Commit Graph

1522 Commits (5171e7edd27afcdf64bb1c49e4d0bd455d7b73a2)

Author SHA1 Message Date
Tim W a51c1209ab
Land #9956, add module to extract wireless credentials on Android 2018-05-17 08:16:35 -07:00
Tim W bacab0507b
Land #9947, AF_PACKET packet_set_ring exploit 2018-05-17 08:16:34 -07:00
Jacob Robles 6e71f5c5fd
Land #9816, Add the scanner/smb/impacket/dcomexec module 2018-05-17 08:16:34 -07:00
William Vu bbb5ff8ad4
Land #7815, CVE-2016-9299 exploit 2018-05-17 08:16:33 -07:00
Tim W 1de1b04c4f
Land #9919, add libuser roothelper privilege escalation exploit 2018-05-15 11:58:14 -07:00
Jacob Robles b2b97db28b
Land #9878, Add MSF module for EDB 6768, Mantis <= v1.1.3 Post-auth RCE 2018-05-09 17:48:53 -07:00
William Vu 0aaae09e5c
Land #9980, PAN-OS readSessionVarsFromFile exploit 2018-05-09 17:48:53 -07:00
Jacob Robles dcbc871883
Land #9988, playsms_uploadcsv_exec 2018-05-07 09:35:08 -07:00
Jacob Robles 75196b4fc6
Land #9944, playsms_filename_exec.rb 2018-05-07 09:35:08 -07:00
William Vu 935fa6414e
Land #9968, second round of Drupalgeddon 2 updates 2018-05-04 09:38:34 -05:00
bwatters-r7 38465e69a8
Land #8795, Added CVE-2016-0040 Windows Privilege Escalation
Merge branch 'land-8795' into upstream-master
2018-05-04 09:38:28 -05:00
Jacob Robles 8739befa70
Land #9821, osCommerce 2.3.4.1 - Remote Code Execution 2018-05-03 09:21:02 -07:00
Aaron Soto c38bca1799
Land #9908, msfd_rce_remote and msfd_rce_browser 2018-04-30 09:49:50 -05:00
Aaron Soto 3b8280c33f
Land #9918, XDebug Unauthenticated OS command execution 2018-04-30 09:42:26 -05:00
Brent Cook 3b7d2c8177
Land #9853, Update Linux sock_sendpage local exploit module 2018-04-26 16:06:10 -07:00
Brent Cook d340ef2632
Land #9876, Drupalgeddon 2 2018-04-26 08:29:59 -07:00
Wei Chen 0949bedf67
Land #9628, Add GitStack v2.3.10 Unauth REST API Aux Module
Land #9628
2018-04-23 11:21:11 -07:00
bwatters-r7 a44bcff2d8
Land #9756, Add lastore-daemon D-Bus Privilege Escalation exploit
Merge branch 'land-9756' into upstream-master
2018-04-23 11:21:10 -07:00
bwatters-r7 6cbd7ba895
Land #9862, Post-exploitation module for meterpreter (Windows) to send wireless probe requests
Merge branch 'land-9862' into upstream-master
2018-04-23 11:21:10 -07:00
bwatters-r7 d2a43d934d
Land # 9247, Add ASUS infosvr Auth Bypass Command Execution exploit
Merge branch 'land-9247' into upstream-master
2018-04-23 11:21:10 -07:00
Tim W b958526b6a
Land #9784, add osx high sierra APFS password disclosure post module 2018-04-18 15:31:20 -07:00
Adam Cammack 5b42a81d3a
Land #9823, Private IP leak via WebRTC 2018-04-12 09:27:21 -07:00
h00die 084e6b1db3
Land #9813, Add etcd library and version scanner 2018-04-10 06:55:58 -07:00
Brent Cook 62c6340d70
Land #9794, Added support for regional dialects 2018-04-06 14:20:42 -07:00
Chris Higgins ded6a50883
Land #8539, ProcessMaker Plugin Upload exploit 2018-04-04 19:06:18 -07:00
bwatters-r7 4765ffc05a
