608e53ea89
Add documentation
2018-04-10 14:18:22 +00:00
d9dc2ec2f7
Merge branch 'master' into couchdb_cmd_exec
2018-04-08 23:35:04 -04:00
a473dd04a8
Land #9813 , Add etcd library and version scanner
2018-04-08 07:05:31 -04:00
6b1abba6c8
Added sluihijack module documentation
2018-04-08 12:03:11 +02:00
09bbbf82ba
Update oscommerce_installer_unauth_code_exec.md
2018-04-06 13:05:14 +01:00
f50b42ec52
Rename osCommerce.md to oscommerce_installer_unauth_code_exec.md
2018-04-06 11:32:38 +01:00
cb0e516ecd
Update osCommerce.md
2018-04-06 11:32:20 +01:00
bcef50b062
osCommerce Documentation
2018-04-05 20:26:44 +01:00
81c78a51c2
Land #9794 , Added support for regional dialects
2018-04-05 12:56:07 -05:00
0a3bcf570c
Add the scanner/smb/impacket/dcomexec module
2018-04-04 17:34:41 -04:00
b9dbf1a6f3
Fix formatting error in etcd open_key_scanner
2018-04-04 10:59:38 -07:00
c96bdf4ea1
Add etcd version scanner docs
2018-04-04 10:58:55 -07:00
1fa40bfe3b
Land #8539 , ProcessMaker Plugin Upload exploit
2018-04-03 20:52:17 -05:00
e17be05e6a
Land #9595 , Add post module RID Hijacking on Windows
2018-04-03 14:12:34 -05:00
1424019411
update docs
2018-04-03 13:52:02 -05:00
8f7d9f3ac8
rename module
2018-04-03 13:44:55 -05:00
bd80e9d0c5
documentation
2018-04-03 13:39:11 -05:00
8c2138f13b
Land #9742 , QNX exploit improvements
2018-04-03 07:50:29 -05:00
226ef160ff
Land #9748 , Convert the smbloris DoS into an external module
...
Help reliability and performance. This some Ruby-specific external module
tooling as a result as well.
2018-04-02 23:25:10 -05:00
cdcbd03b3c
Create apfs_encrypted_volume_passwd.md
2018-04-02 20:48:54 -04:00
288082e68d
Update documentation for get_user_spns.py
2018-04-02 12:15:13 -05:00
fa34f3e0a4
Land #9718 , Add get_user_spns 'kerberoasting' module
2018-04-02 10:04:44 -05:00
6a45e0299b
Add document of exploit module apache_couchdb_cmd_exec
2018-03-29 02:40:51 -04:00
a1e83ce835
Land #9760 , @h00die's etcd scanner
2018-03-28 10:41:22 -07:00
e01679d374
Use common path in etcd docs
2018-03-28 09:55:05 -07:00
e7f9d789eb
Add docker docs for etcd
2018-03-28 09:43:12 -07:00
a1fff486bc
Land #9666 , Add 2017-8917 RCE for Joomla 3.7.0
2018-03-28 11:08:38 -05:00
0fa63ae7b3
Update documentation and module
...
Included Super User in the documentation.
Implemented changes h00die suggested.
Modified sqli to generate strings used in regex.
2018-03-28 10:57:28 -05:00
c97743925f
jhart suggestions
2018-03-27 18:46:31 -04:00
94fd599756
Land #9684 , Adding ManageEngine Application Manager RCE
...
Land #9684
2018-03-27 15:17:20 -05:00
fb0d87163c
Update documentation for manageengine_appmanager_exec
2018-03-27 15:16:39 -05:00
0a0bef0c4f
Land #9633 , Exodus Wallet Remote Code Execution
...
Land #9633
2018-03-27 14:51:15 -05:00
a8914f2f9f
Land #9775 , module doc improvements to MS17-010
2018-03-27 14:38:20 -05:00
7e4e6e6437
Update ms17_010_{psexec,command} module docs
2018-03-27 14:32:21 -05:00
8c88c53e5d
Land #9670 , Gitstack v2.3.10 RCE
...
