a63c057c3a
Integrate bcoles' comments (filename generation, conditional block improvement, etc.)
2019-01-06 22:50:46 +01:00
c03466d2f2
Fixed date format issue and added Bugtraq ID
2019-01-06 14:34:40 +01:00
4644ad8966
Add CVE-2018-15961 Adobe ColdFusion CKEditor unrestricted file upload
2019-01-06 04:55:20 +01:00
e990bb31df
Land #11182 , bump mettle, change debug and background options
2019-01-03 02:57:19 -06:00
811605a9b8
Cleanup headless Chrome process for meterpreter sessions
2018-12-30 18:05:41 +11:00
5957315167
Land #11141 , Ensure Byte XORi Encoder uses cacheflush()
2018-12-29 10:20:07 +00:00
005b2664b8
Land #11140 , Ensure MIPS Long XOR Encoder uses cacheflush()
2018-12-29 10:14:47 +00:00
9e109c7e7c
Update cache size
2018-12-28 16:08:15 -06:00
29e7c49332
Land #10444 , add Consul rexec RCE module
2018-12-28 09:14:28 -06:00
fb8f06b2f5
Land #10443 , add Consul service RCE module
2018-12-28 08:33:56 -06:00
4e8ad22a7a
Adding CVE number
2018-12-26 13:15:36 +03:00
69e7956adf
Land #11174 , Fix platform bug when upgrade shell.
...
The platform on windows powershell should be 'win', rather than
'windows', this bug leads to failure when upgrade powershell session
to meterpreter.
2018-12-26 11:31:39 +08:00
fa542b9691
Adding platform and arch to top level
2018-12-25 15:56:25 +03:00
ee7120d63a
fixed post/multi/manage/shell_to_meterpreter
2018-12-25 15:00:39 +08:00
18c844623a
Remove extra spaces.
2018-12-24 13:48:07 +01:00
e10792f4e6
Remove extra space.
2018-12-24 13:30:03 +01:00
58aebb6dec
fix #11133 , sleep to avoid the second stage being read too early
2018-12-24 19:26:10 +08:00
98dc59728e
Add blueman set_dhcp_handler D-Bus Privilege Escalation
2018-12-24 08:03:55 +00:00
b9742802aa
Land #11137 , Clean up linux/local/vmware_alsa_config exploit module
2018-12-21 17:04:11 -06:00
81f4ed6db3
Add references and remove reserved function calls
2018-12-22 00:30:37 +05:30
5838ad87fb
Check if directory and file exist and report accordingly
2018-12-21 19:36:01 +05:30
4bc871c499
Add CmdStager to erlang_cookie_rce
2018-12-21 07:33:37 -06:00
ba9c7039f7
Add psreadline_history module
2018-12-21 18:18:21 +05:30
c959c98161
add original public research author
2018-12-21 02:54:35 -06:00
a7e8afe760
update references, remove unused metadata, use more straightforward string operations
2018-12-21 02:54:35 -06:00
0dab74a71f
tweak description
2018-12-21 02:54:35 -06:00
46acd7a206
simplify
2018-12-21 02:54:35 -06:00
2f35695327
update web link
2018-12-21 02:54:35 -06:00
ac51fbd122
style fixes
2018-12-21 02:54:35 -06:00
dc6ae6f058
initial import, CVE-2016-4117 OSX exploit
2018-12-21 02:54:35 -06:00
b83c6ad496
Land #11149 , fix a PTY leak in Python Meterpreter
2018-12-20 17:30:42 -06:00
bf2de42077
Now supports all version of Consul.
2018-12-20 18:56:07 +01:00
2919b970cd
Implement execution checks with a timeout limit so we don't leave zombie checks running in background.
2018-12-20 18:41:35 +01:00
ba5c40db77
No need for CVE field.
2018-12-20 18:18:53 +01:00
9481ad04f2
Adding support for ARCH_CMD and updating docs
2018-12-20 12:12:01 +03:00
5af05ad976
Land #11143 , nc -j fix for cups_root_file_read
2018-12-19 22:37:00 -06:00
bf4bb0a5b9
bump metasploit-payloads gem
...
