Stephen Haywood
95f9b778bd
Use standard status messages instead of verbose.
2016-10-03 11:01:51 -04:00
Stephen Haywood
d088005d95
TABLE_NAME option not needed.
2016-10-03 10:58:13 -04:00
Stephen Haywood
5f12c8e026
Incorrect warning message
...
The filename is not always test so the warning message and the note in the description are incorrect.
2016-10-03 10:57:25 -04:00
Stephen Haywood
25996a16bb
Fixed file read block.
2016-10-03 10:47:03 -04:00
Stephen Haywood
708eb0eb4f
Fixed syntax error.
2016-10-03 10:17:29 -04:00
Stephen Haywood
fac03570d1
Use File.open block.
2016-10-03 10:09:45 -04:00
Stephen Haywood
bc57537205
Add warning statement.
2016-10-03 10:07:40 -04:00
Stephen Haywood
a627c3cd5e
Removed unnecessary return statements.
2016-10-03 10:02:26 -04:00
Stephen Haywood
6fa8f40b31
Use unless instead of if (not ...)
2016-10-03 10:00:56 -04:00
Interference Security
3e01dbfded
Fixed Space-Tab mixed indent warning
2016-10-01 15:13:26 +05:30
Interference Security
4227cb76a8
Fixed stack trace bug & verified logic
...
- Fixed stack trace bug when value of "packet" is nill.
- Verified logic of Oracle TNS Listener poisoning which requires an ACCEPT response to be marked as vulnerable.
2016-10-01 15:01:02 +05:30
Stephen Haywood
63c0b6f569
Login failure message.
2016-09-30 17:09:41 -04:00
David Maloney
3f9540d906
fix trailing whitespace
...
this commit got dropped during landing
2016-09-30 14:30:31 -05:00
David Maloney
72bd75e681
Land #7253 , x64 xor encoder fix
...
Land fullmetalcache's fix for the x64 xor encoder
2016-09-30 14:28:10 -05:00
Stephen Haywood
7996c4b048
Warning about leaving files on disk.
2016-09-30 14:53:15 -04:00
Stephen Haywood
3e4a23cdf6
Removed unnecessary require statement.
2016-09-30 14:51:43 -04:00
Jon Hart
b3c6ec09a0
Show status when gathering, which can take a bit
2016-09-30 06:42:22 -07:00
Jon Hart
abed3bf6c2
Rename
2016-09-30 06:35:26 -07:00
Jon Hart
9ee6e1931a
target_uri simplification, cleanup
2016-09-30 06:24:50 -07:00
Jon Hart
60cfe6216a
mstfidy
2016-09-29 22:00:35 -07:00
Jon Hart
558adb5e1e
Uncork module and address style issues
2016-09-29 21:59:19 -07:00
Jon Hart
b2e06bed66
Initial commit of post module to gather AWS EC2 instance metadata
2016-09-29 21:52:22 -07:00
nixawk
ac76c3591a
reference urls
2016-09-29 22:43:00 -05:00
nixawk
5929d72266
CVE-2016-6415 - cisco_ike_benigncertain.rb
2016-09-29 22:25:57 -05:00
Brent Cook
fabb296b15
update cache and add payload test
2016-09-29 21:19:55 -05:00
Brent Cook
301e38b08f
use correct base class for modules
2016-09-29 17:21:59 -05:00
RageLtMan
a7470991d9
Bring Python reverse_tcp_ssl payload upstream
...
Adds TLS/SSL transport encryption for reverse tcp payloads in
python
2016-09-29 17:21:59 -05:00
h00die
3b548dc3cd
update email and paths
2016-09-28 18:37:48 -04:00
jvoisin
2272e15ca2
Remove some anti-patterns, in the same spirit than #7372
2016-09-29 00:15:01 +02:00
William Vu
988471b860
Land #7372 , useless use of cat fix
...
Obligatory: modules/exploits/linux/local/kloxo_lxsuexec.rb.
2016-09-28 16:37:11 -05:00
William Vu
3033c16da6
Add missing rank
2016-09-28 16:37:04 -05:00
jvoisin
b46073b34a
Replace `cat` with Ruby's `read_file`
...