Land #9670
2018-03-27 13:00:47 -05:00
df49345f5d
Update gitstack_rce.md
2018-03-27 12:59:49 -05:00
e462cb49a2
updated docs
2018-03-25 14:53:30 -04:00
1371684df7
add linux mint to docs
2018-03-25 07:58:51 -04:00
80c4d59560
Land #9702 exploit for clipbucket
2018-03-24 19:59:17 -04:00
0028e2c5ba
documentation update
2018-03-24 19:25:59 -04:00
d5961f277e
Add documentation
2018-03-24 23:16:51 +00:00
e8d910ac08
spelling
2018-03-23 21:40:46 -04:00
200f8ae849
Merge branch 'master' of https://github.com/rapid7/metasploit-framework into cve201716995
2018-03-23 21:17:07 -04:00
6b0691a91a
cve-2017-16995
2018-03-23 21:09:56 -04:00
fdd2af2d2a
Update tested versions
2018-03-24 00:23:12 +00:00
5ece14b064
Convert SMBLoris to an external module
2018-03-23 14:55:18 -05:00
d192173792
Vulnerable application link update
2018-03-22 11:57:54 +00:00
6885f16e38
Add documentation
2018-03-22 06:27:13 +00:00
8d12118d1f
Add get_user_spns external module and documentation
2018-03-21 06:26:15 -05:00
ac9f506b45
Update tested versions
2018-03-20 02:49:56 +00:00
53eabfc1df
Update documentation and add check before exploit
2018-03-19 23:27:18 +03:00
0817e6b15f
Delete playsms_uploadcsv_exec.md
2018-03-18 13:57:04 +05:30
0e0fcdf727
PlaySMS 1.4 RCE
...
PlaySMS 1.4 Remote Code Execution using Phonebook import Function in import.php
2018-03-18 13:46:30 +05:30
44d5022380
Land #9529 , Add module for HP iLO CVE-2017-12542 authentication bypass
2018-03-16 16:50:54 -05:00
1b2f1ced02
Land #8422 , Typo3 News Module Sql Injection exploit
2018-03-15 10:55:04 -05:00
ba0d990273
Documentation added and Error Checks
2018-03-15 10:46:08 -05:00
177eca30e8
Usage instructions adjusted.
2018-03-15 12:39:22 +03:00
d736a6d2ec
updated juniper docs
2018-03-14 21:02:22 -04:00
b55a750fa9
Fix typo and couple tiny nitpicks
2018-03-14 11:51:21 +03:00
889c914b3d
Updating documentation and minor code changes
2018-03-13 12:05:27 +03:00
b7b09c5010
Documentation added.
2018-03-12 20:30:15 +03:00
d86dcbc237
Land #9632 , owa_login and auth_brute enhancements
2018-03-12 10:31:20 -05:00
9b0ba4a6fa
clipbucket_fileupload_exec
2018-03-12 14:17:13 +05:30
1fd0087a97
Land #7654 , varnish file read
2018-03-09 10:59:04 -06:00
37bf4d118a
Changes suggested by h00die 0803
2018-03-09 09:55:50 -05:00
ea78e21961
Documentation accuracy
2018-03-09 07:43:12 -06:00
2735ae57cb
Documentation accuracy
2018-03-09 07:31:55 -06:00
048d0d1fe4
Changes suggested by h00die
2018-03-08 20:13:01 -05:00
178fa16953
Grammar fix
2018-03-08 07:42:29 -06:00
24079c345d
Style guide and grammar fixes
2018-03-08 07:30:02 -06:00
611b208267
Adding ManageEngine Application Manager RCE
2018-03-07 23:54:01 +03:00
fb04fef3a5
added documentation.
2018-03-07 08:34:49 -08:00
81596b627d
added documentation.
2018-03-07 08:31:25 -08:00
15269ec3ce
Land #9678 , Add memcached UDP version scanner
2018-03-07 10:14:29 -06:00
86dd382e6a
Land #9554 , Eclipse Equinoxe OSGi console RCE
2018-03-07 08:41:31 -06:00
e8a227b1a6
Changes as requested by jhart-r7:
...