Update metasploit-payloads gem to 1.3.57 to pick up
fix for Python Meterpreter PTY Leak from rapid7/metasploit-payloads#319
2018-12-19 18:19:24 -06:00
68ceb08957
Fixing minor issues such as err codes
2018-12-19 22:17:34 +03:00
d601837e03
Land #10401 , java_jmx_server scanner for Java JMX MBean servers
2018-12-19 13:12:03 -06:00
50b7d93a18
java_jmx_scanner: Incorporate @bcoles suggestions
2018-12-19 12:56:53 -06:00
f7eb3452be
Land #11083 , set user agent in Windows reverse_http(s) stagers
2018-12-19 11:38:12 -06:00
e5c8c18ded
Adding Mailcleaner exec
2018-12-19 17:35:40 +03:00
6921b79890
Land #11089 , Erlang cookie rce exploit module
2018-12-19 08:02:40 -06:00
3838be0a03
Windows Hide Chrome Window
2018-12-19 05:58:11 -06:00
1b8b3bbb95
Update nc -j check in cups_root_file_read
2018-12-18 17:38:33 -06:00
51ce96a2b4
Merge branch 'jmx_scanner' of https://github.com/sgorbaty/metasploit-framework into sgorbaty-jmx_scanner
2018-12-18 16:05:03 -06:00
60f3cfbb79
ysoserial: Cleaned up ysoserial payload in `hp_imc_java_deserialize`
2018-12-18 15:17:51 -06:00
bb758f9a61
I didn't forget msftidy I swear
2018-12-18 14:55:12 -06:00
8a2a605a99
added targets
2018-12-18 14:50:57 -06:00
0464f941a7
Add Windows Support
2018-12-18 14:17:10 -06:00
ef8601aa71
Bail early if we receive an unexpected response.
2018-12-18 19:42:26 +01:00
4ee7bdee6c
Merge branch 'consul_service_exec' of github.com:QKaiser/metasploit-framework into consul_service_exec
2018-12-18 19:33:51 +01:00
b3563b1bc2
Cleaner version of check function thanks to @bcoles.
2018-12-18 19:33:30 +01:00
5e134d7d8d
Update modules/exploits/multi/misc/consul_service_exec.rb
...
Co-Authored-By: QKaiser <QKaiser@users.noreply.github.com>
2018-12-18 19:27:19 +01:00
5192c081ee
Update modules/exploits/multi/misc/consul_service_exec.rb
...
Co-Authored-By: QKaiser <QKaiser@users.noreply.github.com>
2018-12-18 19:27:08 +01:00
6ad40deac3
print_status will never throw a JSON::ParseError exception.
2018-12-18 19:15:13 +01:00
b2b410cbbe
DoS Exploitation of Allen-Bradley legacy protocol (PCCC)
2018-12-18 16:49:53 +00:00
1e88ce9a3d
Edit the comments to -84
2018-12-18 16:33:44 +00:00
05218654f4
adjust the offset to -84
2018-12-18 16:30:47 +00:00
af418ec7f7
Fix mipsle byte_xori too
2018-12-18 16:05:23 +00:00
a52ffbcead
Missing disclosure date.
2018-12-18 17:03:09 +01:00
a3d020a7e2
Add support for authorization with X-Consul-Token ACL header.
2018-12-18 16:56:03 +01:00
1839144978
Cleaner to define this as a Hash, then call .to_json on it.
2018-12-18 16:53:49 +01:00
d40d6c4e3d
Update longxor.rb
...
Suffers from the same problem as the mipsbe version
2018-12-18 15:48:29 +00:00
34c9555717
Fix byte_xori encoder
...
The byte_xori encoder for mipsbe does not work correctly. At the end of the decoding, it should invoke cacheflush() with the correct parameters:
int cacheflush(char *addr, int nbytes, int cache)
I think this is because the encoder is based of the longxori encoder, which itself is pretty old (2008), and before kernel 2.6.11, cacheflush() did not need any parameters (from the cacheflush man page):
BUGS
Linux kernels older than version 2.6.11 ignore the addr and nbytes arguments, making this function fairly expensive. Therefore, the whole cache is always flushed.