Thanks to wvu-r7 for the comment
2016-09-28 23:22:19 +02:00
Jeffrey Martin
1689f10890
Land #7292 , add android stageless meterpreter_reverse_tcp
2016-09-28 16:05:22 -05:00
William Vu
45ee59581b
Fix inverted logic in Docker exploit
...
Positive condition should be tested first, imo. Confusing otherwise. My
bad, though.
Credit to @fslavin-r7.
2016-09-28 15:36:09 -05:00
William Vu
ab94bb9cdd
Land #7365 , nonce fix for Ninja Forms exploit
2016-09-28 13:57:08 -05:00
averagesecurityguy
f7e588cdeb
Initial commit of module.
2016-09-28 14:55:32 -04:00
Julien (jvoisin) Voisin
dbb2abeda1
Remove the `cat $FILE | grep $PATTERN` anti-pattern
...
The `kloxo_lxsuexec.rb` and `netfilter_pvi_esc.rb` exploits
were using the infamous `cat+grep` anti-pattern, this commit
replaces it with `cat` and Ruby's `.include?` method.
2016-09-28 13:41:25 +02:00
Tim
b4a1adaf0f
refactor into android.rb
2016-09-28 18:23:34 +08:00
Tim
dc43f59dcf
dalvik -> android
2016-09-28 14:50:52 +08:00
h00die
35a2b3e59d
working panda
2016-09-27 20:15:17 -04:00
wchen-r7
f838c9990f
Fix nonce bug in wp_ninja_forms_unauthenticated_file_upload
...
If wordpress saves the nonce value in JavaScript, we could get an
undefined method for nil.
2016-09-27 11:30:52 -05:00
OJ
76b3c37262
Fix msftidy errors
2016-09-27 22:56:07 +10:00
OJ
0e82ced082
Add LPE exploit module for the capcom driver flaw
...
This commit includes:
* RDI binary that abuses the SMEP bypass and userland function pointer
invocation that is provided by the driver.
* Related metasploit module.
* Associated make.build to build from command line.
* Updated command line build file.
This also includes the beginnings of a new set of functions that help
with the management/automation of kernel-related work on Windows for
local priv esc exploits.
2016-09-27 22:37:45 +10:00
Pearce Barry
edbe1c3e14
Land #7361 , Make OSX screencapture silent
2016-09-26 17:24:03 -05:00
Brendan
b9de73e803
Land #7334 , Add aux module to exploit WINDOWS based (java) Colorado
...
FTP server directory traversal
2016-09-26 14:15:23 -05:00
Pearce Barry
6382fffc75
Land #7326 , Linux Kernel Netfilter Privesc
2016-09-26 12:38:50 -05:00
Tim
53823a4807
oops msftidy
2016-09-26 23:50:38 +08:00
Henry Pitcairn
e5c05c05d2
Make OSX screencapture silent
...
By default, the `screencapture` command on OS X plays a camera sound effect. The -x option silences this.
2016-09-25 22:54:57 -04:00
Adam Cammack
a13e83af8a
Land #7357 , Stagefright CVE-2015-3864
2016-09-25 17:10:06 -05:00
h00die
23e5556a4c
binary drops work!
2016-09-24 21:31:00 -04:00
Brent Cook
e0ff8859e9
Land #7359 , add EXTRABACON auxiliary module auxiliary/admin/cisco/cisco_asa_extrabacon
2016-09-24 10:46:13 -04:00
Brent Cook
df28e2a85e
Add credit to wwebb-r7 for the initial module and ASA hacking notes
2016-09-24 05:48:31 -04:00
TheNaterz
cd4299b3a2
Added offsets for version 9.2(4)14
...
This version of the ASA is patched and our offsets do not work currently. We may do more work on this to find a solution.
