Commit Graph

1538 Commits (63e38923928eeb814f5459200e50ac8dfa305dec)

Author SHA1 Message Date
caleBot 63e3892392 fixed issues identified by msftidy 2017-10-06 10:16:01 -06:00
caleBot 78e262eabd fixed issues identified by msftidy 2017-10-06 10:15:30 -06:00
caleBot 36610b185b initial commit for UEB9 exploits - CVE-2017-12477, CVE-2017-12478 2017-10-06 09:38:33 -06:00
Pearce Barry 7400082fdb
Land #9040, Add CVE and Vendor article URL to the denyall_waf_exec module 2017-10-04 09:12:48 -05:00
Mehmet Ince 110f3c9b4a
Add cve and vendor article to the denyall_waf_exec module 2017-10-04 12:11:58 +03:00
h00die 4d1e51a0ff
Land #8906 RCE for supervisor 2017-09-24 08:03:30 -04:00
h00die 9528f279a5 cleaned up version, and docs 2017-09-23 10:51:52 -04:00
Mehmet Ince 3d543b75f5
Fixing typos and replacing double quotes with single 2017-09-21 23:48:12 +03:00
Mehmet Ince 1031d7960a
Moving token extraction to the seperated function 2017-09-20 10:23:32 +03:00
Mehmet Ince ee969ae8e5
Adding DenyAll RCE module 2017-09-19 14:53:37 +03:00
dmohanty-r7 c91ef1f092
Land #8768, Add Docker Daemon TCP exploit module 2017-09-08 12:50:00 -05:00
James Barnett 7e9d0b3e9b
Fix permissions in docker priv_esc module
The previous command didn't give the original user enough permissions
to execute the payload. This was resulting in permission denied
and preventing me from getting a root shell.

Fixes #8937
2017-09-07 16:48:02 -05:00
Tod Beardsley 642a13e820 Out out damn tick 2017-08-31 14:29:05 -05:00
Calum Hutton 3b745bd17c Rework the bash, redirect stdout/err to /dev/null
Dont need the -
2017-08-30 03:49:30 +01:00
Calum Hutton 9387a765e5 Fix msftidy warns/errs 2017-08-30 03:10:46 +01:00
Calum Hutton 4934023fa5 Use alternate system() payload, dont worry about restarts
Use nohup and & to background the meterpreter process
2017-08-30 03:10:46 +01:00
Calum Hutton d53f10554d Configurable restart command 2017-08-30 03:10:46 +01:00
Calum Hutton d0ff2694b3 Restart after payload process ends 2017-08-30 03:10:46 +01:00
Calum Hutton aee44e3bd2 Working meterpreter exploit
No service restart
2017-08-30 03:10:46 +01:00
Calum Hutton 7cfb5fcc97 Rename 2017-08-30 03:10:46 +01:00
Calum Hutton 8b67b710fa Add template 2017-08-30 03:10:46 +01:00
h00die a40429158f 40% done 2017-08-28 20:17:58 -04:00
William Vu 4c285c0129
Land #8827, QNAP Transcode Server RCE 2017-08-22 23:07:01 -05:00
Brent Cook 1225555125
remove unnecessary require 2017-08-20 17:37:42 -05:00
Brent Cook 840c0d5f56
Land #7808, add exploit for VMware VDP with known ssh private key (CVE-2016-7456) 2017-08-20 17:36:45 -05:00
William Vu d659cdc8f6 Convert quest_pmmasterd_bof to cmd_interact/find 2017-08-18 00:19:09 -05:00
Brendan Coles ac976eee8e Add author 2017-08-15 03:27:40 +00:00
Brendan Coles 0a374b1a88 Add QNAP Transcode Server Command Execution exploit module 2017-08-13 09:13:56 +00:00
Martin Pizala 2383afd8dc
Fix improved error handling 2017-08-04 23:42:44 +02:00
Brent Cook 4395f194b1 fixup style warnings in f5 bigip privkey exploit 2017-08-01 14:45:05 -05:00
Martin Pizala 60c3882b84
Improved error handling 2017-07-30 09:07:52 +02:00
Martin Pizala 853ae9a6ce
Add new reference 2017-07-26 02:16:56 +02:00
1cph93 9c930aad6e Add space after comma in f5_bigip_known_privkey module to coincide with Ruby style guide 2017-07-25 19:43:29 -04:00
Martin Pizala cd418559bc
Docker Daemon - Unprotected TCP Socket Exploit 2017-07-26 00:21:35 +02:00
Brent Cook 6300758c46 use https for metaploit.com links 2017-07-24 06:26:21 -07:00
Brent Cook 838b066abe Merge branch 'master' into land-8716 2017-07-24 05:51:44 -07:00
g0tmi1k 524373bb48 OCD - Removed un-needed full stop 2017-07-21 07:41:51 -07:00
g0tmi1k 772bec23a1 Fix various typos 2017-07-21 07:40:08 -07:00
bwatters-r7 ffad0d1bbf
Land #8559, Ipfire oinkcode exec 2017-07-19 14:31:18 -05:00
bwatters-r7 116a838cb0 Version check update and stylistic fix 2017-07-19 13:26:40 -05:00
g0tmi1k ef826b3f2c OCD - print_good & print_error 2017-07-19 12:48:52 +01:00
g0tmi1k b8d80d87f1 Remove last newline after class - Make @wvu-r7 happy 2017-07-19 11:19:49 +01:00
g0tmi1k 3d4feffc62 OCD - Spaces & headings 2017-07-19 11:04:15 +01:00
g0tmi1k a008f8e795 BruteForce - > Brute Force 2017-07-19 10:39:58 +01:00
bwatters-r7 ba92d42b57 Updated version check per @bcoles 2017-07-17 15:52:50 -05:00
g0tmi1k 4720d1a31e OCD fixes - Spaces 2017-07-14 08:46:59 +01:00
g0tmi1k 9309115627 OCD - Banner clean up 2017-07-14 08:19:50 +01:00
g0tmi1k fd843f364b Removed extra lines 2017-07-14 08:17:16 +01:00
g0tmi1k 424522147e OCD fixes - Start of *.rb files 2017-07-13 23:53:59 +01:00
Brendan Coles 8e2ff7a4c5 Add command stager and code cleanup 2017-07-07 16:54:56 -05:00