ac9f506b45
Update tested versions
2018-03-20 02:49:56 +00:00
53eabfc1df
Update documentation and add check before exploit
2018-03-19 23:27:18 +03:00
0817e6b15f
Delete playsms_uploadcsv_exec.md
2018-03-18 13:57:04 +05:30
0e0fcdf727
PlaySMS 1.4 RCE
...
PlaySMS 1.4 Remote Code Execution using Phonebook import Function in import.php
2018-03-18 13:46:30 +05:30
44d5022380
Land #9529 , Add module for HP iLO CVE-2017-12542 authentication bypass
2018-03-16 16:50:54 -05:00
1b2f1ced02
Land #8422 , Typo3 News Module Sql Injection exploit
2018-03-15 10:55:04 -05:00
ba0d990273
Documentation added and Error Checks
2018-03-15 10:46:08 -05:00
177eca30e8
Usage instructions adjusted.
2018-03-15 12:39:22 +03:00
d736a6d2ec
updated juniper docs
2018-03-14 21:02:22 -04:00
b55a750fa9
Fix typo and couple tiny nitpicks
2018-03-14 11:51:21 +03:00
889c914b3d
Updating documentation and minor code changes
2018-03-13 12:05:27 +03:00
b7b09c5010
Documentation added.
2018-03-12 20:30:15 +03:00
d86dcbc237
Land #9632 , owa_login and auth_brute enhancements
2018-03-12 10:31:20 -05:00
9b0ba4a6fa
clipbucket_fileupload_exec
2018-03-12 14:17:13 +05:30
1fd0087a97
Land #7654 , varnish file read
2018-03-09 10:59:04 -06:00
37bf4d118a
Changes suggested by h00die 0803
2018-03-09 09:55:50 -05:00
ea78e21961
Documentation accuracy
2018-03-09 07:43:12 -06:00
2735ae57cb
Documentation accuracy
2018-03-09 07:31:55 -06:00
048d0d1fe4
Changes suggested by h00die
2018-03-08 20:13:01 -05:00
178fa16953
Grammar fix
2018-03-08 07:42:29 -06:00
24079c345d
Style guide and grammar fixes
2018-03-08 07:30:02 -06:00
611b208267
Adding ManageEngine Application Manager RCE
2018-03-07 23:54:01 +03:00
fb04fef3a5
added documentation.
2018-03-07 08:34:49 -08:00
81596b627d
added documentation.
2018-03-07 08:31:25 -08:00
15269ec3ce
Land #9678 , Add memcached UDP version scanner
2018-03-07 10:14:29 -06:00
86dd382e6a
Land #9554 , Eclipse Equinoxe OSGi console RCE
2018-03-07 08:41:31 -06:00
e8a227b1a6
Changes as requested by jhart-r7:
...
- Default Username / Password are now random
- Doc fixed
- REST typo fixed
2018-03-07 10:48:05 +01:00
7733662767
Add docs for memcached_udp_version
2018-03-06 18:12:40 -08:00
05a653b853
Add module documentation
2018-03-06 20:37:11 -05:00
d6871f5733
Land #9614 , Juniper post enum module
2018-03-06 10:29:56 -06:00
99799f1e98
Update doc
2018-03-05 13:40:37 -06:00
a4f48eb80f
Add GitStack v2.3.10 RCE
2018-03-05 13:25:41 -06:00
3028dccd7a
Land #9644 , @xistence's memcached stats amplification scanner
2018-03-05 09:02:28 -08:00
d454267ea5
update docs
2018-03-02 21:00:41 -05:00
dd2e15f959
Update doc a final time to appease the @h00die god
2018-03-02 19:40:11 -06:00
25f36fb926
Refactor code into new methods
2018-03-02 19:16:37 -06:00
c343c926cf
Add N300 version to module doc