Land #9595, Add post module RID Hijacking on Windows 2018-04-04 19:06:17 -07:00
Brent Cook ef4fd1dc75
Land #9742, QNX exploit improvements 2018-04-03 09:13:57 -05:00
Brent Cook c2bf848ba9
Land #9748, Convert the smbloris DoS into an external module
Help reliability and performance. This some Ruby-specific external module
tooling as a result as well.
2018-04-03 09:13:56 -05:00
Brent Cook c3f9ee2ae3
Land #9802, update kerberoasting setup docs 2018-04-03 09:13:29 -05:00
Brent Cook d6f23071ca
Land #9718, Add get_user_spns 'kerberoasting' module 2018-04-03 09:13:29 -05:00
Jon Hart 36ba1468e8
Land #9760, @h00die's etcd scanner 2018-03-29 09:17:54 -07:00
Jacob Robles 3b87bf5a03
Land #9666, Add 2017-8917 RCE for Joomla 3.7.0 2018-03-29 09:17:54 -07:00
Wei Chen 6108d79dcd
Land #9684, Adding ManageEngine Application Manager RCE
Land #9684
2018-03-27 15:44:50 -07:00
Wei Chen 409ae22a7e
Land #9633, Exodus Wallet Remote Code Execution
Land #9633
2018-03-27 15:44:49 -07:00
William Vu fdf9ea04a6
Land #9775, module doc improvements to MS17-010 2018-03-27 15:44:49 -07:00
Wei Chen 5b1577e46d
Land #9670, Gitstack v2.3.10 RCE
Land #9670
2018-03-27 14:24:23 -05:00
h00die c56e571b18
Land #9702 exploit for clipbucket 2018-03-27 13:55:43 -05:00
Brent Cook ef7b77ed01
Land #9529, Add module for HP iLO CVE-2017-12542 authentication bypass 2018-03-17 20:33:05 -07:00
Jacob Robles 715279311a
Land #8422, Typo3 News Module Sql Injection exploit 2018-03-15 09:21:14 -07:00
h00die 8af0d9ceaa
Land #9713 update to juniper config docs 2018-03-15 06:49:02 -07:00
Brent Cook 028d329b4d
Land #9632, owa_login and auth_brute enhancements 2018-03-12 10:14:19 -07:00
Jacob Robles bcc0a2a94c
Land #7654, varnish file read 2018-03-09 12:53:20 -08:00
Jacob Robles 49bc0024c1
Land #9678, Add memcached UDP version scanner 2018-03-07 18:47:47 -08:00
Jacob Robles fbee660136
Land #9554, Eclipse Equinoxe OSGi console RCE 2018-03-07 07:49:31 -08:00
Brent Cook f6223c0193
Land #9614, Juniper post enum module 2018-03-07 07:49:29 -08:00
Jon Hart 6909c635bc
Land #9644, @xistence's memcached stats amplification scanner 2018-03-05 15:29:20 -08:00
h00die e57a1fbd43
Land #9650 netgear telnetenable exploit 2018-03-05 07:42:48 -08:00
h00die fc8cafe81a
Land #9310 docs for many aux scanners 2018-02-25 23:25:02 -08:00
bwatters-r7 ac6fede928
Land #9441, Create exploit for AsusWRT LAN RCE
Merge branch 'land-9441' into upstream-master
2018-02-23 08:31:01 -08:00
Brent Cook 826b986018
Land #9602, Create sessions with the Fortinet SSH backdoor scanner 2018-02-22 08:27:36 -08:00
Aaron Soto dc913b60e4
Land #9444 - `hsts_eraser` module and docs 2018-02-22 08:27:35 -08:00
Jacob Robles 40220b5ab6
Land #9594, CloudMe Sync v1.10.9 Buffer Overflow 2018-02-22 08:27:35 -08:00
Jacob Robles 72cb9f358e
Land #9561, Disk Savvy Enterprise v10.4.18 built-in server buffer overflow 2018-02-22 08:27:34 -08:00