- Default Username / Password are now random
- Doc fixed
- REST typo fixed
2018-03-07 10:48:05 +01:00
7733662767
Add docs for memcached_udp_version
2018-03-06 18:12:40 -08:00
05a653b853
Add module documentation
2018-03-06 20:37:11 -05:00
d6871f5733
Land #9614 , Juniper post enum module
2018-03-06 10:29:56 -06:00
99799f1e98
Update doc
2018-03-05 13:40:37 -06:00
a4f48eb80f
Add GitStack v2.3.10 RCE
2018-03-05 13:25:41 -06:00
3028dccd7a
Land #9644 , @xistence's memcached stats amplification scanner
2018-03-05 09:02:28 -08:00
d454267ea5
update docs
2018-03-02 21:00:41 -05:00
dd2e15f959
Update doc a final time to appease the @h00die god
2018-03-02 19:40:11 -06:00
25f36fb926
Refactor code into new methods
2018-03-02 19:16:37 -06:00
c343c926cf
Add N300 version to module doc
2018-03-02 19:15:20 -06:00
0c0f00941b
Add note about directly connecting to telnetd
2018-03-02 19:15:20 -06:00
b6d563e2a3
Update doc regarding vprint
2018-03-02 19:15:19 -06:00
4b29df7ab3
Update doc for automatic targeting
2018-03-02 19:15:19 -06:00
86cd52ae4b
Update doc with real info
2018-03-02 19:15:18 -06:00
7505e0e831
updated docs
2018-03-02 19:15:18 -06:00
031b44baea
updated docs
2018-03-02 19:15:17 -06:00
a9caec5130
Add module doc
2018-03-02 19:15:17 -06:00
83430f858e
Add docs for memcached amplification scanner
2018-03-01 17:07:57 -08:00
2faa052bc0
Update Exodus Wallet Documentation
2018-02-28 10:15:54 +00:00
11881c1028
Exodus Documentation
2018-02-26 21:30:39 +00:00
0b22014306
Rename Doc
2018-02-26 06:09:15 -06:00
4e4aeb7b4d
Add GitStack v2.3.10 Unauth REST API Aux Module
2018-02-26 06:04:38 -06:00
023bf79097
Land #9310 docs for many aux scanners
2018-02-24 14:32:33 -05:00
c56d7967e7
finished cleanup
2018-02-24 14:31:52 -05:00
15a29a1994
finished up comments
2018-02-24 13:39:14 -05:00
aafd67d416
Adjust rid_hijack.md documentation file
2018-02-23 04:30:22 +01:00
c7bbc6eca4
juniper post enum module
2018-02-22 21:08:21 -05:00
5815b626d9
Dont save email addresses as valid
...
Also add module doc for owa_login module
2018-02-22 14:58:11 -06:00
d3851ed89c
Add rid_hijack module documentation.
2018-02-22 18:49:11 +01:00
4b8a8fa2b1
Land #9441 , Create exploit for AsusWRT LAN RCE
...
Merge branch 'land-9441' into upstream-master
2018-02-22 10:40:45 -06:00
a9d6845f25
Add module doc
2018-02-21 21:50:08 -06:00
bda7fefa7f
Land #9444 - `hsts_eraser` module and docs
2018-02-20 21:22:55 -06:00
b2cb4c425d
Land #9594 , CloudMe Sync v1.10.9 Buffer Overflow
2018-02-20 17:49:19 -06:00
a23240a742
Update Documentation
...
[ticket: #9594 ]
2018-02-20 17:48:21 -06:00
04882b0464
Fixed indentation
2018-02-20 22:00:36 +00:00
ff3b318abd
CloudMe Sync Client documentation
2018-02-20 21:56:31 +00:00
107a41a4ce
Land #9561 , Disk Savvy Enterprise v10.4.18 built-in server buffer overflow
2018-02-20 15:42:12 -06:00
ab6f6d75d2
Update Documentation
...
[ticket: #9561 ]
2018-02-20 15:37:40 -06:00
f89cebbd89
Add sploit doc
2018-02-20 19:35:10 +00:00
74c6e21f49
Lands #9504 , MagniComp SysInfo privilege escalation
2018-02-19 22:47:33 -06:00
663581fa10
Fix markdown ticks + references location.
2018-02-17 14:30:01 +01:00
a2d104313b
Add documentation file.
2018-02-17 12:31:54 +01:00
242f2d3117
Land #9512 , Add Claymore Dual GPU Miner<= 10.5 DoS module
2018-02-16 10:46:48 -06:00
b533ec6019
Land #9509 , Ulterius Server < v1.9.5.0 Directory Traversal
...
Land #9509
2018-02-15 16:34:31 -06:00
949b474a0a
Avoid target_uri.path
...
It doesn't look like target_uri.path is suitable for this scenario,
because it causes our input to be modified and hard to use.