2016-09-23 16:57:08 -06:00
TheNaterz
087e9461ce
Added offsets for version 9.2(4)13
2016-09-23 16:50:50 -06:00
TheNaterz
3f985d94d7
Added offsets for version 8.4(6)5
2016-09-23 16:32:42 -06:00
TheNaterz
352946d8f5
Added offsets for version 8.4(4)9
2016-09-23 16:19:36 -06:00
TheNaterz
368fd1a77f
Added offsets for version 8.4(4)5
2016-09-23 16:07:42 -06:00
TheNaterz
19fe09318a
Added offsets for version 8.4(4)3
2016-09-23 15:56:02 -06:00
TheNaterz
8840af0e90
Added offsets for version 8.4(4)1
2016-09-23 15:44:39 -06:00
TheNaterz
19caff2293
Added offsets for 8.3(2)40
2016-09-23 15:26:02 -06:00
TheNaterz
ba4505bcce
Added offsets for version 8.3(2)39
2016-09-23 15:05:39 -06:00
TheNaterz
64df7b0524
Added offsets for verion 8.3(2)-npe
...
We currently can't distinguish between 8.3(2) and 8.3(2)-npe versions from the SNMP strings. We've commented out the 8.3(2)-npe offsets, but in the future, we'd like to incorporate this version.
2016-09-23 14:49:57 -06:00
TheNaterz
926e5fab9e
Added offsets for version 8.2(5)41
2016-09-23 14:00:23 -06:00
TheNaterz
b4d3e8ea3e
Added offsets for version 9.2(1)
2016-09-23 13:52:13 -06:00
TheNaterz
d36e16fc32
Added offsets for version 8.2(5)33
2016-09-23 13:15:39 -06:00
TheNaterz
f19ed4376b
Adding new version offsets
2016-09-23 12:57:36 -06:00
Joshua J. Drake
dbf66f27d5
Add a browser-based exploit module for CVE-2015-3864
2016-09-23 11:14:31 -05:00
Tijl Deneut
2fab62b14d
Update profinet_siemens.rb
...
Removed unnecessary rescue, gave "timeout" variable a better name.
2016-09-23 18:05:45 +02:00
George Papakyriakopoulos
639dee993a
Fixed interactive password prompt issue
...
Fixed an issue where the exploit would drop to interactive password prompt by default on newer ruby version which rendered the exploit unusable. It now properly forces pubkey authentication instead and proceeds with the bypass as expected.
2016-09-23 17:03:40 +01:00
TheNaterz
98cf5d8eb5
Changed 'build_offsets' to 'build_payload'
2016-09-23 09:32:17 -06:00
zerosum0x0
1868371ba7
fix merge conflicts
2016-09-23 14:49:36 +00:00
zerosum0x0
2591d0b7c6
numerous fixes as per @busterb
2016-09-23 14:46:40 +00:00
Pearce Barry
5de1d34869
Land #7341 , add module metasploit_static_secret_key_base
2016-09-23 09:20:48 -05:00
h00die
cba297644e
post to local conversion
2016-09-22 22:08:24 -04:00
TheNaterz
dda6b67928
Added basic error handling for unsupported ASA versions
2016-09-22 18:24:25 -06:00
TheNaterz
cf070853e9
Moved required datastore option into constructor
2016-09-22 18:08:35 -06:00
h00die
7646771dec
refactored for live compile or drop binary
2016-09-22 20:07:07 -04:00
TheNaterz
df25f07b34
Replaced '+=' with '<<'
2016-09-22 17:53:28 -06:00
TheNaterz
f525c24a9f
Added offsets for 8.4(7)
2016-09-22 17:16:37 -06:00
zerosum0x0
28a09c2d13
stupid comment
2016-09-22 22:57:42 +00:00
TheNaterz
7762f42dfa
Added offsets for 8.3(1)
2016-09-22 16:17:37 -06:00
TheNaterz
064aed858b
Added RiskSense contributor repo to references
2016-09-22 16:10:30 -06:00
TheNaterz
961524d648
Adding offsets for 9.1(1)4
2016-09-22 16:04:44 -06:00
TheNaterz
4e9459d876
Added offsets for 9.0(1)
2016-09-22 15:35:59 -06:00
TheNaterz
5ca6563c8f
Fixed problem with 9.2(2)8 offsets
2016-09-22 15:24:49 -06:00
TheNaterz
b77adc97f0
Removing redundant version check
2016-09-22 15:05:42 -06:00
TheNaterz
c22a2a19e8
Added offsets for 9.2(2)8
2016-09-22 14:59:49 -06:00
TheNaterz
e8d1f6d5a0
Added offsets for 8.2(3)
2016-09-22 14:38:52 -06:00
Jenna Magius
a0ba8b7401
Fix whitespace per msftidy
2016-09-22 14:25:04 -06:00
TheNaterz
022189c075
Added offsets for 8.4(3)
2016-09-22 14:12:33 -06:00
zerosum0x0
4288c3fb46
added always_return_true variable
2016-09-22 19:44:55 +00:00
TheNaterz
c18045128a
Replaced global vars, made 'patched_code' value static
2016-09-22 13:42:23 -06:00
zerosum0x0
3c7fc49788
Added module auxiliary/admin/cisco/cisco_asa_extrabacon
...