2018-03-02 19:15:20 -06:00
0c0f00941b
Add note about directly connecting to telnetd
2018-03-02 19:15:20 -06:00
b6d563e2a3
Update doc regarding vprint
2018-03-02 19:15:19 -06:00
4b29df7ab3
Update doc for automatic targeting
2018-03-02 19:15:19 -06:00
86cd52ae4b
Update doc with real info
2018-03-02 19:15:18 -06:00
7505e0e831
updated docs
2018-03-02 19:15:18 -06:00
031b44baea
updated docs
2018-03-02 19:15:17 -06:00
a9caec5130
Add module doc
2018-03-02 19:15:17 -06:00
83430f858e
Add docs for memcached amplification scanner
2018-03-01 17:07:57 -08:00
2faa052bc0
Update Exodus Wallet Documentation
2018-02-28 10:15:54 +00:00
11881c1028
Exodus Documentation
2018-02-26 21:30:39 +00:00
0b22014306
Rename Doc
2018-02-26 06:09:15 -06:00
4e4aeb7b4d
Add GitStack v2.3.10 Unauth REST API Aux Module
2018-02-26 06:04:38 -06:00
023bf79097
Land #9310 docs for many aux scanners
2018-02-24 14:32:33 -05:00
c56d7967e7
finished cleanup
2018-02-24 14:31:52 -05:00
15a29a1994
finished up comments
2018-02-24 13:39:14 -05:00
aafd67d416
Adjust rid_hijack.md documentation file
2018-02-23 04:30:22 +01:00
c7bbc6eca4
juniper post enum module
2018-02-22 21:08:21 -05:00
5815b626d9
Dont save email addresses as valid
...
Also add module doc for owa_login module
2018-02-22 14:58:11 -06:00
d3851ed89c
Add rid_hijack module documentation.
2018-02-22 18:49:11 +01:00
4b8a8fa2b1
Land #9441 , Create exploit for AsusWRT LAN RCE
...
Merge branch 'land-9441' into upstream-master
2018-02-22 10:40:45 -06:00
a9d6845f25
Add module doc
2018-02-21 21:50:08 -06:00
bda7fefa7f
Land #9444 - `hsts_eraser` module and docs
2018-02-20 21:22:55 -06:00
b2cb4c425d
Land #9594 , CloudMe Sync v1.10.9 Buffer Overflow
2018-02-20 17:49:19 -06:00
a23240a742
Update Documentation
...
[ticket: #9594 ]
2018-02-20 17:48:21 -06:00
04882b0464
Fixed indentation
2018-02-20 22:00:36 +00:00
ff3b318abd
CloudMe Sync Client documentation
2018-02-20 21:56:31 +00:00
107a41a4ce
Land #9561 , Disk Savvy Enterprise v10.4.18 built-in server buffer overflow
2018-02-20 15:42:12 -06:00
ab6f6d75d2
Update Documentation
...
[ticket: #9561 ]
2018-02-20 15:37:40 -06:00
f89cebbd89
Add sploit doc
2018-02-20 19:35:10 +00:00
74c6e21f49
Lands #9504 , MagniComp SysInfo privilege escalation
2018-02-19 22:47:33 -06:00
663581fa10
Fix markdown ticks + references location.
2018-02-17 14:30:01 +01:00
a2d104313b
Add documentation file.
2018-02-17 12:31:54 +01:00
242f2d3117
Land #9512 , Add Claymore Dual GPU Miner<= 10.5 DoS module
2018-02-16 10:46:48 -06:00
b533ec6019
Land #9509 , Ulterius Server < v1.9.5.0 Directory Traversal
...
Land #9509
2018-02-15 16:34:31 -06:00
949b474a0a
Avoid target_uri.path
...
It doesn't look like target_uri.path is suitable for this scenario,
because it causes our input to be modified and hard to use.
