RootUp
6b54fe6775
Create samsung_browser_sop_bypass.md
2017-12-16 22:26:08 +05:30
Brent Cook
36a3088a67
Land #9303 , allow arguments to the editor with the 'edit' command
2017-12-15 13:46:15 -06:00
William Vu
0a1eea9860
Allow local_editor in cmd_edit to take arguments
...
Such as vim -i NONE. This may allow command injection via arguments.
However, you can already start an arbitrary program by setting
LocalEditor or escaping the editor.
msf > setg LocalEditor /bin/sh
LocalEditor => /bin/sh
msf > edit -i
[*] Launching /bin/sh -i
$
2017-12-14 19:51:57 -06:00
William Webb
234ef5627e
Land #9299 , Add arch to MS17-010 detection
2017-12-14 12:20:56 -08:00
Metasploit
be4f9236f2
Bump version of framework to 4.16.24
2017-12-14 10:08:05 -08:00
bwatters-r7
9ea7747a5c
Land #9233 , Fix #9232 corruption of non-latin characters in W methods
...
Merge branch 'land-9233' into upstream-master
2017-12-14 11:54:36 -06:00
William Vu
3cd287ddd6
Update the MS17-010 scanner to use dcerpc_getarch
2017-12-14 02:08:30 -06:00
William Vu
8e4b007edc
Move verify_arch to dcerpc_getarch
...
We can use this code elsewhere, such as the MS17-010 scanner.
2017-12-14 02:08:25 -06:00
Brent Cook
c6a2ae2551
Land #9248 , Add wd_mycloud_multiupload_upload exploit
2017-12-13 18:51:02 -06:00
Brent Cook
125a079fa9
add cve reference
2017-12-13 18:50:21 -06:00
h00die
d7ad443be1
Merge branch 'master' of https://github.com/rapid7/metasploit-framework into upstream-master
2017-12-13 19:33:05 -05:00
h00die
c0a534140d
Land #9284 a regex dos for ua_parser_js npm module
2017-12-13 19:31:49 -05:00
h00die
544e4e3d0b
fix md formatting
2017-12-13 19:30:50 -05:00
Wei Chen
deacebc46b
Land #9264 , Add private type when storing SSH password
...
Land #9264
2017-12-13 18:24:31 -06:00
Wei Chen
cfec0f4965
Land #9282 , Add exploit for MSFT Office DDR in RTF format
...
Land #9282
2017-12-13 18:16:04 -06:00
Nicholas Starke
dd5532c5de
Addressing Formatting Issues
...
There were several formatting and layout issues
that are fixed in this commit. Also changing
`RHOSTS` to `RHOST`.
2017-12-13 14:26:27 -06:00
Wei Chen
b99663fb6c
Bring #9282 up to date with upstream-master
2017-12-13 13:16:30 -06:00
Wei Chen
37514eec17
Land #9234 , Add exploit for ClickJacking vuln for pfSense
...
Land #9234
2017-12-12 14:56:21 -06:00
Wei Chen
c7019e5aee
Only load files once
2017-12-12 14:54:49 -06:00
Wei Chen
6149f51273
Land #9256 , Add aux module to discover WSDD enabled devices
...
Land #9256
2017-12-12 11:55:42 -06:00
Wei Chen
fdd4fc1c41
Land #9292 , fix variable name to store the username
...
Land #9292
2017-12-12 11:21:33 -06:00
securekomodo
b335cacfc1
Update wp_slideshowgallery_upload.rb
...
Variable on line 67 needs to be changed to "user" from "username" which was undefined and causing error during exploit execution.
[-] Exploit failed: NameError undefined local variable or method `username' for #<Msf::Modules::Mod6578706c6f69742f756e69782f7765626170702f77705f736c69646573686f7767616c6c6572795f75706c6f6164::MetasploitModule:0x0055c61ab093f8>
After changing the incorrect variable name from "username" to "user", the exploit completes.
