wchen-r7
1289ec8863
authors
2015-07-11 01:38:21 -05:00
wchen-r7
6eabe5d48c
Update description
2015-07-11 01:36:26 -05:00
wchen-r7
54fc712131
Update Win 8.1 checks
2015-07-11 01:33:23 -05:00
jvazquez-r7
6f0b9896e1
Update description
2015-07-11 00:56:18 -05:00
jvazquez-r7
115549ca75
Delete old check
2015-07-11 00:42:59 -05:00
jvazquez-r7
63005a3b92
Add module for flash CVE-2015-5122
...
* Just a fast port for the exploit leaked
* Just tested on win7sp1 / IE11
2015-07-11 00:28:55 -05:00
jvazquez-r7
5a045677bc
Add waiting message
2015-07-10 18:48:46 -05:00
jvazquez-r7
8d52c265d9
Delete wfsdelay
2015-07-10 18:46:27 -05:00
jvazquez-r7
63e91fa50f
Add reference
2015-07-10 18:46:06 -05:00
jvazquez-r7
677cd97cc2
Update information
2015-07-10 18:39:11 -05:00
jvazquez-r7
6c6a778218
Modify arkeia_agent_exec title
2015-07-10 18:38:25 -05:00
jvazquez-r7
4995728459
Modify arkeia_agent_exec ranking
2015-07-10 18:37:24 -05:00
jvazquez-r7
858f63cdbf
Land #5693 , @xistence VNC Keyboard EXEC module
2015-07-10 18:35:44 -05:00
jvazquez-r7
1326a26be5
Do code cleanup
2015-07-10 18:35:13 -05:00
jvazquez-r7
917282a1f1
Fix ranking
2015-07-10 17:49:15 -05:00
jvazquez-r7
e063e26627
Land #5689 , @xistence's module for Western Digital Arkeia command injection
2015-07-10 17:11:35 -05:00
jvazquez-r7
bdd8b56336
fix comment
2015-07-10 16:28:20 -05:00
jvazquez-r7
95ae7d8cae
Fix length limitation
2015-07-10 16:24:49 -05:00
Mo Sadek
3347b90db7
Land #5676 , print_status with ms14_064
2015-07-10 14:40:49 -05:00
jvazquez-r7
29a497a616
Read header as 6 bytes
2015-07-10 14:25:57 -05:00
jvazquez-r7
bed3257a3f
Change default HTTP_DELAY
2015-07-10 12:50:26 -05:00
jvazquez-r7
c9d2ab58d3
Use HttpServer::HTML
...
* And make the exploit Aggressive
2015-07-10 12:48:21 -05:00
jvazquez-r7
e1192c75a9
Fix network communication on `communicate`
...
* Some protocol handling just to not read amounts of data blindly
2015-07-10 11:57:48 -05:00
Tod Beardsley
9206df077f
Land #5694 , R7-2015-08
2015-07-10 11:42:57 -05:00
jvazquez-r7
9ba515f185
Fix network communication on `check`
...
* Some protocol handling just to not read amounts of data blindly
2015-07-10 11:32:49 -05:00
jvazquez-r7
c70be64517
Fix version check
2015-07-10 10:57:55 -05:00
jvazquez-r7
34a6984c1d
Fix variable name
2015-07-10 10:44:38 -05:00
jvazquez-r7
2c7cc83e38
Use single quotes
2015-07-10 10:34:47 -05:00
jvazquez-r7
f66cf91676
Fix metadata
2015-07-10 10:33:02 -05:00
xistence
b916a9d267
VNC Keyboard Exec
2015-07-10 14:08:32 +07:00
xistence
52d41c8309
Western Digital Arkeia 'ARKFS_EXEC_CMD' <= v11.0.12 Remote Code Execution
2015-07-10 09:51:28 +07:00
Michael Messner
d7beb1a685
feedback included
2015-07-09 08:31:11 +02:00
HD Moore
25e0f888dd
Initial commit of R7-2015-08 coverage
2015-07-08 13:42:11 -05:00
wchen-r7
a3ec56c4cb
Do it in on_request_exploit because it's too specific
2015-07-08 12:32:38 -05:00
wchen-r7
cefbdbb8d3
Avoid unreliable targets
...
If we can't garantee GreatRanking on specific targets, avoid them.