2018-02-15 16:31:09 -06:00
630e9dd0de
Verification steps update
2018-02-14 20:40:32 +00:00
07763ccd6a
Disk Savvy Server Buffer Overflow Documentation
2018-02-14 20:35:03 +00:00
fe46f635db
Changes as requested by bcoles
2018-02-13 10:54:42 +01:00
285b329ee1
Land #9422 abrt race condition priv esc on linux
2018-02-11 11:58:39 -05:00
add7ae8fa1
Land #9536 , Add Ubuntu notes to documentation
2018-02-11 07:27:00 -06:00
321b78b0fe
Land #9408 , Add Juju-run Agent Privilege Escalation module (CVE-2017-9232)
2018-02-11 07:19:49 -06:00
4e5cbd68b9
Add Ubuntu notes to documentation
2018-02-11 06:52:36 +00:00
4b6362a37d
Minor doc tweaks.
2018-02-10 16:14:14 -06:00
1177efef89
Update tested versions
2018-02-10 16:32:20 +00:00
38252e4384
success against x64
2018-02-10 07:17:15 -05:00
9e11632608
Add documentation
2018-02-09 16:15:04 -05:00
cb1b59545b
Land #9469 linux local exploit for glibc ld audit
2018-02-09 14:00:42 -05:00
c642d420c2
Land #9489 , Add scanner for the Bleichenbacker oracle (AKA: ROBOT)
2018-02-08 12:55:02 -06:00
ca4ad1d0c4
Land #9478 , Improve Dup Scout BOF exploit
2018-02-07 23:51:14 -06:00
ab0d18669e
Doc Changes
2018-02-07 19:26:39 -06:00
e53500f397
Fixed Headings
2018-02-07 08:11:58 -06:00
1de8ec1073
Implemented Suggested Changes
...
Updated documentation headings and function/filename formatting.
Updated module options and formatting. Added check for file to parse.
2018-02-07 08:01:54 -06:00
7cbf89f055
Add documentation
2018-02-07 13:17:54 +00:00
8168e881b3
Add documentation
2018-02-07 07:49:21 +00:00
278e9a92fc
add module and documentation
2018-02-06 20:30:34 +08:00
1e9e9c9be0
Ulterius Server < v1.9.5.0 Directory Traversal
...
Adds documentation and module for Ulterius Server
directory traversal vulnerability.
2018-02-05 22:50:09 -06:00
ce6e85f64f
Add documentation
2018-02-05 13:48:41 +00:00
696817215b
Update tested versions
2018-02-05 04:48:52 +00:00
e5b490c1c0
Remove weird sentence in cve_2017_8464_lnk_rce
2018-02-04 12:57:56 -05:00
638d6ce33d
Add documentation
2018-02-04 04:47:46 +00:00
bde2884e11
Fixes from review
2018-02-03 11:23:58 -05:00
75d2b33f2e
Add intro header to ms17_010_command
2018-02-02 20:47:29 -05:00
250a2beff7
Make options a bullet list in archmigrate
2018-02-02 20:46:07 -05:00
9e11b0629f
Fix examples section in run_as_psh
2018-02-02 20:44:46 -05:00
3733365955
Add options section to archmigrate
...
- Also make verification steps code instead of surrounded in quotes
2018-02-02 20:43:22 -05:00
3a764b174a
Remove unnecessary HRs in hashdump
2018-02-02 20:39:47 -05:00
fb0456df01
Add intro header
2018-02-02 20:38:10 -05:00
df976cf2b0
Add intro header to ad_to_sqlite
2018-02-02 20:37:29 -05:00
dff7fccc02
Fix ugly header in aws_create_iam_user
2018-02-02 20:36:31 -05:00
31f69b306b
Add description to sshkey_persistence
...
- Also make options headers to be more consistent with module options
2018-02-02 20:35:06 -05:00
664411786c
Fix a few things in getvinfo
...
- Add intro header
- Change up first sentence for clarity
- Fix `CLEAR_DTCS` header
2018-02-02 20:30:40 -05:00
c9d41f215d
Update allwinner_backdoor.md
2018-02-02 20:26:42 -05:00
d3084638fa
Update netgear_r7000_cgibin_exec docs
...