2018-02-15 16:31:09 -06:00
630e9dd0de
Verification steps update
2018-02-14 20:40:32 +00:00
07763ccd6a
Disk Savvy Server Buffer Overflow Documentation
2018-02-14 20:35:03 +00:00
fe46f635db
Changes as requested by bcoles
2018-02-13 10:54:42 +01:00
285b329ee1
Land #9422 abrt race condition priv esc on linux
2018-02-11 11:58:39 -05:00
add7ae8fa1
Land #9536 , Add Ubuntu notes to documentation
2018-02-11 07:27:00 -06:00
321b78b0fe
Land #9408 , Add Juju-run Agent Privilege Escalation module (CVE-2017-9232)
2018-02-11 07:19:49 -06:00
4e5cbd68b9
Add Ubuntu notes to documentation
2018-02-11 06:52:36 +00:00
4b6362a37d
Minor doc tweaks.
2018-02-10 16:14:14 -06:00
1177efef89
Update tested versions
2018-02-10 16:32:20 +00:00
38252e4384
success against x64
2018-02-10 07:17:15 -05:00
9e11632608
Add documentation
2018-02-09 16:15:04 -05:00
cb1b59545b
Land #9469 linux local exploit for glibc ld audit
2018-02-09 14:00:42 -05:00
c642d420c2
Land #9489 , Add scanner for the Bleichenbacker oracle (AKA: ROBOT)
2018-02-08 12:55:02 -06:00
ca4ad1d0c4
Land #9478 , Improve Dup Scout BOF exploit
2018-02-07 23:51:14 -06:00
ab0d18669e
Doc Changes
2018-02-07 19:26:39 -06:00
e53500f397
Fixed Headings
2018-02-07 08:11:58 -06:00
1de8ec1073
Implemented Suggested Changes
...
Updated documentation headings and function/filename formatting.
Updated module options and formatting. Added check for file to parse.
2018-02-07 08:01:54 -06:00
7cbf89f055
Add documentation
2018-02-07 13:17:54 +00:00
8168e881b3
Add documentation
2018-02-07 07:49:21 +00:00
278e9a92fc
add module and documentation
2018-02-06 20:30:34 +08:00
1e9e9c9be0
Ulterius Server < v1.9.5.0 Directory Traversal
...
Adds documentation and module for Ulterius Server
directory traversal vulnerability.
2018-02-05 22:50:09 -06:00
ce6e85f64f
Add documentation
2018-02-05 13:48:41 +00:00
696817215b
Update tested versions
2018-02-05 04:48:52 +00:00
e5b490c1c0
Remove weird sentence in cve_2017_8464_lnk_rce
2018-02-04 12:57:56 -05:00
638d6ce33d
Add documentation
2018-02-04 04:47:46 +00:00
bde2884e11
Fixes from review
2018-02-03 11:23:58 -05:00
75d2b33f2e
Add intro header to ms17_010_command
2018-02-02 20:47:29 -05:00
250a2beff7
Make options a bullet list in archmigrate
2018-02-02 20:46:07 -05:00
9e11b0629f
Fix examples section in run_as_psh
2018-02-02 20:44:46 -05:00
3733365955
Add options section to archmigrate
...
- Also make verification steps code instead of surrounded in quotes
2018-02-02 20:43:22 -05:00
3a764b174a
Remove unnecessary HRs in hashdump
2018-02-02 20:39:47 -05:00
fb0456df01
Add intro header
2018-02-02 20:38:10 -05:00
df976cf2b0
Add intro header to ad_to_sqlite
2018-02-02 20:37:29 -05:00
dff7fccc02
Fix ugly header in aws_create_iam_user
2018-02-02 20:36:31 -05:00
31f69b306b
Add description to sshkey_persistence
...
- Also make options headers to be more consistent with module options
2018-02-02 20:35:06 -05:00
664411786c
Fix a few things in getvinfo
...
- Add intro header
- Change up first sentence for clarity
- Fix `CLEAR_DTCS` header
2018-02-02 20:30:40 -05:00
c9d41f215d
Update allwinner_backdoor.md
2018-02-02 20:26:42 -05:00
d3084638fa
Update netgear_r7000_cgibin_exec docs
...
- Add 'Introduction' header
- Make module name in intro into code (easier to read)
2018-02-02 20:23:43 -05:00
6f086e9110
Fix broken link
2018-02-02 20:08:38 -05:00
51e098da35
Add scanner for Bleichenbacher oracle (ROBOT)
2018-02-02 16:29:07 -06:00
be01da2861
Add clarification to score range
...