This module patches the authentication functions of a Cisco ASA
to allow uncredentialed logins. Uses improved shellcode for payload.
2016-09-22 18:06:03 +00:00
wchen-r7
bc425b0378
Update samsung_security_manager_put
...
This patch improves the following
* Stage 1 XSS/JS attack to use the body.onload callback
* Better timing for FF
2016-09-22 12:02:49 -05:00
Tim
34e02fe097
stageless http
2016-09-22 16:26:26 +01:00
Tim
1b911e7117
placate msftidy
2016-09-22 16:26:26 +01:00
Tim
32c2311b86
android meterpreter_reverse_tcp
2016-09-22 16:26:26 +01:00
Brent Cook
9f3c8c7eee
Land #7268 , add metasploit_webui_console_command_execution post-auth exploit
2016-09-22 00:50:58 -05:00
Brent Cook
88cef32ea4
Land #7339 , SSH module fixes from net:ssh updates
2016-09-22 00:27:32 -05:00
Brendan
04f8f7a0ea
Land #7266 , Add Kaltura Remote PHP Code Execution
2016-09-21 17:14:49 -05:00
Justin Steven
dcfbb9ee6a
Tidy info
...
Replace errant \t with \x20
2016-09-21 20:14:11 +10:00
Justin Steven
1e24568406
Tweak verbosity re: found secrets
2016-09-21 20:14:08 +10:00
Justin Steven
30d07ce0c7
Tidy metasploit_static_secret_key_base module
...
* Inline magic values
* Optimise out dead Rails3-specific code
2016-09-21 20:13:58 +10:00
Kyle Gray
9d01f24cff
Land #7388 , relocate Rex::Platform:Windows content
...
This PR consolidates the few lines of consts/code in lib/rex/platforms/windows.rb into MSF core.
Completes #MS-1714
2016-09-20 16:39:07 -05:00
Louis Sato
8b1d29feef
Land #7304 , fix rails_secret_deserialization popchain
2016-09-20 16:05:03 -05:00
Mehmet Ince
2d3c167b78
Grammar changes again.
2016-09-20 23:51:12 +03:00
Mehmet Ince
0f16393220
Yet another grammar changes
2016-09-20 19:48:40 +03:00
Mehmet Ince
fb00d1c556
Another minor grammer changes
2016-09-20 19:23:28 +03:00
Brendan
251421e4a7
Minor grammar changes
2016-09-20 10:37:39 -05:00
Mehmet Ince
385428684f
Move module and docs under the exploit/linux/http folder
2016-09-20 12:45:23 +03:00
Brent Cook
a9a1146155
fix more ssh option hashes
2016-09-20 01:30:35 -05:00
Mehmet Ince
c689a8fb61
Removing empty lines before module start
2016-09-20 01:42:18 +03:00
Mehmet Ince
29a14f0147
Change References to EDB number and remove 4 space
2016-09-20 01:31:56 +03:00
Justin Steven
a1ca27d491
add module metasploit_static_secret_key_base
2016-09-20 07:04:00 +10:00
David Maloney
e315ec4e73
Merge branch 'master' into bug/7321/fix-ssh-modules
2016-09-19 15:27:37 -05:00
David Maloney
06ff7303a6
make pubkey verifier work with old module
...
