fc46f671d8
Landing #10910 , update writable? method in modules.
2018-11-04 19:20:51 -08:00
1c8a355f84
Land #10834 , For real this time
...
Merge branch 'land-10834' into upstream-master
2018-11-02 12:37:13 -07:00
3ca98b0fe0
Land #10834 , messagebox payload for x64
...
Merge branch 'land-10834' into upstream-master
2018-11-02 12:19:55 -07:00
9b495913dc
Land #10873 , Add notes to exploit modules
2018-11-02 12:13:37 -07:00
ea1c4596d9
Land #10901 , Add modules for iOS images and texts
2018-11-02 11:49:40 -07:00
549c835af5
Land #10836 , Add Morris worm sendmail debug mode exploit
2018-11-02 09:22:22 -07:00
1ae0455b2e
Land #10700 , Add Morris worm fingerd exploit and VAX reverse shell
2018-11-02 09:22:21 -07:00
008c73ee29
Land #10858 , bypassuac_eventvwr optimizations - reduce created processes and artifacts
...
Merge branch 'land-10858' into upstream-master
2018-10-31 14:47:00 -07:00
5463191e51
Land #10553 , add x86/xor_dynamic and x64/xor_dynamic encoders
...
Merge branch 'land-10553' into upstream-master
2018-10-30 07:59:08 -07:00
d6c4f5e08e
Land #10853 , Add universal targeting to Mercury/32 IMAP LOGIN exploit
2018-10-29 07:59:52 -07:00
67572e2c37
Merge pull request #10870 from jmartin-r7/backport_cache_updates
...
Backport cache updates
2018-10-25 17:57:09 -05:00
4a9f6f5d06
Land #10561 , Add Windows local privilege escalation - CVE-2018-0824
...
Merge branch 'land-10561' into upstream-master
2018-10-25 12:33:06 -07:00
609e706e63
Land #10866 , libssh_auth_bypass check updates
2018-10-25 12:33:06 -07:00
a43edc4fbf
Land #10864 , Add Cisco WebEx RCE Modules
2018-10-25 12:33:06 -07:00
e423d5c358
Land #10707 , module traits to augment module rank
2018-10-24 17:18:09 -05:00
f0096227e7
Land #10505 , post-auth and default creds info
2018-10-24 17:09:28 -05:00
faf1a44cc4
Land #10848 , improve play_youtube post module
2018-10-23 14:48:44 -07:00
a7f9d4f23a
Land #10856 , add SSL support to php meterpreter
2018-10-23 16:45:54 -05:00
2c347d51b1
Land #10855 , Enable non-session command output for SSH modules
2018-10-23 16:44:03 -05:00
e6b2ddbc02
Land #10845 , glassfish_traversal typo fix
2018-10-22 14:19:45 -07:00
5f25c977ec
Land #10837 , QNX qconn module rename (redux)
2018-10-22 14:19:45 -07:00
43b0e56b09
Land #10817 , QNX qconn module rename
2018-10-22 14:19:44 -07:00
833807973c
Land #10835 , libssh fingerprint improvements
2018-10-19 19:13:36 -07:00
2b997432f2
Land #10819 , os_name population for ssh_login*
2018-10-19 13:55:10 -07:00
a0af98b4e2
Land #10832 , TARGETURI for tomcat_utf8_traversal
2018-10-19 13:49:08 -07:00
f88790c2c0
Land #10820 , Add libssh authentication bypass scanner/"exploit"
2018-10-19 12:03:28 -07:00
3cbc33204c
Land #10664 , add Windows SetImeInfoEx Win32k NULL Pointer Dereference
2018-10-18 21:02:13 -07:00
7d04ebcf5f
Land #9642 , support version 5 for GetGo Download Manager bof exploit
2018-10-15 13:49:36 -07:00
fcc59c3600
Land #10668 rsh stack clash solaris priv esc
2018-10-14 07:36:58 -07:00
34a1c48d7c
Land #10671 , struts2_namespace_ognl updates
...
There are still some outstanding concerns, but I want to unblock this.
2018-10-12 09:16:44 -07:00
ccde27756e
Land #10789 , typo fix
2018-10-10 15:20:13 -07:00
2f202583be
Land #10335 , Add vlc_mkv exploit module
2018-10-10 11:49:11 -07:00
424fa77c17
Land #10783 , Make WritableDir an advanced option
2018-10-10 07:54:02 -07:00
b13bc4b460
Land #10554 , Rescue REX runtime errors in x86 encoders
2018-10-09 21:38:32 -07:00
064683495e
Land #10776 , Fix references in #10672
2018-10-08 14:11:52 -07:00
ff95dbb806
Land #10775 , ZDI reference for delta_ia_commgr_bof
2018-10-08 12:08:15 -07:00
ec5530ece1
Land #10672 , Add COMMGR Buffer Overflow module
2018-10-08 08:07:41 -07:00
2c34813e6b
Land #9745 , Update QNX iwatchd to use newer APIs
2018-10-06 02:09:05 -07:00
2be1b87d0d
Land #9745 , Add ifwatchd QNX privilege escalation exploit module
2018-10-06 02:06:28 -07:00
1ff5d8f6bd
Land #10616 , update Unitrends UEB module to support vulnerabilities in version 10
2018-10-05 14:23:01 -07:00
5f43c7f3e9
Land #10745 , Update lastore_daemon_dbus_priv_esc tested versions
2018-10-05 08:37:12 -07:00
12cb3b4d3e
Land #10750 , formatting and AKA reference fixes
2018-10-05 01:34:14 -07:00
d325b8eb2f
Land #10749 , Ruby shovel operator fix for Beetel
2018-10-05 00:23:36 -07:00
0f4ef19555
Land #10418 , Add DCOM/RPC NTLM Reflection (MS16-075) Via Reflective DLL
...
