5ec3da843e
Land #9349 , GoAhead LD_PRELOAD CGI Module
2018-01-24 17:12:47 -06:00
294a8e0ada
Land #9413 , Expand the number of class names searched when checking for an exploitable JMX server
2018-01-24 17:12:43 -06:00
bb73d2c07e
Land #9431 , Fix owa_login to handle inserting credentials for a hostname
2018-01-24 17:12:39 -06:00
47682e3f37
Land #9404 , update module author
2018-01-24 17:12:34 -06:00
ab610f599b
Land #9442 , Remove NoMethod Rescue for cerberus_sftp_enumusers
...
Land #9442
2018-01-24 17:12:25 -06:00
10fafb62bb
Land #9436 - Fix cerberus_sftp_enumusers undefined method start for nil
...
Land #9436
Thanks Steve!
2018-01-24 17:12:16 -06:00
512192d3b0
Land #9267 , Add targets to sshexec
2018-01-24 17:12:12 -06:00
55c345418d
Land #9438 , address cmd_exec inconsistencies
2018-01-24 17:11:40 -06:00
23619431aa
update stageless python sizes
2018-01-24 17:08:51 -06:00
d6e966b079
Land #9414 , wp_admin_shell_upload - remove plugin dir after exploitation
2018-01-16 21:08:22 -06:00
e5bd36da1c
Land #9402 , NIS bootparamd domain name disclosure
2018-01-15 15:36:00 -06:00
2f9eebe28b
remove plugin dir
2018-01-15 14:48:59 +01:00
736d438813
Address second round of feedback
...
Brain fart on guard clauses when I've been using them all this time...
Updating the conditions made the ternary fall out of favor.
Changed some wording in the doc to suggest the domain name for a
particular NIS server may be different from the bootparamd client's
configuration.
2018-01-13 22:55:01 -06:00
1a8eb7bf2a
Update nis_ypserv_map after bootparam feedback
...
Yes, yes, I see the off-by-one "error." It's more accurate this way.
Basically, we want to ensure there's actually data to dump.
2018-01-13 15:40:17 -06:00
c080329ee6
Update module after feedback
...
Looks like I can't decide on certain style preferences.
Not keen on using blank?, but I've used it before. Time to commit?
Also, fail_with has been fixed for aux and post since #8643 . Use it!
2018-01-13 15:40:11 -06:00
eb8429cbd3
Revert "umlaut"
...
This reverts commit ffd7073420
2018-01-12 22:57:22 -06:00
ffd7073420
umlaut
2018-01-13 15:48:45 +11:00
1f1dc59d17
Land #9392 , python meterpreter whitespace normalization
2018-01-12 21:24:13 -06:00
2916c5ae45
Rescue Rex::Proto::SunRPC::RPCTimeout
...
Coincidentally, this also fixes the rescue in the library, since
rescuing Timeout instead of Timeout::Error does nothing.
2018-01-12 19:34:59 -06:00
0c9f1d71d3
Add NIS bootparamd domain name disclosure
2018-01-12 19:34:53 -06:00
488f27bf76
Small Typo
2018-01-12 07:05:30 -05:00
e6c4fb1dab
Land #9269 , Add a new target for Sync Breeze Enterprise GET BoF
...
Land #9269
2018-01-11 16:54:23 -06:00
f395e07fc6
Land #9269 , add new target for Sync Breeze Enterprise GET BoF
...
Land #9269
2018-01-11 16:53:02 -06:00
4b225c30fd
Land #9368 , ye olde NIS ypserv map dumper
2018-01-10 22:02:36 -06:00
f66b11f262
Nix an unneeded variable declaration
2018-01-10 20:24:02 -06:00
6510ee53bc
Land #9204 , Add exploit for Samsung SRN-1670D (CVE-2017-16524)
...
Land #9204
2018-01-10 20:15:29 -06:00
18c179a091
Update module and add documentation
...
This updates the module to pass:
* msftidy
* Ruby style guidelines
* Proper usage of Metasploit API
* Mostly other cosmetic fixes
A documentation is also added.
2018-01-10 20:13:42 -06:00
b66889ac86
Rescue additional errors and refactor code
...
https://jvns.ca/blog/2015/11/27/why-rubys-timeout-is-dangerous-and-thread-dot-raise-is-terrifying/
2018-01-10 20:11:25 -06:00
7e2c7837e5
Land #9325 , Add CVE-2017-6090 phpCollab 2.5.1 file upload exploit module
...
Land #9325
2018-01-10 17:39:50 -06:00
b1f3f471f3
Update phpcollab_upload_exec code (also module documentation)
2018-01-10 17:38:52 -06:00
dd737c3bc8
Land #9317 , remove multiple deprecated modules
...
Land #9317
The following modules are replaced by the following:
auxiliary/scanner/discovery/udp_probe
is replaced by:
auxiliary/scanner/discovery/udp_sweep
exploit/unix/webapp/wp_ninja_forms_unauthenticated_file_upload
is replaced by:
exploit/multi/http/wp_ninja_forms_unauthenticated_file_upload
exploit/windows/misc/regsvr32_applocker_bypass_server
is replaced by:
exploits/multi/script/web_delivery
2018-01-10 15:47:20 -06:00
8d77f35b16
Land #9373 , Add LabF nfsAxe FTP Client 3.7 Stack Buffer Overflow
...
Land #9373
2018-01-09 22:40:50 -06:00
25280e3319
Update labf_nfsaxe and module documentation
2018-01-09 22:39:40 -06:00
f125e13278
python meterpreter whitespace normalization
2018-01-09 16:08:52 -05:00
777e383568
Land #9377 , Add HPE iMC dbman RestoreDBase Unauthenticated RCE exploit
...
Land #9377
2018-01-09 13:56:53 -06:00
a0c9cdd73d
Land #9376 , Add HPE iMC dbman RestartDB Unauthenticated RCE exploit
...
Land #9376
2018-01-09 13:28:03 -06:00
573ee28631
Land #9378 , Detect and return on bad VNC negotiations
2018-01-09 03:46:00 -05:00
4a5a17a8e1
Add NIS ypserv map dumper
2018-01-08 14:27:53 -06:00
d138f1508c
Land #9340 , Add exploit for Commvault Remote Command Injection
...
Land #9340
2018-01-07 12:17:26 -06:00
ff1806ef5f
Update labf_nfsaxe.rb
2018-01-07 16:46:06 +00:00
a69f275a39
Update labf_nfsaxe.rb
2018-01-05 21:14:47 +00:00
c819aebc76
Add files via upload
2018-01-05 21:11:21 +00:00
e797ca4781
Add files via upload
2018-01-05 21:00:47 +00:00
aca76e2a4e
Update labf_nfsaxe.rb
2018-01-05 20:58:36 +00:00
2643acbc25
Update labf_nfsaxe.rb
2018-01-05 20:55:49 +00:00
b29710c66b
Add files via upload
2018-01-05 20:47:27 +00:00
94a1198485
Update labf_nfsaxe.rb
2018-01-05 20:41:49 +00:00
b97785c7a9
Update labf_nfsaxe.rb
2018-01-05 18:46:33 +00:00
e7946549d7
Update labf_nfsaxe.rb
2018-01-05 18:31:40 +00:00
51e5fb450f
Detect and return on bad VNC negotiations
2018-01-05 10:12:13 -06:00
Brent Cook
Wei Chen
William Vu
Christian Mehlmauer
Brendan Coles
Jeffrey Martin
Agahlot
Daniel Teixeira
jgor