- Add 'Introduction' header
- Make module name in intro into code (easier to read)
2018-02-02 20:23:43 -05:00
6f086e9110
Fix broken link
2018-02-02 20:08:38 -05:00
51e098da35
Add scanner for Bleichenbacher oracle (ROBOT)
2018-02-02 16:29:07 -06:00
be01da2861
Add clarification to score range
...
- Also add an introduction header
2018-02-02 15:06:42 -05:00
1fb7c21cb7
Add length clarification to censys_search
2018-02-02 14:51:09 -05:00
b51ecda9d6
Fix CUSTOMTEMPLATE option format
2018-02-02 14:27:09 -05:00
a65604b09d
Add introduction header to web_delivery
2018-02-02 14:19:25 -05:00
2d8a249a56
Add intro header to office_ms17_11882
2018-02-02 14:12:36 -05:00
a7e9772e25
A few fixes for office_word_hta
...
- Add introduction header
- Fix `Vulnerable Application` header and make it plural (multiple apps)
- Remove unnecessary console line for example
2018-02-02 14:11:05 -05:00
daedf2a089
Fix word choice in cve_2017_8464_lnk_rce
...
- Also remove an unnecessary example step
2018-02-02 14:06:03 -05:00
0739fab092
Clarify testing environments for hp_dataprotector
2018-02-02 14:03:01 -05:00
acf7f7747d
Fix double backslashes in panda_psevents
2018-02-02 13:32:55 -05:00
67682bd243
Make webdav.md look a little better
2018-02-02 13:31:30 -05:00
d4c70a3beb
Fix md header in bypassuac_fodhelper
2018-02-02 13:28:47 -05:00
3de576a0df
Fix md header in vxsrchs_bof doc
2018-02-02 13:24:35 -05:00
9dde5ebf92
Update eternalblue docs
...
- Add a reference for OS protection rings
- Uncomment some windows versions
- Fix a word choice issue
2018-02-02 13:21:43 -05:00
c9473f8cbc
Land #9473 , new MS17-010 aux and exploit modules
2018-02-01 23:56:29 -06:00
7cb0a118c1
Land #9399 a linux priv esc against apport and abrt
2018-02-01 21:54:54 -05:00
3c21eb8111
Update documentation
2018-02-02 02:27:13 +00:00
559b592394
Corrected Documentation
2018-02-01 13:17:02 -06:00
bc18389284
Updated Document and Module
...
Update the documentation based on analysis of the vulnerability.
Slight modifications to the exploit module as well to reduce the
size of the generated file and reduce bad characters.
2018-02-01 10:05:50 -06:00
0d80ca6f79
Change documentation extension from rb to md
2018-01-31 23:26:30 +00:00
beb4d56f7d
Land #9354 , Debut embedded httpd server (Brother printers) DoS
2018-01-31 17:03:13 -06:00
8be2b1f59e
Land # 9407, Add BMC Server Automation RSCD Agent RCE exploit module
...
Merge branch 'land-9407' into upstream-master
2018-01-31 13:35:29 -06:00
92915ebb69
Update ms17_010_command.md
2018-01-29 11:17:44 -07:00
d4a0372238
Land #9457 , Dup Scout Enterprise v10.4.16 - Import Command Buffer Overflow
2018-01-29 11:40:54 -06:00
5529bc10b3
fix docs
2018-01-29 10:20:57 -07:00
8627f6b834
added docs
2018-01-29 01:34:25 -07:00
23f4bf1583
Add documentation
2018-01-27 03:15:06 +00:00
c390696ddf
Land #9379 , Oracle Weblogic RCE exploit and documentation
2018-01-25 21:47:18 -06:00
4be0e7f9ef
final fixes for brother debut dos
2018-01-24 20:53:08 -05:00
c1ff0c1e00
Dup Scout XML documentation
2018-01-24 20:47:02 +00:00
7b01785347
Add documentation to pull request
...
Added credit to @asoto-r7 for the documentation
2018-01-24 14:36:16 -05:00
eb572a3ef5
Land #8632 , colorado ftp fixes
2018-01-23 17:45:07 -06:00
a27cfeaea9
Land #9416 , Sync Breeze Enterprise 9.5.16 Import Command buffer overflow
...
