:17:52 -07:00
06e8cc49f5
Land #10297 , Add priv escalation mod for CVE-2018-8897
2018-07-13 08:57:19 -07:00
942befab73
Land #10302 , module doc fixes
2018-07-12 21:53:05 -07:00
f6a7f19e2b
Land #10027 , Hadoop unauthed command execution
2018-07-12 20:00:57 -07:00
dbd03f9914
Land #10278 , gitlist_arg_injection fixes
2018-07-12 17:05:33 -07:00
465dceb182
Land #10299 , Add 88 CVEs to various auxiliary and exploit modules
2018-07-12 16:28:05 -07:00
9db75849a9
Land #10298 , bug fix for #10219
2018-07-12 15:51:22 -07:00
4f67361b46
Land #10238 , Add ManageEngine Exchange Reporter Plus RCE exploit
2018-07-12 09:37:50 -07:00
f18fd4aca1
Land #9780 , CouchDB auth bypass and RCE
2018-07-12 11:24:05 -05:00
81ef17aa62
Land #10286 , Docker server version scanner
2018-07-12 11:24:04 -05:00
8586e6fc8f
Land #10260 , Add phpMyAdmin v4.8.1/4.8.0 LFI RCE
2018-07-12 11:24:03 -05:00
d11eaf3d74
Land #10280 , Use default CheckCode in ETERNALBLUE
2018-07-12 11:24:03 -05:00
45f354e55d
Land #10231 , Monstra Fileupload Exec
2018-07-12 11:24:02 -05:00
3a92908e9b
Land #10108 , add IBM QRadar SIEM exploit
2018-07-12 11:24:02 -05:00
d480ee8e20
Land #10275 , Update missing CVE references for exploit modules
2018-07-12 11:24:01 -05:00
4284ffe8a4
Land #10276 , Update missing CVE references for auxiliary modules
2018-07-12 11:23:09 -05:00
9dc3e35f23
Land #10107 , Add the scanner/smb/impacket/secretsdump module
2018-07-06 13:02:46 -07:00
a4f0dc5ea2
Land #10133 , Add HID discoveryd RCE exploit
2018-07-06 12:35:38 -07:00
e915bb0f66
Land #10262 , Add GitList argument injection exploit module
2018-07-06 12:30:10 -07:00
5d95172a81
Land #10171 , Implement desktop shell and screensaver post modules
2018-07-05 15:36:46 -07:00
fbd68df409
Land #10263 , fix double-nested array
2018-07-05 15:22:50 -07:00
b5981caa0b
Land #10219 , Add HP VAN SDN Controller exploit
2018-07-05 12:23:50 -07:00
7f3dfccbfe
Land #10242 , avoid using SMBv2 on Windows XP Native Upload targets
2018-07-02 15:37:11 -07:00
144923db3a
Land #10237 , Add Boxoft WAV to MP3 Converter exploit module
2018-07-02 12:03:05 -07:00
d4054c24bd
Land #9896 , Java JMX Package Name Randomization
...