Chris Higgins d2c203bcb9
Lands #9504, MagniComp SysInfo privilege escalation 2018-02-20 09:24:13 -06:00
Brent Cook d2e71cfc8b
Land #9512, Add Claymore Dual GPU Miner<= 10.5 DoS module 2018-02-16 15:34:48 -08:00
Wei Chen 004e228a52
Land #9509, Ulterius Server < v1.9.5.0 Directory Traversal
Land #9509
2018-02-16 15:34:47 -08:00
h00die 37cb2d77e7
Land #9422 abrt race condition priv esc on linux 2018-02-12 11:55:21 -06:00
Pearce Barry 6c3168c541
Land #9536, Add Ubuntu notes to documentation 2018-02-12 11:55:19 -06:00
Pearce Barry 73bcec5d11
Land #9408, Add Juju-run Agent Privilege Escalation module (CVE-2017-9232) 2018-02-12 11:55:19 -06:00
h00die 090f7c8bd6
Land #9467 linux priv esc against glibc origin 2018-02-12 11:55:19 -06:00
h00die cd7187023c
Land #9469 linux local exploit for glibc ld audit 2018-02-12 11:55:18 -06:00
Adam Cammack cd723ac86e Add scanner for Bleichenbacher oracle (ROBOT) 2018-02-09 11:14:30 -06:00
Brent Cook b696665adc
Land #9478, Improve Dup Scout BOF exploit 2018-02-08 10:25:39 -06:00
h00die 5457cec81c
Land #9493 updates to various docs 2018-02-06 23:33:58 -06:00
William Vu 6c350be24e
Land #9473, new MS17-010 aux and exploit modules 2018-02-02 11:32:40 -06:00
h00die 016af01fd8
Land #9399 a linux priv esc against apport and abrt 2018-02-02 11:32:29 -06:00
Brent Cook ec12d61702
Land #9354, Debut embedded httpd server (Brother printers) DoS 2018-02-02 11:31:59 -06:00
bwatters-r7 64746d8325
Land # 9407, Add BMC Server Automation RSCD Agent RCE exploit module
Merge branch 'land-9407' into upstream-master
2018-02-01 11:23:59 -06:00
Jacob Robles 4fa68f29d9
Land #9457, Dup Scout Enterprise v10.4.16 - Import Command Buffer Overflow 2018-02-01 11:23:26 -06:00
Aaron Soto 395320ba97 Land #9379, Oracle Weblogic RCE exploit and documentation 2018-01-26 18:08:56 -06:00
Pearce Barry 926ce42a01
Land #8632, colorado ftp fixes 2018-01-24 17:13:20 -06:00
bwatters-r7 2ea9ab2625
Land #9416, Sync Breeze Enterprise 9.5.16 Import Command buffer overflow
Merge branch 'land-9416' into upstream-master
2018-01-24 17:13:16 -06:00
Adam Cammack a4022f7b8f
Land #9430, Improve Hyper-V checkvm checks 2018-01-24 17:13:12 -06:00
bwatters-r7 8f2de5cd41
Land #9205, Documentation for Kaltura <= 13.1.0 RCE (CVE-2017-14143)
Merge branch 'land-9205' into upstream-master
2018-01-24 17:13:05 -06:00
Brent Cook 5ec3da843e
Land #9349, GoAhead LD_PRELOAD CGI Module 2018-01-24 17:12:47 -06:00
Brent Cook b8fc2c0213
Land #9389, Update commvault_cmd_exec module documentation 2018-01-24 17:11:34 -06:00
Brady Sullivan 593813cdef Fix small grammar issues in ms08_067 and ms17_010
Also includes very small changes to improve punctuation consistency
within CONTRIBUTING.md
2018-01-15 19:32:44 -08:00
William Vu 736d438813 Address second round of feedback
Brain fart on guard clauses when I've been using them all this time...
Updating the conditions made the ternary fall out of favor.