Merge branch 'land-9416' into upstream-master
2018-01-23 16:35:51 -06:00
d81d50b491
Land #9430 , Improve Hyper-V checkvm checks
2018-01-23 15:22:12 -06:00
8eb6df41e3
Land #9205 , Documentation for Kaltura <= 13.1.0 RCE (CVE-2017-14143)
...
Merge branch 'land-9205' into upstream-master
2018-01-23 12:45:59 -06:00
04806bc84a
Updates to documentation per h00die
2018-01-23 12:44:39 -06:00
c13e02431d
updated
2018-01-23 06:19:44 -05:00
a15856450a
updated
2018-01-23 05:48:19 -05:00
2110cbe466
updated
2018-01-23 05:38:24 -05:00
61433c6d55
updated
2018-01-23 05:05:48 -05:00
aae77fc1a4
Land #9349 , GoAhead LD_PRELOAD CGI Module
2018-01-22 23:10:36 -06:00
7175468ff7
local to remote
2018-01-21 10:00:31 -05:00
7ee77a27a6
Land #9389 , Update commvault_cmd_exec module documentation
2018-01-18 11:05:51 -06:00
b6ea95c417
Add documentation
2018-01-18 12:42:44 +00:00
fff1c16517
Created checkvm documentation
2018-01-17 16:23:18 -06:00
5fef8b43f6
Update and rename syncbreeze_xml.rb to syncbreeze_xml.md
2018-01-16 06:07:15 +00:00
593813cdef
Fix small grammar issues in ms08_067 and ms17_010
...
Also includes very small changes to improve punctuation consistency
within CONTRIBUTING.md
2018-01-15 19:32:44 -08:00
ac724926db
Sync Breeze Import Command BOF Doc
2018-01-15 20:45:34 +00:00
333ee893d3
Tidied up platform detection, check method, and minor typos.
2018-01-14 18:28:40 +00:00
736d438813
Address second round of feedback
...
Brain fart on guard clauses when I've been using them all this time...
Updating the conditions made the ternary fall out of favor.
Changed some wording in the doc to suggest the domain name for a
particular NIS server may be different from the bootparamd client's
configuration.
2018-01-13 22:55:01 -06:00
6568d29b67
Add BMC Server Automation RSCD Agent RCE exploit module.
2018-01-14 01:12:55 +00:00
c080329ee6
Update module after feedback
...
Looks like I can't decide on certain style preferences.
Not keen on using blank?, but I've used it before. Time to commit?
Also, fail_with has been fixed for aux and post since #8643 . Use it!
2018-01-13 15:40:11 -06:00
ff1c85552b
Add module doc
2018-01-12 19:34:59 -06:00
e6c4fb1dab
Land #9269 , Add a new target for Sync Breeze Enterprise GET BoF
...
Land #9269
2018-01-11 16:54:23 -06:00
f395e07fc6
Land #9269 , add new target for Sync Breeze Enterprise GET BoF
...
Land #9269
2018-01-11 16:53:02 -06:00
4b225c30fd
Land #9368 , ye olde NIS ypserv map dumper
2018-01-10 22:02:36 -06:00
f5210ed6d6
Update module doc with missing options
2018-01-10 20:18:50 -06:00
6510ee53bc
Land #9204 , Add exploit for Samsung SRN-1670D (CVE-2017-16524)
...
Land #9204
2018-01-10 20:15:29 -06:00
18c179a091
Update module and add documentation
...
This updates the module to pass:
* msftidy
* Ruby style guidelines
* Proper usage of Metasploit API
* Mostly other cosmetic fixes
A documentation is also added.
2018-01-10 20:13:42 -06:00
7e2c7837e5
Land #9325 , Add CVE-2017-6090 phpCollab 2.5.1 file upload exploit module
...