2015-07-08 12:12:53 -05:00
wchen-r7
6a33807d80
No Chrome for now
2015-07-07 15:56:58 -05:00
jvazquez-r7
f8b668e894
Update ranking and References
2015-07-07 15:43:02 -05:00
Tod Beardsley
116c3f0be1
Add CVE as a real ref, too
2015-07-07 14:46:44 -05:00
Tod Beardsley
3d630de353
Replace with a real CVE number
2015-07-07 14:44:12 -05:00
wchen-r7
fdb715c9dd
Merge branch 'upstream-master' into bapv2
2015-07-07 13:45:39 -05:00
jvazquez-r7
829b08b2bf
Complete authors list
2015-07-07 12:49:54 -05:00
wchen-r7
49effdf3d1
Update description
2015-07-07 12:46:02 -05:00
wchen-r7
d885420aff
This changes the version requirement for adobe_flash_hacking_team_uaf.rb
...
Because it works for Win 8.1 + IE11 too
2015-07-07 12:42:56 -05:00
wchen-r7
d30688b116
Add more requirement info
2015-07-07 12:33:47 -05:00
jvazquez-r7
d9aacf2d41
Add module for hacking team flash exploit
2015-07-07 11:19:48 -05:00
wchen-r7
c37b60de7b
Do some print_status with ms14_064
2015-07-07 00:57:37 -05:00
Michael Messner
5b6ceff339
mime message
2015-07-06 15:00:12 +02:00
HD Moore
43d47ad83e
Port BAPv2 to Auxiliary
2015-07-02 15:29:24 -05:00
William Vu
8892cbdd10
Fix some minor things
2015-07-02 14:32:16 -05:00
Tod Beardsley
95f19e6f1f
Minor description edits for clarity
...
Edited modules/exploits/multi/browser/adobe_flash_nellymoser_bof.rb
first landed in #5642 , Adobe Flash CVE-2015-3113 Nellymoser Audio
Decoding BOF
Edited modules/post/windows/gather/credentials/enum_laps.rb first landed
in #5590 , @Meatballs1 adds MS LAPS Enum post mod
Edited modules/post/windows/gather/enum_ad_bitlocker.rb first landed in
Keys from AD
2015-07-02 13:51:37 -05:00
HD Moore
87e6325737
Revert BAPv2 changes to framework/libraries/handlers
2015-07-02 12:10:21 -05:00
wchen-r7
2957924c78
Merge branch 'upstream-master' into bapv2
2015-07-02 01:46:31 -05:00
jvazquez-r7
3b9ba189f7
Add CVE-2015-3043 information
2015-07-01 19:56:35 -05:00
wchen-r7
8051a99f4a
Merge branch 'upstream-master' into bapv2
2015-07-01 18:45:42 -05:00
wchen-r7
32d5e7f3de
Land #5642 , Adobe Flash CVE-2015-3113 Nellymoser Audio Decoding BOF
2015-07-01 18:44:38 -05:00
wchen-r7
93c74efb97
Add Ubuntu as a tested target
2015-07-01 18:43:22 -05:00
jvazquez-r7
ee118aa89d
Fix description
2015-07-01 13:30:22 -05:00
jvazquez-r7
1de94a6865
Add module for CVE-2015-3113
2015-07-01 13:13:57 -05:00
William Vu
3632cc44c5
Fix nil error when target not found
2015-06-30 11:48:41 -05:00
wchen-r7
7aeb9e555b
Change ranking and support CAMPAIGN_ID
2015-06-29 12:13:46 -05:00
wchen-r7
9bd920b169
Merge branch 'upstream-master' into bapv2
2015-06-27 12:19:55 -05:00
William Vu
326bec0a1f
Land #5581 , s/shell_command_token/cmd_exec/
2015-06-26 16:59:40 -05:00
jvazquez-r7
a10fa02b00
Land #5606 , @wchen-r7's glassfish fixes
2015-06-26 14:12:50 -05:00
wchen-r7
3b5e2a0c6e
Use TARGETURI
2015-06-26 14:02:17 -05:00
wchen-r7
b46e1be22f
Land #5371 , Add file checking to the on_new_session cleanup
2015-06-26 13:33:57 -05:00
Tod Beardsley
31eedbcfa0
Minor cleanups on recent modules
...