Land #9896
2018-07-02 11:43:42 -07:00
709630e35c
Land #10185 , add SMBv1/2 support in psexec
2018-06-29 15:51:50 -07:00
fa95c0c2a1
Land #9958 , Nagios xi 2 electric
2018-06-29 10:18:13 -07:00
9bed9f0797
Land #10213 , Add FTPShell client 6.70 Stack Buffer Overflow exploit
2018-06-29 07:39:54 -07:00
fd7ea515aa
Land #10218 , MS17-010 Windows Embedded Standard 7
2018-06-28 14:14:42 -07:00
d310659a77
Land #10216 , add linux mic capture support for mettle
2018-06-28 10:58:50 -05:00
33a909939d
Land #10215 , add support for payload estimation for IPv6-specific modules
2018-06-27 14:49:00 -07:00
13f981f03f
Land #9998 , customizable golden ticket duration
2018-06-27 13:53:30 -07:00
165fb9dc79
Land #10109 , Teradata login scanner and SQL runner
2018-06-27 13:39:02 -07:00
d4dfb98fb9
Land #10207 , msftidy fixes
2018-06-26 12:40:50 -07:00
f14597bcb2
Land #10199 , Kace Systems Management Command Injection
2018-06-26 10:11:07 -07:00
0a9dca2b5a
Land 10200, Add SickRage Password Leak Auxiliary Module
2018-06-25 15:27:22 -07:00
679378d025
Land #10156 , WebKit, as used in WebKitGTK+ Crash - CVE-2018-11646
2018-06-21 14:33:05 -07:00
cddb0f2b4d
Land #10195 , ms17_010_eternalblue_win8 bug fixes
2018-06-21 13:38:14 -07:00
5fb3ffed55
Land #10189 , ETERNALBLUE updates
2018-06-20 21:55:20 -07:00
0bcbcab3d8
Land #10184 , Add sleepya's ETERNALBLUE exploit for Win8+
2018-06-19 15:44:55 -07:00
17c0bc1fa7
Land #10183 , Add auxiliary mod to exploit httpdasm dir traversal vuln
2018-06-19 12:58:49 -07:00
95cb9f3654
Land #9825 , Add 'phpMyAdmin Authenticated Remote Code Execution'
2018-06-18 06:55:53 -07:00
ce48ff4382
Land #10165 , Fix missing RequestError in a few post modules
2018-06-15 13:40:51 -07:00
95ee536705
Land #10172 , Rm duplicate word in agitum_outpost_acs description
2018-06-15 13:15:37 -07:00
94abd923f3
Land #10021 , post/multi/recon/sudo_commands module
2018-06-14 14:35:32 -07:00
fff6d2ebb7
Lad #10017 , D-Link DSL-2750B Unauthenticated OS Command Injection
...
Merge branch 'land-10017' into upstream-master
2018-06-14 15:09:38 -05:00
e78715b073
Land #10167 , Add Linux x86 IPv6 reverse shell
2018-06-13 13:35:24 -07:00
8d86ff0065
Land #10138 , Update psnuffle RHOSTS and style
2018-06-13 12:47:32 -07:00
7e2c1fae2c
Land #10148 , Add New Module - Badpdf
...
Merge branch 'land-10148' into upstream-master
2018-06-12 15:21:25 -07:00
0a19221af2
Land #10101 , Add glibc 'realpath()' Privilege Escalation exploit
2018-06-12 14:43:57 -07:00
7f372d178d
Land #10059 , CVE-2018-1111 exploit
2018-06-12 13:04:36 -07:00
08a6fd3b3b
Land #10066 , implement AudioOutput api from channel
2018-06-11 14:41:44 -05:00
60a9e08cdc
Land #10157 , Add IconFile path to .URL files generated with MultiDrop
2018-06-10 20:07:24 -07:00
e6a9421e35
Land #10118 , cleanup OSX local exploit modules
2018-06-08 00:00:50 -07:00
aa5c114364
Land #10067 , Added `auxiliary/fileformat/odt_badodt`
2018-06-06 09:29:34 -07:00
f6e0f5bd81
Land #10115 , Added module `auxiliary/fileformat/multidrop`
2018-06-05 14:32:25 -07:00
1df5b7655f
Land #10106 , Add the scanner/smb/impacket/wmiexec module