make the new pubkey verifier class and
the old identify_pubkeys aux module work
together
7321
2016-09-19 15:20:35 -05:00
Pearce Barry
3f5ed75198
Relocate Rex::Platform:Windows content (fixes MS-1714)
2016-09-19 14:34:44 -05:00
h00die
3bc566a50c
fix email
2016-09-18 20:09:38 -04:00
h00die
9c922d111f
colorado ftp
2016-09-18 20:03:16 -04:00
h00die
edd1704080
reexploit and other docs and edits added
2016-09-18 09:01:41 -04:00
h00die
4f85a1171f
reexploit and other docs and edits added
2016-09-18 08:51:27 -04:00
Mehmet Ince
53d4162e7d
Send payload with POST rather than custom header.
2016-09-17 23:11:16 +03:00
Thao Doan
d2100bfc4e
Land #7301 , Support URIHOST for exim4_dovecot_exec for NAT
2016-09-16 12:49:57 -07:00
Thao Doan
7c396dbf59
Use URIHOST
2016-09-16 12:48:54 -07:00
William Vu
4d0643f4d1
Add missing DefaultTarget to Docker exploit
2016-09-16 13:09:00 -05:00
William Vu
da516cb939
Land #7027 , Docker privesc exploit
2016-09-16 12:44:21 -05:00
William Vu
4ba1ed2e00
Fix formatting in fortinet_backdoor
...
Also add :config and :use_agent options.
2016-09-16 12:32:30 -05:00
William Vu
e3060194c6
Fix formatting in ubiquiti_airos_file_upload
...
Also add :config and :use_agent options.
2016-09-16 12:27:09 -05:00
David Maloney
26491eed1a
pass the public key in as a file instead of data
...
when using key_data it seems to assume it is a private
key now. the initial key parsing error can be bypassed
by doing this
7321
2016-09-16 11:48:51 -05:00
h00die
4be4bcf7eb
forgot updates
2016-09-16 02:08:09 -04:00
h00die
2e42e0f091
first commit
2016-09-16 01:54:49 -04:00
Brent Cook
90f0eec390
Land #7325 , Fix missing form inputs in skybluecanvas_exec
2016-09-15 19:55:32 -05:00
William Vu
a7103f2155
Fix missing form inputs
...
Also improve check string.
2016-09-15 19:19:24 -05:00
Brent Cook
60e728ec5c
Land #7065 , Correct display errors for SHA-512 hashes with MS SQL Server 2012
2016-09-15 18:06:02 -05:00
Brent Cook
8b050fcc9b
simplify cleanup code, remove duplicate logic
2016-09-15 18:05:34 -05:00
Brent Cook
6e221ca575
Land #7221 , Updated JCL cmd payloads to use PR7007 format
2016-09-15 16:38:31 -05:00
David Maloney
dfcd5742c1
some more minor fixes
...
some more minor fixes around broken
ssh modules
7321
2016-09-15 14:25:17 -05:00
David Maloney
e10c133eef
fix the exagrid exploit module
...
split the exagrid exploit module up and
refactor to be able to easily tell if the
key or the password was used
7321
2016-09-15 11:44:19 -05:00
Justin Steven
116c754328
tidy Platform
2016-09-15 10:35:42 +10:00
Justin Steven
8a0c8b54fc
merge branch 'master' into PR branch
...
make Travis happy
2016-09-15 10:31:24 +10:00
Justin Steven
ff1c839b7d
appease msftidy
...
trailing whitespace
2016-09-15 08:18:43 +10:00
William Webb
01327f0265
Land #7245 , NetBSD mail.local privilege escalation module
2016-09-14 16:07:12 -05:00
William Vu
c6214d9c5e
Fix and clean module
2016-09-14 14:36:29 -05:00
James Lee
27be29edb4
Fix typo
2016-09-14 13:21:37 -05:00
James Barnett
6509b34da1
Land #7255 , Fix issue causing Glassfish to fail uploading to Windows targets.