- Also add an introduction header
2018-02-02 15:06:42 -05:00
1fb7c21cb7
Add length clarification to censys_search
2018-02-02 14:51:09 -05:00
b51ecda9d6
Fix CUSTOMTEMPLATE option format
2018-02-02 14:27:09 -05:00
a65604b09d
Add introduction header to web_delivery
2018-02-02 14:19:25 -05:00
2d8a249a56
Add intro header to office_ms17_11882
2018-02-02 14:12:36 -05:00
a7e9772e25
A few fixes for office_word_hta
...
- Add introduction header
- Fix `Vulnerable Application` header and make it plural (multiple apps)
- Remove unnecessary console line for example
2018-02-02 14:11:05 -05:00
daedf2a089
Fix word choice in cve_2017_8464_lnk_rce
...
- Also remove an unnecessary example step
2018-02-02 14:06:03 -05:00
0739fab092
Clarify testing environments for hp_dataprotector
2018-02-02 14:03:01 -05:00
acf7f7747d
Fix double backslashes in panda_psevents
2018-02-02 13:32:55 -05:00
67682bd243
Make webdav.md look a little better
2018-02-02 13:31:30 -05:00
d4c70a3beb
Fix md header in bypassuac_fodhelper
2018-02-02 13:28:47 -05:00
3de576a0df
Fix md header in vxsrchs_bof doc
2018-02-02 13:24:35 -05:00
9dde5ebf92
Update eternalblue docs
...
- Add a reference for OS protection rings
- Uncomment some windows versions
- Fix a word choice issue
2018-02-02 13:21:43 -05:00
c9473f8cbc
Land #9473 , new MS17-010 aux and exploit modules
2018-02-01 23:56:29 -06:00
7cb0a118c1
Land #9399 a linux priv esc against apport and abrt
2018-02-01 21:54:54 -05:00
3c21eb8111
Update documentation
2018-02-02 02:27:13 +00:00
559b592394
Corrected Documentation
2018-02-01 13:17:02 -06:00
bc18389284
Updated Document and Module
...
Update the documentation based on analysis of the vulnerability.
Slight modifications to the exploit module as well to reduce the
size of the generated file and reduce bad characters.
2018-02-01 10:05:50 -06:00
0d80ca6f79
Change documentation extension from rb to md
2018-01-31 23:26:30 +00:00
beb4d56f7d
Land #9354 , Debut embedded httpd server (Brother printers) DoS
2018-01-31 17:03:13 -06:00
8be2b1f59e
Land # 9407, Add BMC Server Automation RSCD Agent RCE exploit module
...
Merge branch 'land-9407' into upstream-master
2018-01-31 13:35:29 -06:00
92915ebb69
Update ms17_010_command.md
2018-01-29 11:17:44 -07:00
d4a0372238
Land #9457 , Dup Scout Enterprise v10.4.16 - Import Command Buffer Overflow
2018-01-29 11:40:54 -06:00
5529bc10b3
fix docs
2018-01-29 10:20:57 -07:00
8627f6b834
added docs
2018-01-29 01:34:25 -07:00
23f4bf1583
Add documentation
2018-01-27 03:15:06 +00:00
c390696ddf
Land #9379 , Oracle Weblogic RCE exploit and documentation
2018-01-25 21:47:18 -06:00
4be0e7f9ef
final fixes for brother debut dos
2018-01-24 20:53:08 -05:00
c1ff0c1e00
Dup Scout XML documentation
2018-01-24 20:47:02 +00:00
7b01785347
Add documentation to pull request
...
Added credit to @asoto-r7 for the documentation
2018-01-24 14:36:16 -05:00
eb572a3ef5
Land #8632 , colorado ftp fixes
2018-01-23 17:45:07 -06:00
a27cfeaea9
Land #9416 , Sync Breeze Enterprise 9.5.16 Import Command buffer overflow
...
Merge branch 'land-9416' into upstream-master
2018-01-23 16:35:51 -06:00
d81d50b491
Land #9430 , Improve Hyper-V checkvm checks
2018-01-23 15:22:12 -06:00
8eb6df41e3
Land #9205 , Documentation for Kaltura <= 13.1.0 RCE (CVE-2017-14143)
...