Edited modules/auxiliary/scanner/http/ms15_034_http_sys_memory_dump.rb
first landed in #5577 , MS15-034 HTTP.SYS Information Disclosure
Edited modules/exploits/multi/browser/adobe_flash_shader_drawing_fill.rb
first landed in #5605 , CVE-2015-3105 flash exploit
Edited modules/exploits/multi/browser/adobe_flash_shader_job_overflow.rb
first landed in #5559 , Adobe Flash Player ShaderJob Buffer Overflow
Edited modules/auxiliary/test/report_auth_info.rb first landed in #5540 ,
@wchen-r7's changes for multiple auxiliary modules to use the new cred
API
2015-06-26 12:18:33 -05:00
jvazquez-r7
7ccc86d338
Use cmd_exec
2015-06-26 11:54:19 -05:00
jvazquez-r7
31b7ef49d6
Solve conficts
2015-06-26 11:36:17 -05:00
wchen-r7
c70e38a14e
Do more reporting
2015-06-25 22:39:56 -05:00
wchen-r7
5ef4cc2bb4
Save creds
2015-06-25 17:10:20 -05:00
wchen-r7
1a371b11b0
Update description
2015-06-25 17:04:31 -05:00
jvazquez-r7
ee0377ca16
Add module for CVE-2015-3105
2015-06-25 13:35:01 -05:00
wchen-r7
c330d10403
Make SSL as a basic option
...
Also:
Fix #5558
2015-06-25 02:06:51 -05:00
wchen-r7
5c98da05fb
This works for Glassfish 4.0 & 9.1
2015-06-25 01:58:24 -05:00
wchen-r7
c826785ebb
Fix auth bypass
2015-06-24 19:49:04 -05:00
wchen-r7
8e4fa80728
This looks good so far
2015-06-24 19:30:02 -05:00
Spencer McIntyre
2206a6af73
Support older targets x86 for MS15-051
2015-06-25 09:33:15 +10:00
William Vu
a149fb5710
Land #5554 , @g0tmi1k's persistence improvements
...
age aborts
age aborts
2015-06-24 14:37:25 -05:00
William Vu
e7e8135acd
Clean up module
2015-06-24 14:35:10 -05:00
Michael Messner
c8dddbff70
server header
2015-06-24 21:32:01 +02:00
wchen-r7
380af29482
Progress?
2015-06-24 14:17:45 -05:00
Michael Messner
8bc012a665
echo stager via upload vulnerability
2015-06-23 23:09:08 +02:00
wchen-r7
6046994138
version does not return nil
2015-06-23 10:31:01 -05:00
wchen-r7
dedfca163d
Change check()
2015-06-22 15:05:12 -05:00
jvazquez-r7
784be06b6f
Update nmap
...
* Use cmd_exec
2015-06-22 14:20:02 -05:00
jvazquez-r7
d98d2ffd4d
Update setuid_viscosity
...
* Use cmd_exec
2015-06-22 14:04:04 -05:00
jvazquez-r7
60bdc10aed
Update setuid_tunnelblick
...
* Use cmd_exec
2015-06-22 13:57:33 -05:00
jvazquez-r7
6a00ce62de
Update persistence module
...
* Delete unused method
2015-06-22 12:25:00 -05:00
OJ
3686accadd
Merge branch 'upstream/master' into cve-2015-1701
2015-06-22 07:52:17 +10:00
Spencer McIntyre
efece12b40
Minor clean ups for ruby strings and check method
2015-06-21 16:07:44 -04:00
Pedro Ribeiro
ea49fd2fdc
Update sysaid_rdslogs_fle_upload.rb
2015-06-20 16:59:28 +01:00
Pedro Ribeiro
3181d76e63
Update sysaid_auth_file_upload.rb
2015-06-20 16:53:33 +01:00
Michael Messner
d8e11789ea
cmd_interact - first try
2015-06-20 07:59:25 +02:00
jvazquez-r7
74bc9f7a91
Land #5529 , @omarix's Windows 2003 SP1 & SP2 French targets for MS08-067
2015-06-19 16:57:07 -05:00
jvazquez-r7
61ad4ada7d
Delete commas
2015-06-19 16:03:16 -05:00
wchen-r7
9da99a8265
Merge branch 'upstream-master' into bapv2
2015-06-19 11:36:27 -05:00
William Vu
2587595a92
Land #5556 , vprint_status fix
2015-06-19 11:24:54 -05:00
William Vu
b994801172
Revert auto tab replacement
2015-06-19 11:22:40 -05:00
jvazquez-r7
6ec8488929
Land #5560 , @wchen-r7 Changes ExcellentRanking to GoodRanking for MS14-064
2015-06-19 11:15:41 -05:00
wchen-r7
15985e8b4f
Land #5559 , Adobe Flash Player ShaderJob Buffer Overflow
2015-06-19 10:38:05 -05:00