Land #9325
2018-01-10 17:39:50 -06:00
b1f3f471f3
Update phpcollab_upload_exec code (also module documentation)
2018-01-10 17:38:52 -06:00
8d77f35b16
Land #9373 , Add LabF nfsAxe FTP Client 3.7 Stack Buffer Overflow
...
Land #9373
2018-01-09 22:40:50 -06:00
25280e3319
Update labf_nfsaxe and module documentation
2018-01-09 22:39:40 -06:00
777e383568
Land #9377 , Add HPE iMC dbman RestoreDBase Unauthenticated RCE exploit
...
Land #9377
2018-01-09 13:56:53 -06:00
a0c9cdd73d
Land #9376 , Add HPE iMC dbman RestartDB Unauthenticated RCE exploit
...
Land #9376
2018-01-09 13:28:03 -06:00
b06db60a56
Fix typos
2018-01-09 11:20:02 -06:00
7b6a8af387
Update commvault_cmd_exec module documentation
2018-01-08 15:42:01 -06:00
bbad416a86
Add module doc to appease the @h00die god
2018-01-08 15:02:39 -06:00
d138f1508c
Land #9340 , Add exploit for Commvault Remote Command Injection
...
Land #9340
2018-01-07 12:17:26 -06:00
a1a594d1f8
Add documentation
2018-01-06 05:09:24 +00:00
9ec17bdd54
Add documentation
2018-01-06 05:08:33 +00:00
160f960f78
Add files via upload
2018-01-04 20:25:41 +00:00
65f444ddcc
land #9362 exploit for pfsense graph injection
2018-01-04 14:35:52 -05:00
520e890520
Land #8581 , VMware Workstation ALSA Config File Local Privilege Escalation
2018-01-03 21:35:57 -06:00
b8dde2e650
Land #9360 , Ayukov NFTP FTP client buffer overflow vulnerability
...
Land #9360
2018-01-03 20:56:12 -06:00
04cf3017c0
Update ayukov_nftp exploit and module documentation
2018-01-03 20:52:57 -06:00
c3f10c1d57
Land #9336 , Linksys WVBR0-25 exploit
2018-01-03 18:13:44 -06:00
589de0483b
Clarification in product linkage and small syntax fixup in repro steps
2018-01-03 17:00:26 -06:00
a5fa63405f
Land #9206 , Add Xplico RCE exploit module
2018-01-03 16:02:51 -06:00
3b0f0aa358
Adding doc file for module linksys_wvbr0_user_agent_exec_noauth
2018-01-02 14:54:18 -06:00
8f0e41e159
requested changes
2018-01-01 17:30:43 -06:00
bc088cb379
added md
2018-01-01 05:46:04 -06:00
76d345039d
Create ayukov_nftp.md
2017-12-31 15:42:32 +00:00
54159c29eb
Add documentation line from h00die
2017-12-29 16:14:28 -06:00
3516305517
land #9191 an exploit against HP LoadRunner magentproc
2017-12-29 16:35:43 -05:00
b698095c49
slight updates to magentproc docs
2017-12-29 16:30:32 -05:00
bb97467b31
docs for auxiliary/scanner/http/directadmin_login
2017-12-29 14:43:20 -06:00
67c2119736
oh brother
2017-12-29 14:16:34 -05:00
b43c6078a1
updated
2017-12-28 18:24:57 -05:00
Brendan Coles
Mehmet İnce
Touhid M Shaikh
Brent Cook
Jacob Robles
Ege Balcı
h00die
Luis Hernandez
Kirk Swidowski
Fab
Jon Hart
William Vu
Daniel Teixeira
r4wd3r
James Barnett
bwatters-r7
Aaron Soto
Pedro Ribeiro
Chris Higgins
Quentin Kaiser
Wei Chen
Pearce Barry
bluebird
Carter Brainerd (thecarterb)
Adam Cammack
zerosum0x0
zerosum0x0
Kevin Kirsche
Vishal Gupta
Brady Sullivan
Nicky Bloor
headlesszeke
dmohanty-r7
wetw0rk
HD Moore
Jeffrey Martin