This commit fixes that by setting up the parameters correctly. As an unfortunate side effect this increases the shellcode by 16 bytes, but it is absolutely necessary for it to work properly.
Note that this bug is not present when testing the encoder output on an emulator like qemu; emulators do not need to flush the caches to work properly.
2018-12-18 15:37:47 +00:00
177ae2f927
fail_with is not allowed in check method. Use vprint_error and return a CheckCode instead. Cleaner response check in check function. Usage of CheckCode instead of Exploit::CheckCode.
2018-12-18 16:33:53 +01:00
0feadf636b
Define in RPORT and SSL in register_options rather than DefaultOptions. Support for echo and printf command stager flavors + support for curl and wget command stager flavors (hence reactivation of SRVHOST, SRVPORT, URIPATH and SSLCert).
2018-12-18 16:29:36 +01:00
0acdcd98f2
Merge branch 'master' into consul_service_exec
2018-12-18 16:27:08 +01:00
f487f978c2
Merge branch 'consul_exec' of github.com:QKaiser/metasploit-framework into consul_exec
2018-12-18 16:09:18 +01:00
08541cd7b9
Merge branch 'master' into consul_exec
2018-12-18 16:07:08 +01:00
a1e1e4a4f4
Remove useless comment.
2018-12-18 16:05:50 +01:00
b80e5715d4
Add support for authorization with X-Consul-Token ACL header.
2018-12-18 16:02:39 +01:00
551f8c5e92
Support for echo and printf command stager flavors + support for curl and wget command stager flavors (hence reactivation of SRVHOST, SRVPORT, URIPATH and SSLCert).
2018-12-18 15:48:58 +01:00
f290221a66
Cleaner response check in check function. Usage of CheckCode instead of Exploit::CheckCode.
2018-12-18 15:36:52 +01:00
aeec5cf23e
Cleaner to define this as a Hash, then call .to_json on it. Better support of agent definition in check function.
2018-12-18 15:31:30 +01:00
e51530688b
fail_with is not allowed in check method. Use vprint_error and return a CheckCode instead.
2018-12-18 15:09:04 +01:00
4682cf5796
Define in register_options rather than DefaultOptions.
2018-12-18 15:04:28 +01:00
86cbddf46d
fix spacing
2018-12-18 13:35:16 +00:00
fff850a07e
Make longxor encoder great again
...
The longxor encoder for mipsbe does not work correctly. At the end of the decoding, it should invoke cacheflush() with the correct parameters:
int cacheflush(char *addr, int nbytes, int cache)
The encoder previously did not setup the arguments, as it even said so in the comments:
; addiu $4, $16, -4 ; not checked by Linux
; li $5,40 ; not checked by Linux
; li $6,3 ; $6 is set above
I think this is because the encoder is pretty old (2008), and before kernel 2.6.11, cacheflush() did not need any parameters (from the cacheflush man page):
BUGS
Linux kernels older than version 2.6.11 ignore the addr and nbytes arguments, making this function fairly expensive. Therefore, the
whole cache is always flushed.
This commit fixes that by setting up the parameters correctly. As an unfortunate side effect this increases the shellcode by 16 bytes, but it is absolutely necessary for it to work properly.
Note that this bug is not present when testing the encoder output on an emulator like qemu; emulators do not need to flush the caches to work properly.
As an added bonus I have also made it compatible with toupper() restrictions, which is common in web server exploits too. This did not add any extra bytes to the encoder.
2018-12-18 12:30:55 +00:00
fc2d217c0a
Land #11135 , strip comments from source code before uploading it to the target
2018-12-17 21:23:29 -06:00
333d44186b
Land #11138 , add reverse_tcp mixin for vax payload
2018-12-17 21:17:40 -06:00
bf13693d37
Land #11101 , temp fix for x64/xor stage encoder
...
Merge branch 'land-11101' into upstream-master
2018-12-17 14:14:55 -06:00
2a69fffa6b
fix for ReverseTcp error
...