Changed some wording in the doc to suggest the domain name for a
particular NIS server may be different from the bootparamd client's
configuration.
2018-01-13 22:55:01 -06:00
William Vu c080329ee6 Update module after feedback
Looks like I can't decide on certain style preferences.

Not keen on using blank?, but I've used it before. Time to commit?

Also, fail_with has been fixed for aux and post since #8643. Use it!
2018-01-13 15:40:11 -06:00
William Vu ff1c85552b Add module doc 2018-01-12 19:34:59 -06:00
Wei Chen e6c4fb1dab
Land #9269, Add a new target for Sync Breeze Enterprise GET BoF
Land #9269
2018-01-11 16:54:23 -06:00
Wei Chen f395e07fc6 Land #9269, add new target for Sync Breeze Enterprise GET BoF
Land #9269
2018-01-11 16:53:02 -06:00
William Vu 4b225c30fd
Land #9368, ye olde NIS ypserv map dumper 2018-01-10 22:02:36 -06:00
William Vu f5210ed6d6 Update module doc with missing options 2018-01-10 20:18:50 -06:00
Wei Chen 6510ee53bc
Land #9204, Add exploit for Samsung SRN-1670D (CVE-2017-16524)
Land #9204
2018-01-10 20:15:29 -06:00
Wei Chen 18c179a091 Update module and add documentation
This updates the module to pass:

* msftidy
* Ruby style guidelines
* Proper usage of Metasploit API
* Mostly other cosmetic fixes

A documentation is also added.
2018-01-10 20:13:42 -06:00
Wei Chen 7e2c7837e5
Land #9325, Add CVE-2017-6090 phpCollab 2.5.1 file upload exploit module
Land #9325
2018-01-10 17:39:50 -06:00
Wei Chen b1f3f471f3 Update phpcollab_upload_exec code (also module documentation) 2018-01-10 17:38:52 -06:00
Wei Chen 8d77f35b16
Land #9373, Add LabF nfsAxe FTP Client 3.7 Stack Buffer Overflow
Land #9373
2018-01-09 22:40:50 -06:00
Wei Chen 25280e3319 Update labf_nfsaxe and module documentation 2018-01-09 22:39:40 -06:00
Wei Chen 777e383568
Land #9377, Add HPE iMC dbman RestoreDBase Unauthenticated RCE exploit
Land #9377
2018-01-09 13:56:53 -06:00
Wei Chen a0c9cdd73d
Land #9376, Add HPE iMC dbman RestartDB Unauthenticated RCE exploit
Land #9376
2018-01-09 13:28:03 -06:00
William Vu bbad416a86 Add module doc to appease the @h00die god 2018-01-08 15:02:39 -06:00
Wei Chen d138f1508c
Land #9340, Add exploit for Commvault Remote Command Injection
Land #9340
2018-01-07 12:17:26 -06:00
Brendan Coles a1a594d1f8 Add documentation 2018-01-06 05:09:24 +00:00
Brendan Coles 9ec17bdd54 Add documentation 2018-01-06 05:08:33 +00:00
Daniel Teixeira 160f960f78
Add files via upload 2018-01-04 20:25:41 +00:00
h00die 65f444ddcc
land #9362 exploit for pfsense graph injection 2018-01-04 14:35:52 -05:00
Brent Cook 520e890520
Land #8581, VMware Workstation ALSA Config File Local Privilege Escalation 2018-01-03 21:35:57 -06:00
Wei Chen b8dde2e650 Land #9360, Ayukov NFTP FTP client buffer overflow vulnerability
Land #9360
2018-01-03 20:56:12 -06:00