Merge branch 'land-9205' into upstream-master
2018-01-23 12:45:59 -06:00
04806bc84a
Updates to documentation per h00die
2018-01-23 12:44:39 -06:00
c13e02431d
updated
2018-01-23 06:19:44 -05:00
a15856450a
updated
2018-01-23 05:48:19 -05:00
2110cbe466
updated
2018-01-23 05:38:24 -05:00
61433c6d55
updated
2018-01-23 05:05:48 -05:00
aae77fc1a4
Land #9349 , GoAhead LD_PRELOAD CGI Module
2018-01-22 23:10:36 -06:00
7175468ff7
local to remote
2018-01-21 10:00:31 -05:00
7ee77a27a6
Land #9389 , Update commvault_cmd_exec module documentation
2018-01-18 11:05:51 -06:00
b6ea95c417
Add documentation
2018-01-18 12:42:44 +00:00
fff1c16517
Created checkvm documentation
2018-01-17 16:23:18 -06:00
5fef8b43f6
Update and rename syncbreeze_xml.rb to syncbreeze_xml.md
2018-01-16 06:07:15 +00:00
593813cdef
Fix small grammar issues in ms08_067 and ms17_010
...
Also includes very small changes to improve punctuation consistency
within CONTRIBUTING.md
2018-01-15 19:32:44 -08:00
ac724926db
Sync Breeze Import Command BOF Doc
2018-01-15 20:45:34 +00:00
333ee893d3
Tidied up platform detection, check method, and minor typos.
2018-01-14 18:28:40 +00:00
736d438813
Address second round of feedback
...
Brain fart on guard clauses when I've been using them all this time...
Updating the conditions made the ternary fall out of favor.
Changed some wording in the doc to suggest the domain name for a
particular NIS server may be different from the bootparamd client's
configuration.
2018-01-13 22:55:01 -06:00
6568d29b67
Add BMC Server Automation RSCD Agent RCE exploit module.
2018-01-14 01:12:55 +00:00
c080329ee6
Update module after feedback
...
Looks like I can't decide on certain style preferences.
Not keen on using blank?, but I've used it before. Time to commit?
Also, fail_with has been fixed for aux and post since #8643 . Use it!
2018-01-13 15:40:11 -06:00
ff1c85552b
Add module doc
2018-01-12 19:34:59 -06:00
e6c4fb1dab
Land #9269 , Add a new target for Sync Breeze Enterprise GET BoF
...
Land #9269
2018-01-11 16:54:23 -06:00
f395e07fc6
Land #9269 , add new target for Sync Breeze Enterprise GET BoF
...
Land #9269
2018-01-11 16:53:02 -06:00
4b225c30fd
Land #9368 , ye olde NIS ypserv map dumper
2018-01-10 22:02:36 -06:00
f5210ed6d6
Update module doc with missing options
2018-01-10 20:18:50 -06:00
6510ee53bc
Land #9204 , Add exploit for Samsung SRN-1670D (CVE-2017-16524)
...
Land #9204
2018-01-10 20:15:29 -06:00
18c179a091
Update module and add documentation
...
This updates the module to pass:
* msftidy
* Ruby style guidelines
* Proper usage of Metasploit API
* Mostly other cosmetic fixes
A documentation is also added.
2018-01-10 20:13:42 -06:00
7e2c7837e5
Land #9325 , Add CVE-2017-6090 phpCollab 2.5.1 file upload exploit module
...
Land #9325
2018-01-10 17:39:50 -06:00
b1f3f471f3
Update phpcollab_upload_exec code (also module documentation)
2018-01-10 17:38:52 -06:00
8d77f35b16
Land #9373 , Add LabF nfsAxe FTP Client 3.7 Stack Buffer Overflow
...
Land #9373
2018-01-09 22:40:50 -06:00
25280e3319
Update labf_nfsaxe and module documentation
2018-01-09 22:39:40 -06:00
777e383568
Land #9377 , Add HPE iMC dbman RestoreDBase Unauthenticated RCE exploit
...
Land #9377
2018-01-09 13:56:53 -06:00
a0c9cdd73d
Land #9376 , Add HPE iMC dbman RestartDB Unauthenticated RCE exploit
...
Land #9376
2018-01-09 13:28:03 -06:00
b06db60a56
Fix typos
2018-01-09 11:20:02 -06:00
7b6a8af387
Update commvault_cmd_exec module documentation
2018-01-08 15:42:01 -06:00
bbad416a86
Add module doc to appease the @h00die god
2018-01-08 15:02:39 -06:00
d138f1508c
Land #9340 , Add exploit for Commvault Remote Command Injection
...