Update vax shell_reverse_tcp.rb to fix ReverseTcp NameError
Error:
/opt/metasploit-framework/embedded/framework/modules/payloads/singles/bsd/vax/shell_reverse_tcp.rb:24:in `initialize': uninitialized constant Msf::Handler::ReverseTcp (NameError)
After adding this line the error dissapeared for me and I was able to run msfconsole again.
2018-12-17 19:28:07 +01:00
2fc501d260
Land #11112 , Fix bpf_priv_esc exploit module
2018-12-17 10:00:50 -06:00
7839add2fd
Land #11123 , Add module windows persistent service
2018-12-17 09:07:21 -06:00
88b7b7df4a
Fix additional path space issues
2018-12-17 07:00:23 -06:00
d973a58052
Clean up linux/local/vmware_alsa_config
2018-12-17 08:01:34 +00:00
0aa6e5a640
Handle path with spaces correctly.
2018-12-17 10:25:06 +08:00
fcb512878c
Add strip_comments method to Linux local exploits
2018-12-16 14:11:54 +00:00
5bf28887d2
Land #11127 , Fix TARGETURI support in struts2_namespace_ognl
2018-12-15 09:33:48 -06:00
b8e134b95d
Update version check
2018-12-15 05:39:50 +00:00
6237740116
lint: remove spaces
2018-12-15 01:02:13 +01:00
cb3ea8dfed
Remove binding.pry from bind payload.
...
In response to
https://github.com/rapid7/metasploit-framework/pull/11039#discussion_r241890477 .
2018-12-14 16:32:19 -06:00
cd2dbf0edf
ysoserial: Modified `hp_imc_java_deserialize` to use the library
2018-12-14 16:13:17 -06:00
8adfef5730
Remove Version, Fix Whitespace
2018-12-14 13:19:49 -06:00
e67eaa94c9
Move code to ERB template
2018-12-14 13:13:32 -06:00
38bdee19e8
Fix TARGETURI support in struts2_namespace_ognl
2018-12-14 13:08:50 -06:00
6c9fafb9d5
Delete unused variable
...
I suppose the variable 'f' was for Name in 06720ee18b/modules/exploits/linux/smtp/haraka.py (L70)06720ee18b/modules/exploits/linux/smtp/haraka.py (L70)
2018-12-14 22:27:11 +05:30
556d182231
Remove code that was replaced
2018-12-14 09:15:01 -06:00
a057b72bd9
Use argument
2018-12-14 09:14:27 -06:00
dfa84aa1af
Use exploit default exception handling
2018-12-14 09:12:32 -06:00
5fd7b82f7a
Remove unused parameter
2018-12-14 09:10:29 -06:00
673cfe6889
Land #11119 , Add WEBUI_PORT to hp_van_sdn_cmd_inject exploit
2018-12-13 16:15:53 -06:00
58aa16d06b
Work around snprintf
2018-12-13 14:29:54 -06:00
f00118851a
Revert "Land #10886 , Bypassuac computerdefault"
...
This reverts commit 14b2cdc120a79b936e09
2018-12-13 13:56:16 -06:00
cc7cb7302e
Land #10944 , Add macOS Safari exploit from pwn2own2018
2018-12-13 13:50:19 -06:00
92feeea0ca
Minor syntax change
2018-12-13 13:46:40 -06:00
cb5648a1c7
Add WEBUI_PORT to hp_van_sdn_cmd_inject exploit
2018-12-13 12:22:36 -06:00
3f1aa425b4
msftidy....lol
2018-12-13 11:03:41 -06:00
2e26ceac8f
added comments
2018-12-13 10:55:09 -06:00
89e4e8bdea
Merge branch 'master' of github.com:rapid7/metasploit-framework into upstream-master
2018-12-13 09:30:10 -06:00
8b79634338
Update a few stragglers
...
And since eaton_xpert_backdoor was copied from my fortinet_backdoor
module, update the error handling there, too.
2018-12-12 15:47:18 -06:00
e69f006992
Remove CommandShell mixin in exploits
...
This was cargo culting. Exploits use handler instead of start_session.