2017-12-12 00:33:28 -05:00
Matthew Kienow
d79b0ad981
Land #9286 , Advantech WebAccess webvrpcs BOF RCE
2017-12-12 00:25:56 -05:00
mr_me
e7a2dd2e71
fixed email
2017-12-11 23:20:46 -06:00
mr_me
26e2eb8f1a
Changed to good ranking
2017-12-11 23:14:36 -06:00
Pearce Barry
7f93cca446
Land #9288 , Add Dup Scout Enterprise login buffer overflow
2017-12-11 17:12:20 -06:00
Pearce Barry
9a6c54840b
Minor tweak to use vprint...
2017-12-11 16:48:47 -06:00
Nicholas Starke
2d23054a1f
Changes as per comments
...
A few things were changed as per the PR comments:
1) The module title was reworded
2) The module description was multi-lined
3) Negative logic was rewritten to use 'unless'
4) Strings which did not require interpolation were rewritten
5) Documentation markdown was added.
2017-12-11 14:11:40 -06:00
mr_me
f8977ed72c
added some fixes
2017-12-11 11:34:17 -06:00
Brent Cook
63b5bb3dea
Land #9126 , Add android advanced options
2017-12-11 04:11:44 -06:00
Brent Cook
602335abf1
bump payloads
2017-12-11 04:11:21 -06:00
Brent Cook
1653e31f71
Merge branch 'upstream-master' into land-9126-
2017-12-11 03:57:00 -06:00
William Vu
bbbe48efbb
Land #9289 , typo fix for sysgauge_client_bof.md
2017-12-09 19:37:13 -06:00
Chris Higgins
3a14ac3b37
Fixed a spelling error in documentation
2017-12-09 02:30:42 -06:00
Chris Higgins
e91830efe7
Add Dup Scout Enterprise login buffer overflow
2017-12-09 02:20:05 -06:00
Metasploit
348cbe54b6
Bump version of framework to 4.16.23
2017-12-08 10:01:55 -08:00
Brent Cook
378f11d859
Land #9279 , add docker pull badge to readme
2017-12-07 21:53:35 -06:00
mr_me
34ef650b0d
fixed up msftidy, opps.
2017-12-07 17:03:39 -06:00
mr_me
073ffcb3bc
added some docs
2017-12-07 16:58:14 -06:00
mr_me
75a82b3fe7
Advantech WebAccess webvrpcs ViewDll1 Stack-based Buffer Overflow Remote Code Execution Vulnerability
2017-12-07 16:34:26 -06:00
Austin
900f7d6f69
docs on options
2017-12-07 14:47:40 -05:00
Austin
5a81f8091d
change some options for somethinf for sensible
2017-12-07 14:44:36 -05:00
Adam Cammack
5b5ac878cc
Land #9285 , Handle IPv6 addresses in `full_uri`
2017-12-07 13:25:05 -06:00
Austin
335cc13cab
remove option, advanced Message seems to break it.
2017-12-07 14:17:14 -05:00
William Vu
2565ad6a27
Handle IPv6 addresses in full_uri (add brackets)
2017-12-07 12:56:55 -06:00
Austin
7bdc99a153
Fix HANDLER + some default options!
2017-12-07 13:53:39 -05:00
Nicholas Starke
306c5d20d9
Adding ua_parser_js ReDoS Module
...
"ua-parser-js" is an npm module for parsing browser
user-agent strings. Vulnerable version of this module
have a problematic regular expression that can be exploited
to cause the entire application processing thread to "pause"
as it tries to apply the regular expression to the input.
This is problematic for single-threaded application environments
such as nodejs. The end result is a denial of service
condition for vulnerable applications, where no further
requests can be processed.
2017-12-07 10:25:29 -06:00
Austin
09aa433fdc
Add MESSAGE field for "obfuscation"
2017-12-07 08:04:31 -05:00
William Vu
0a0d24d8f8
Land #9276 , cleanup of crufty code
2017-12-07 00:43:27 -06:00
Austin
12425d962c
Rename office_dde_delivery to office_dde_delivery.md
2017-12-06 22:40:57 -05:00