Land #9340
2018-01-07 12:17:26 -06:00
a1a594d1f8
Add documentation
2018-01-06 05:09:24 +00:00
9ec17bdd54
Add documentation
2018-01-06 05:08:33 +00:00
160f960f78
Add files via upload
2018-01-04 20:25:41 +00:00
65f444ddcc
land #9362 exploit for pfsense graph injection
2018-01-04 14:35:52 -05:00
520e890520
Land #8581 , VMware Workstation ALSA Config File Local Privilege Escalation
2018-01-03 21:35:57 -06:00
b8dde2e650
Land #9360 , Ayukov NFTP FTP client buffer overflow vulnerability
...
Land #9360
2018-01-03 20:56:12 -06:00
04cf3017c0
Update ayukov_nftp exploit and module documentation
2018-01-03 20:52:57 -06:00
c3f10c1d57
Land #9336 , Linksys WVBR0-25 exploit
2018-01-03 18:13:44 -06:00
589de0483b
Clarification in product linkage and small syntax fixup in repro steps
2018-01-03 17:00:26 -06:00
a5fa63405f
Land #9206 , Add Xplico RCE exploit module
2018-01-03 16:02:51 -06:00
3b0f0aa358
Adding doc file for module linksys_wvbr0_user_agent_exec_noauth
2018-01-02 14:54:18 -06:00
8f0e41e159
requested changes
2018-01-01 17:30:43 -06:00
bc088cb379
added md
2018-01-01 05:46:04 -06:00
76d345039d
Create ayukov_nftp.md
2017-12-31 15:42:32 +00:00
54159c29eb
Add documentation line from h00die
2017-12-29 16:14:28 -06:00
3516305517
land #9191 an exploit against HP LoadRunner magentproc
2017-12-29 16:35:43 -05:00
b698095c49
slight updates to magentproc docs
2017-12-29 16:30:32 -05:00
bb97467b31
docs for auxiliary/scanner/http/directadmin_login
2017-12-29 14:43:20 -06:00
67c2119736
oh brother
2017-12-29 14:16:34 -05:00
b43c6078a1
updated
2017-12-28 18:24:57 -05:00
1a7850bd51
updated
2017-12-28 18:21:55 -05:00
2672550c62
deprecated
2017-12-28 18:19:04 -05:00
53fc25560e
updated
2017-12-28 18:13:41 -05:00
d3fdc539b7
updated
2017-12-28 18:09:27 -05:00
6736b125f6
updated
2017-12-28 18:08:28 -05:00
398fe3c8e8
updated
2017-12-28 18:07:04 -05:00
59940feacc
corrected grammatical error
2017-12-28 17:55:04 -05:00
339c7b3bc2
Updated
2017-12-28 17:53:02 -05:00
eb696ee5cf
Documentation update
2017-12-28 16:30:04 -06:00
5e71be7772
add ard_root_pw documentation
2017-12-28 14:37:25 -06:00
b86fd551a3
Add a WIP of the module documentation
2017-12-28 14:00:03 -06:00
ae17943d4c
fix documentation preformat blocks
2017-12-27 22:32:26 -06:00
bbed7db13c
Merge branch 'upstream-master' into feature/mqtt-login
2017-12-27 13:08:44 -08:00
e6de25d63b
Land #9316 Cambium modules and mixins, tx @juushya
...
These cover several of the CVEs mentioned in
https://blog.rapid7.com/2017/12/19/r7-2017-25-cambium-epmp-and-cnpilot-multiple-vulnerabilities/
2017-12-26 12:39:51 -06:00
7aa296577e
Added readme
2017-12-22 14:34:35 -05:00
d4bc98c13f
Merge branch 'upstream-master' into feature/mqtt-login
2017-12-22 08:07:40 -08:00
caae33b417
Land #9170 , Linux UDF for mysql_udf_payload
2017-12-21 20:48:24 -06:00
917e9aa328
Doc READ_TIMEOUT
2017-12-20 19:10:49 -08:00
962bc71d10
Merge branch 'feature/mqtt' into feature/mqtt-login
2017-12-20 18:58:36 -08:00
9c0df54f36
syntax
2017-12-20 18:54:09 -08:00
fa1536209a
syntax
2017-12-20 18:52:34 -08:00
508253eadc
More docs
2017-12-20 18:51:44 -08:00
0f72ce1ee5
Add WIP documentation for auxiliary/scanner/mqtt/connect
2017-12-20 18:45:10 -08:00
86ce3c8781
Made suggested changes and added documentation
2017-12-20 15:54:16 -05:00
a8b845fff9
Land #9283 , Add node.js ws websocket library DoS module
2017-12-20 14:20:42 -06:00
8c1f1696af
Kill trailing whitespace in docs
2017-12-18 17:35:49 -06:00
4aa480d655
Land #9311 , docs for #9180
2017-12-18 17:34:55 -06:00
c2b8d23854
Kill trailing whitespace
2017-12-18 16:56:09 -06:00
65da14c165
Adding docs for modules
2017-12-18 16:47:43 -06:00
a33ed82a40
Land #9214 , @realoriginal's update to the Cisco SMI scanner to also fetch Cisco IOS configs
2017-12-18 12:22:26 -08:00
369d74cdb2
Updating documentation
...