2018-12-12 15:43:13 -06:00
6e77ae7e3e
Update my SSH scanner modules
...
Especially with proper error handling for Net::SSH::CommandStream.
2018-12-12 15:36:54 -06:00
7cffbac65b
Update additional scanner modules.
2018-12-12 15:32:31 -06:00
fa2164ebb9
Update to match coding style.
2018-12-12 15:32:31 -06:00
eceb47a9da
Move CREATE_SESSION option to advanced option CreateSession
2018-12-12 15:32:31 -06:00
8a7187ad79
Add CREATE_SESSION option to CommanShell
...
Register the CREATE_SESSION option in command_shell_options so it
can be used with all modules that use start_session.
Modify ssh_login.rb, ssh_login_pubkey.rb, and telnet_login.rb to
use the new CREATE_SESSION option.
When CREATE_SESSION is set to true (default) a new session is
created with each successful login. When set to false a new session
is not created but the successful login is still registered in the
credentials database.
2018-12-12 15:32:31 -06:00
904f342848
Option to not create shell on login.
2018-12-12 15:32:30 -06:00
8ffd9e47b0
Up to date PR10429
2018-12-12 13:30:58 -06:00
96c281daef
Add send_not_found and module documentation for webdav_delivery
2018-12-12 13:26:46 -06:00
68d451711b
Fix bpf_priv_esc module
2018-12-12 17:23:12 +00:00
ea724dec46
Merge in upstream/master
2018-12-12 11:00:31 -06:00
aa0c206b4b
Land #11107 , double negative logic cleanup
2018-12-11 20:29:53 -06:00
ae089ce573
Land #10960 , add wp duplicator code inject module
2018-12-11 12:02:07 -06:00
b82e3469a2
renamed module and doc
2018-12-11 11:59:19 -06:00
7e953e34b9
Added the clean_up function
2018-12-11 18:13:46 +01:00
b109321b44
Kill `unless not`
2018-12-11 10:16:16 -06:00
ac88c604fd
Remove copy/pasta'd funtion that was never called
2018-12-11 10:02:36 -06:00
1ab69c221c
Land #11040 , Add CyberLink LabelPrint Local BOF
2018-12-11 08:19:51 -06:00
165f082160
Fix syntax, minor edits
2018-12-11 07:55:20 -06:00
ff2d048530
fixes: update x86/xor_dynamic for #11100
2018-12-10 22:45:45 +01:00
a94e52ca31
fixes: updates x64/xor_dynamic for #11100
2018-12-10 22:42:31 +01:00
3f18ffa224
Land #10318 , Oracle function-based index privesc
2018-12-10 11:32:39 -06:00
d0f1f72426
Clean up module
2018-12-10 11:21:16 -06:00
bc6356a2cd
Land #11090 , update code and style for exploit/linux/local/glibc_origin_expansion_priv_esc
2018-12-10 09:59:03 -06:00
565f2e3e38
wait wrong
2018-12-09 19:23:54 -06:00
ee2ed46143
added date based on man page
2018-12-09 19:17:22 -06:00
f6bfbddb8d
twks
2018-12-09 15:59:58 -06:00
2beddf1012
req changes
2018-12-09 15:01:09 -06:00
237d3c86c4
Code cleanup and update style
2018-12-09 07:26:51 +00:00
39229125b7
tweak
2018-12-09 00:22:49 -06:00
02f3d4688f
changes
2018-12-09 00:10:54 -06:00
69ed80f685
varys -> varies
2018-12-08 22:51:52 -06:00
fcad3f0c8f
erlang cookie rce exploit module
2018-12-08 22:36:56 -06:00
a9c0a5d53d
Use ::File::binread for exploit_data file read
2018-12-09 04:09:56 +00:00
c5015c62b8
Simplify Chrome Gather Cookies
...
Module now uses Chrome itself as a websocket client, reading websockets
via js. It no longer downloads and executes `websocat`.