2016-09-14 12:57:41 -05:00
William Vu
8533e6c5fd
Land #7252 , ARCH_CMD to ARCH_PHP for phoenix_exec
2016-09-14 10:38:37 -05:00
William Vu
cac890a797
Land #7308 , disclosure date additions
2016-09-13 23:16:30 -05:00
William Vu
e4e6f5daac
Fix indentation
2016-09-13 23:15:37 -05:00
William Vu
a5502264d4
Land #7305 , missing env var fix for Steam module
2016-09-13 23:11:40 -05:00
h00die
d73531c0d3
added disclosure dates
2016-09-13 20:37:04 -04:00
Brent Cook
7352029497
first round of SSL damage fixes
2016-09-13 17:42:31 -05:00
wchen-r7
245237d650
Land #7288 , Add LoginScannerfor Octopus Deploy server
2016-09-13 17:26:56 -05:00
wchen-r7
10efafe44e
Land #7306 , Update links and add CVE to WebNMS modules
2016-09-13 15:52:27 -05:00
wchen-r7
ed5bbb9885
Land #7284 , Add SugarCRM REST PHP Object Injection exploit
2016-09-13 15:46:46 -05:00
wchen-r7
a0095ad809
Check res properly and update Ruby syntax
...
If res is nil, it should not be doing res.code
2016-09-13 15:45:57 -05:00
Pedro Ribeiro
8d4ee3fac6
Forgot the bracket!
2016-09-13 19:01:22 +01:00
Pedro Ribeiro
4d49f7140c
update links and CVE on webnms_file_download
2016-09-13 18:50:53 +01:00
Pedro Ribeiro
41bdae4b84
update links and CVE on webnms_file_upload
2016-09-13 18:50:25 +01:00
Pedro Ribeiro
8b90df8b67
update links and CVE on webnms_cred_disclosure
2016-09-13 18:49:58 +01:00
wchen-r7
89705cc803
Avoid potential undef method error '+' for nil
2016-09-13 11:13:02 -05:00
wchen-r7
50447fc4cf
Fix post/windows/gather/credentials/steam for an empty env var
2016-09-13 11:04:42 -05:00
Justin Steven
17bad7bd4f
fix popchain
...
ERB changed as per <https://github.com/ruby/ruby/commit/e82f4195d4 >
which broke the popchain used for code execution.
2016-09-13 21:25:14 +10:00
nixawk
1ce9aedb97
parenthesis for condition expression
2016-09-13 03:37:47 -05:00
nixawk
fd16c1c3b7
Fix issue-7295
2016-09-13 01:32:20 -05:00
aushack
11342356f8
Support LHOST for metasploit behind NAT
2016-09-13 11:23:49 +10:00
Tijl Deneut
8df8f7dda0
Initial commit of profinet_siemens.rb
2016-09-11 09:15:41 +02:00
scriptjunkie
a0e05d4c4c
Land #7287 , mdaemon cred dumper
2016-09-10 08:43:07 -05:00
Brent Cook
a81f351cb3
Land #7274 , Remove deprecated modules
2016-09-09 12:01:59 -05:00
Brent Cook
1d4b0de560
Land #6616 , Added an Outlook EWS NTLM login module.
2016-09-09 11:43:52 -05:00
Justin Steven
6bafad44f2
drop 'require uri', tweak option text
2016-09-09 20:31:23 +10:00
Justin Steven
0b012c2496
Combine Unix and Windows modules
2016-09-09 20:28:13 +10:00
Agora Security
00f09d19b1
SMTP Typo
...
Correct SMTP Type (before SMPT)
2016-09-09 01:36:37 -05:00
William Vu
92dba8ff9d
Land #7290 , env var check for WinSCP module
2016-09-07 21:08:12 -05:00
Brendan
a30711ddcd
Land #7279 , Use the rubyntlm gem (again)
2016-09-07 16:33:35 -05:00
wchen-r7
a9c3c5d391
Fix typos
2016-09-07 15:40:10 -05:00
wchen-r7
831c7a08a8
Check environment variables before using for winscp module
2016-09-07 15:24:22 -05:00
William Vu
7d44bd5ba4
Clean up module
2016-09-06 23:30:58 -05:00
aushack
015b790295
Added default rport.