Added a missing backtick
2017-12-18 10:34:00 -05:00
76823e9fe6
Land #9183 , Jenkins Groovy XStream RCE
2017-12-18 03:38:27 -06:00
880a1d4283
Land #9312 , Module acting as a Pyrotechnical Device Deployment Tool (PDT) for Hardware Bridge
2017-12-17 18:32:28 -06:00
8344401484
Add docs, minor tweaks.
2017-12-17 18:15:49 -06:00
95e2f1da95
Update samsung_browser_sop_bypass.md
2017-12-17 11:02:24 +05:30
53a098a7f3
Update samsung_browser_sop_bypass.md
2017-12-16 22:46:29 +05:30
6b54fe6775
Create samsung_browser_sop_bypass.md
2017-12-16 22:26:08 +05:30
c6a2ae2551
Land #9248 , Add wd_mycloud_multiupload_upload exploit
2017-12-13 18:51:02 -06:00
c0a534140d
Land #9284 a regex dos for ua_parser_js npm module
2017-12-13 19:31:49 -05:00
544e4e3d0b
fix md formatting
2017-12-13 19:30:50 -05:00
dd5532c5de
Addressing Formatting Issues
...
There were several formatting and layout issues
that are fixed in this commit. Also changing
`RHOSTS` to `RHOST`.
2017-12-13 14:26:27 -06:00
b99663fb6c
Bring #9282 up to date with upstream-master
2017-12-13 13:16:30 -06:00
37514eec17
Land #9234 , Add exploit for ClickJacking vuln for pfSense
...
Land #9234
2017-12-12 14:56:21 -06:00
6149f51273
Land #9256 , Add aux module to discover WSDD enabled devices
...
Land #9256
2017-12-12 11:55:42 -06:00
d79b0ad981
Land #9286 , Advantech WebAccess webvrpcs BOF RCE
2017-12-12 00:25:56 -05:00
7f93cca446
Land #9288 , Add Dup Scout Enterprise login buffer overflow
2017-12-11 17:12:20 -06:00
2d23054a1f
Changes as per comments
...
A few things were changed as per the PR comments:
1) The module title was reworded
2) The module description was multi-lined
3) Negative logic was rewritten to use 'unless'
4) Strings which did not require interpolation were rewritten
5) Documentation markdown was added.
2017-12-11 14:11:40 -06:00
da9e2a981a
added auxiliary/scanner/dcerpc/tcp_dcerpc_auditor.md
2017-12-11 12:48:32 -05:00
10cf5557c2
added auxiliary/scanner/dcerpc/management.md
2017-12-11 12:45:20 -05:00
02e9b4cd6b
added auxiliary/scanner/dcerpc/hidden.md
2017-12-11 12:38:46 -05:00
f8977ed72c
added some fixes
2017-12-11 11:34:17 -06:00
Brendan Coles
Green-m
h00die
gushmazuko
Daniel Teixeira
Brent Cook
Spencer McIntyre
Jon Hart
Chris Higgins
bwatters-r7
Carter Brainerd (thecarterb)
Jacob Robles
Wei Chen
William Vu
Adam Cammack
Mehmet İnce
Touhid M Shaikh
Ege Balcı
Luis Hernandez
Kirk Swidowski
Fab
r4wd3r
James Barnett
Aaron Soto
Pedro Ribeiro
Quentin Kaiser
Pearce Barry
bluebird
zerosum0x0
zerosum0x0
Kevin Kirsche
Vishal Gupta
Brady Sullivan
Nicky Bloor
headlesszeke
dmohanty-r7
wetw0rk
HD Moore
Jeffrey Martin
Tod Beardsley
b0yd
Nick Marcoccio
Ryan Knell
RootUp
Nicholas Starke
Matthew Kienow
mr_me