2018-12-09 09:52:45 +11:00
d3fc707c98
Land #11080 , update mettle payloads
2018-12-08 09:51:37 -06:00
3768f79568
Land #11085 , add lkrg_installed? checks to various modules
2018-12-08 09:19:33 -06:00
733c2f637d
Land #11081 , Add Msf::Post::Linux::Kernel.lkrg_installed? method
2018-12-08 09:14:57 -06:00
d8ab6a552b
Add lkrg_installed? checks
2018-12-08 13:37:12 +00:00
2e5e392085
Land #11079 , add kernel configuration checks to local exploits
2018-12-08 06:58:48 -06:00
0ce05f0c07
update payload sizes
2018-12-08 06:24:02 -06:00
df76521100
Land #11066 , add rpc output locking, fix logging
2018-12-07 13:49:10 -06:00
7f4d97ef46
don't embed status characters in messages, use correct logging instead
2018-12-07 13:29:56 -06:00
80d83720df
Add Msf::Post::Linux::Kernel.lkrg_installed? method
2018-12-07 14:42:16 +00:00
275c043cfd
Add kernel_config checks
2018-12-07 03:28:17 +00:00
0345c8f66c
update mettle payloads
...
This is a large update to mettle payloads including:
* Adds globbing support to the `ls` command (https://github.com/rapid7/mettle/pull/139 )
* Fixes crashes on iOS platforms when cryptTLV is enabled (https://github.com/rapid7/mettle/pull/142 )
* Fixes display of the OS version on macOS and iOS (https://github.com/rapid7/mettle/pull/143 )
* Fixes the local port handling for pivoted client network connections (https://github.com/rapid7/mettle/pull/144 )
* Fixes an unaligned memory access in TLV packet handling, needed for some CPUs (https://github.com/rapid7/mettle/pull/145 )
* Fixes some compatibility issues building on Solaris (https://github.com/rapid7/mettle/pull/147 )
* Updated libpcap, mbedtls, and libcurl to the latest versions (https://github.com/rapid7/mettle/pull/146 )
2018-12-06 21:16:41 -06:00
7d8458d8d4
Land #11076 , Prevent storing empty config files as loot
2018-12-06 20:30:08 -06:00
c3a40d3752
Remove trailing whitespace at EOL.
2018-12-06 20:18:21 -06:00
71f84fe6a7
Land #11060 , Add checks to post/linux/gather/enum_protections
2018-12-06 20:17:50 -06:00
392ad18dba
Implement reverse_ipv6 shellcode via metasm in lib.
...
Per the linked request
https://github.com/rapid7/metasploit-framework/pull/11039#issuecomment-443915955
Rewrote previous version of payload module to make use of metasm for
more reusable shellcode.
2018-12-06 20:10:07 -06:00
f728b46a80
WIP on add-linux-x64-ipv6-bind-shell: 87fa3af6b9 Implement shellcode via metasm in lib.
2018-12-06 16:23:20 -06:00
140833215f
Add CVE as issued by DWF
...
See discussion on #10987 .
Now that I said that out loud, I realize that the original PR for this
module is a really funny PR number.
2018-12-06 14:59:05 -06:00
eecc5d60e0
Prevent storing empty config files as loot
2018-12-06 13:06:50 +00:00
f94559a36a
Update nuuo_nvrmini_upgrade_rce.rb
2018-12-06 07:09:44 +03:00
9d7389b448
Update nuuo_nvrmini_upgrade_rce.rb
2018-12-06 07:04:24 +03:00
cbe3f0eec9
Update nuuo_nvrmini_upgrade_rce.rb
2018-12-06 06:36:29 +03:00
4880dcbda8
Update nuuo_nvrmini_upgrade_rce.rb
2018-12-06 06:34:13 +03:00
ca558d4b14
Update nuuo_nvrmini_upgrade_rce.rb
2018-12-06 06:26:34 +03:00
c72065987b
Update nuuo_nvrmini_upgrade_rce.rb
2018-12-06 06:19:16 +03:00
3ac5096e1a
Create nuuo_nvrmini_upgrade_rce.rb
2018-12-06 05:51:10 +03:00
b0560c1ec8
Centralize logging sync, fix minor logging issues
2018-12-05 12:42:44 -06:00
87fa3af6b9
Implement shellcode via metasm in lib.