2016-09-07 14:24:07 +10:00
aushack
7632c74aba
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2016-09-07 14:15:57 +10:00
aushack
6e21684ff7
Fix typo.
2016-09-07 14:08:46 +10:00
james-otten
dcf0d74428
Adding module to scan for Octopus Deploy server
...
This module tries to log into one or more Octopus Deploy servers.
More information about Octopus Deploy:
https://octopus.com
2016-09-06 20:52:49 -05:00
catatonic
c06ee991ed
Adding WiFi pineapple command injection via authenticaiton bypass.
2016-09-06 17:22:25 -07:00
catatonic
8d40dddc17
Adding WiFi pineapple preconfig command injection module.
2016-09-06 17:18:36 -07:00
EgiX
df5fdbff41
Add module for KIS-2016-07: SugarCRM REST PHP Object Injection
...
This PR contains a module to exploit KIS-2016-07, a PHP Object Injection vulnerability in SugarCRM CE before version 6.5.24 that allows unauthenticated users to execute arbitrary PHP code with the permissions of the webserver. Successful exploitation of this vulnerability should require SugarCRM to be running on PHP before version 5.6.25 or 7.0.10, which fix CVE-2016-7124.
2016-09-07 01:58:41 +02:00
William Vu
fed2ed444f
Remove deprecated modules
...
psexec_psh is undeprecated because users have been reporting
idiosyncrasies between it and psexec in the field.
2016-09-03 12:43:01 -05:00
Justin Steven
ea220091ea
add metasploit_webui_console_command_execution
...
These modules target the Metasploit Community/Express/Pro Web UI on
Unix and Windows via the diagnostic console feature
2016-09-03 09:12:09 +10:00
Mehmet Ince
ba6c2117cf
Fix msftidy issues
2016-09-02 18:18:43 +03:00
Mehmet Ince
144fb22c32
Add Kaltura PHP Remote Code Execution module
2016-09-02 18:09:53 +03:00
Brendan
81bc6bd672
Land #7228 , Create zabbix_toggleids_sqli auxiliary module
2016-09-01 16:33:17 -05:00
Jon Hart
b0e45341e5
Update redis file_upload to optionally FLUSHALL before writing
...
This increases the chances that the uploaded file will be usable as-is
rather than being surround by the data in redis itself.
2016-08-31 14:27:18 -07:00
Brandon Perry
874fec4e31
Update zabbix_toggleids_sqli.rb
2016-08-31 17:23:16 -04:00
Brandon Perry
d43380330e
Update zabbix_toggleids_sqli.rb
2016-08-31 17:18:28 -04:00
bigendian smalls
05278c868e
Updated JCL cmd payloads to use PR7007 format
...
PR7007 centralized JCL job card for any JCL cmd payload. This PR simply
uses that new format for existing JCL cmd payloads. No functionality
for these payloads was changed, added or deleted.
2016-08-31 14:39:01 -05:00
AgoraSecurity
d65ca818ea
Add validation of session type
2016-08-31 11:29:04 -05:00
AgoraSecurity
ce7d4cf7f7
Removed "shell" from SessionTypes
...
Remove the need to check for the session type manually. It will be automatically validated at the time of module run.
2016-08-31 00:12:31 -05:00
AgoraSecurity
401044ee43
Fix error when saving creds
2016-08-30 16:49:31 -05:00
wchen-r7
445a43bd97
Trim the fat
2016-08-30 15:56:51 -05:00
wchen-r7
1b505b9b67
Fix #7247 , Fix GlassFish on Windows targets
...
Fix #7247
2016-08-30 15:46:08 -05:00
William Vu
e403df57e0
Land #7251 , CPORT fix for smb_login
2016-08-30 00:52:22 -05:00
fullmetalcache
fd1efaea9f
Attempts to address issue #6963 x64/xor encoder not working
2016-08-29 19:59:39 -06:00