2018-06-05 06:39:34 -07:00
5f469efacf
Land #10092 , Cleanup linux/local/recvmmsg_priv_esc
2018-06-04 15:37:57 -07:00
31ce48502c
Land #9528 , WebKit apple safari trident exploit (CVE-2016-4657)
2018-06-04 15:37:57 -07:00
650c5c7a93
Land #10121 , finish deprecating modules
2018-06-04 15:37:56 -07:00
2a9399251c
Land #10102 , SOCKS5 updates for BIND, parsing specs, refactoring
2018-06-01 07:03:23 -07:00
d2523e03df
Land #9976 , Store non-nil linux enum_network loot
2018-06-01 07:03:22 -07:00
e7ab118aaf
Land #9777 , Slui File Handler Hijack LPE
2018-06-01 07:03:22 -07:00
122af6b143
Land #10083 , Add Msf::Post::OSX::Priv mixin
2018-06-01 07:03:22 -07:00
c8ff6cb5a4
Land #9701 , Flexense HTTP Server DoS exploit
2018-06-01 07:03:22 -07:00
caa8b673ed
Land #9990 , add SOCKS5 proxy support
2018-05-25 15:56:23 -07:00
0dc0d3c0ba
fix incorrect disclosure date
2018-05-25 03:06:42 -05:00
d78f2e7bbd
Land #10087 , remove unused option from applocker bypass
2018-05-23 13:38:39 -07:00
196b302897
Land #10084 , Mark all versions of telpho10 as vulnerable
2018-05-23 13:38:39 -07:00
e6a7ec3276
Land #10070 , Fix cleanup in exploits/osx/local/rootpipe_entitlements
2018-05-23 13:38:39 -07:00
8243207223
Land #10048 , Make shell and meterpreter sessions consistent with cmd_exec
2018-05-23 13:38:38 -07:00
984384b59d
Land #10044 , Fix is_system? in Msf::Post::Windows::Priv for non-English
...
Merge branch 'land-10044' into upstream-master
2018-05-21 15:22:52 -07:00
016ee4d460
Land #9987 , AF_PACKET chocobo_root exploit
2018-05-21 15:22:51 -07:00
81368bef7a
Land #9966 , Add Reliable Datagram Sockets (RDS) Privilege Escalation exploit
...
Merge branch 'land-9966' into upstream-master
2018-05-21 17:01:36 -05:00
7b3169ad0a
Land #9999 , Optionally test empty group in cisco_ssl_vpn
2018-05-21 17:01:35 -05:00
9b152cec72
Land #10009 , Add initial check support to external modules
2018-05-21 17:01:35 -05:00
a51c1209ab
Land #9956 , add module to extract wireless credentials on Android
2018-05-17 08:16:35 -07:00
597a64b61b
Land #10047 , remove invalid timeout argument on cmd_exec
2018-05-17 08:16:35 -07:00
bacab0507b
Land #9947 , AF_PACKET packet_set_ring exploit
2018-05-17 08:16:34 -07:00
6e71f5c5fd
Land #9816 , Add the scanner/smb/impacket/dcomexec module
2018-05-17 08:16:34 -07:00
9a273a2663
Land #9975 , local_exploit_suggester fixes
2018-05-17 08:16:33 -07:00
012de0f6b1
Land #10038 , struts_code_exec_parameters EXE fix
2018-05-17 08:16:33 -07:00
cbac801b88
Land #8727 , CVE-2017-9791 exploit
2018-05-17 08:16:33 -07:00
bbb5ff8ad4
Land #7815 , CVE-2016-9299 exploit
2018-05-17 08:16:33 -07:00
f9d27aaa30
Land #10036 , reverse_bash_telnet_ssl fixes
2018-05-17 08:16:32 -07:00
06711c6da9
Land #10035 , awk payload improvements
2018-05-17 08:16:32 -07:00
2f50df7fe7
Land #10031 , zsh payload improvements
2018-05-17 08:16:32 -07:00
14ff692d12
Land #10030 , reverse_ksh payload
2018-05-17 08:16:32 -07:00
bwatters-r7
Wei Chen
Brent Cook
Green-m
Jacob Robles
Brendan Coles
William Vu
h00die
Jeffrey Martin
Shelby Pace
Tim W
Adam Cammack
asoto-r7
Erin Bleiweiss
Chris Higgins