...
Per the linked request
https://github.com/rapid7/metasploit-framework/pull/11039#issuecomment-443915955
Rewrote previous payload module to make use of metasm for more reusable
shellcode.
2018-12-05 06:14:31 -06:00
224e782772
Cleaned the create_wp_config_file function
2018-12-05 10:56:22 +01:00
2774c17ca1
Replaced print_error and return with a fail_with
2018-12-05 10:11:09 +01:00
1bc024eaa7
Update cyberlink_lpp_bof.rb
...
Update includes all suggestions and new targets (Win8.1 x64 and Win10 x64)
2018-12-05 14:53:10 +07:00
2735c71bda
Fixed typos, removed not working cleaning
2018-12-04 18:42:54 +01:00
55a9a12670
Land #10964 , add initial golang modules for enumerating owa/o365
2018-12-04 10:33:37 -06:00
40906e0b36
Add checks to post/linux/gather/enum_protections
2018-12-04 11:57:24 +00:00
b58342843b
Refactored check
2018-12-04 12:03:49 +01:00
c27c149a4d
Land #10947 , HPE Intelligent Management Center Java Deserialization RCE
2018-12-03 17:07:31 -06:00
0f82b207c4
hp_imc_java_deserialize: Repro steps for JSONSS ysoserial payload sections
2018-12-03 17:03:04 -06:00
3f930ff141
hp_imc_java_deserialize: Default WfsDelay to 10 seconds to increase reliability
2018-12-03 16:36:37 -06:00
ffb57387b4
Land #11049 , Add Emacs movemail local exploit
2018-12-03 12:43:56 -06:00
4242de3468
Refactor check method
2018-12-03 12:22:40 -06:00
df9c3da47e
Land #10842 , Add Windows Post Module to roll back Windows Defender signatures
...
Merge branch 'land-10842' into upstream-master
2018-12-03 10:57:38 -06:00
b11bcd92a4
Broken into 3 modules, addressed review comments
2018-12-03 10:25:21 -06:00
ab1bea1b22
Land #10798 , Cisco device manager update
2018-12-03 01:39:19 -06:00
58dde9ff33
Apply suggestions from code review
...
Co-Authored-By: defaultnamehere <defaultnamehere@users.noreply.github.com>
2018-12-03 18:39:07 +11:00
d0aca05c69
Add post/chrome/gather/cookies module
2018-12-03 16:07:50 +11:00
d1220bc170
Add Emacs movemail local exploit
2018-12-01 12:05:08 -06:00
8cece2cf54
Add Linux x86_64 IPv6 Inline Bind Shell
...
Implements inline x86_64 Linux bourne bind shell over IPv6.
2018-12-01 07:39:38 -06:00
a801d741c9
Remove old module
2018-11-30 17:28:54 -06:00
70031b6721
Shut up msftidy and document updates
2018-11-30 16:41:40 -06:00
3c992b7af1
Updated documentation and added options in the module to update or roll back
...
definitions
2018-11-30 16:25:33 -06:00
a41b9a77d8
Change the module name, fix cleanup, add documentation
2018-11-30 15:20:34 -06:00
5b926bcbcf
Addressed feedback
2018-11-30 13:18:02 -06:00
6225c04b99
Address review feedback, fix bugs
2018-11-30 11:36:39 -06:00
bd41895fc4
Removed "randomizer"
2018-11-30 09:44:14 -05:00
Qazeer
Qazeer
Brent Cook
Alex
Brendan Coles
bwatters
Shelby Pace
Mehmet İnce
Green-m
L
Quentin Kaiser
Tim W
Garvit Dewan
Jacob Robles
William Vu
Jeffrey Martin
asoto-r7
Wei Chen
Milton-Valencia
jdiog0
Pedro Ribeiro
Quentin Kaiser
LouDnl
Francesco Soncina
epi
Auxilus
Stephen Haywood
Julien Legras
Tod Beardsley
Berk Dusunur
Christopher Lee
Thomas Gregory
Moshe Kaplan