Merge branch 'land-10418' into upstream-master
2018-10-04 14:57:20 -07:00
9762f921b8
Land #10738 , Add Zahir Enterprise 6 build 10b BOF
2018-10-04 09:03:40 -07:00
097a00bcab
Land #10712 , Make exploit/linux/http/axis_srv_parhand_rce more stable
2018-10-04 08:12:20 -07:00
ff06f81f89
Land #10704 , Navigate CMS Unauthenticated RCE
2018-10-04 04:48:35 -07:00
7142c29de1
Land #10686 , ARGS, TIMEOUT, and output to upload_exec module
...
Merge remote-tracking branch 'upstream/pr/10686' into upstream-master
2018-10-04 02:31:30 -07:00
874ed3ca72
Land #10733 , Fix typo in module documentation
2018-10-02 11:46:31 -07:00
0049efc603
Land #10725 , move post/android/gather/subinfo
2018-10-02 11:46:31 -07:00
3ad5bd429a
Land #10732 , add api key for android wlan_geolocate
2018-10-02 11:46:30 -07:00
d340eeecf9
Land #10427 , add OSX VNC password gather module
2018-10-02 11:46:30 -07:00
b42af6cd96
Land #10728 , metadata updates for @rastating
2018-10-02 11:46:30 -07:00
92cd40c8db
Land #10594 , Fix hashdump and user enumeration on new macOS versions
2018-09-24 20:20:38 -07:00
d904fcb866
Land #10695 , Add docs for Apple iOS WebKit DoS
2018-09-24 10:48:42 -07:00
c3f335ebb7
Land #10663 extremeparr solaris LPE
2018-09-24 10:48:42 -07:00
62dacb3d1e
Land #10534 , Add FrontPage Credential Dump Module
...
This module downloads and parses the '_vti_pvt/service.pwd',
'_vti_pvt/administrators.pwd', and '_vti_pvt/authors.pwd' files
used by FrontPage to find credentials.
2018-09-24 10:48:42 -07:00
2b194e2b47
Land #10643 , CVE-2018-8440 ALPC Scheduler
...
Merge branch 'land-10643' into upstream-master
2018-09-24 10:48:41 -07:00
6c2d09d4e4
Land #10683 , to_s fixes for Heartbleed
2018-09-24 10:48:41 -07:00
53c1adcb41
Land #10628 , Add Solaris srsexec Arbitrary File Reader module
2018-09-24 10:48:41 -07:00
7ef006fcf9
Land #10680 , LEAK_COUNT option for Heartbleed
2018-09-24 10:48:40 -07:00
858b67f943
Land #10681 , payload cached sizes fix
2018-09-24 10:48:40 -07:00
058eabbd24
Land #10625 , repeat command to repeat commands
2018-09-20 13:27:24 -07:00
d16189a295
Land #10677 , Pimcore and Dolibarr module renames
2018-09-19 20:20:37 -07:00
785cf9e5aa
Land #10670 , Pimcore SQLi module
2018-09-19 18:52:40 -07:00
4ca0566e10
Land #10673 , dolibarr_list_creds{,_sqli} rename
2018-09-19 16:57:51 -07:00
65a19a92eb
Land #10652 , iOS Safari blur denial of service
2018-09-19 13:16:04 -07:00
a2213a3c1c
Land #10627 , Add SMB2 support to smb_enumshares
2018-09-17 20:36:27 -07:00
1ee8734717
Land #10570 , AKA Metadata Refactor
2018-09-17 20:31:07 -07:00
fd59cbb61f
Land #10620 Solaris 10 LPE for libnspr
2018-09-17 15:12:51 -07:00
2ee6a49a27
Land #10649 , https://seclists.org references
2018-09-17 15:09:39 -07:00
fa81a0802a
Land #10560 , ms17_010_eternalblue: use SMBDomain value when provided
...
instead of ignoring it
Merge branch 'land-10560' into upstream-master
2018-09-13 08:11:09 -07:00
eceb7d1702
Land #10589 , multidrop support for word xml docs
2018-09-12 09:03:42 -07:00
bd8dea2c21
Land #9897 , Fix #8404 ListenerComm Support For Exploit::Remote::TcpServer
2018-09-10 14:27:34 -07:00
42784dceb1
Land #10593 , Refactor SSH mixins and update modules
2018-09-10 13:43:30 -07:00
29b16e1ee7
Land #10611 , mRemote creds gather module fixes
...
Also update #10612 to align with these changes.
2018-09-10 13:27:13 -07:00
67e1742bd0
Land #10612 , store_loot text/xml ctype fixes
2018-09-10 13:09:13 -07:00
5861087061
Land #10598 , Store Credentials Found with PhpMyAdmin Password Extractor
2018-09-10 09:51:51 -07:00
3e801c22fb
Land #10546 , Add Apache Struts exploit: CVE-2018-11776
2018-09-07 12:56:02 -07:00
cc7f500b83
Land #10604 , CVE for ghostscript_failed_restore
2018-09-07 12:36:01 -07:00
1c05bb6ef3
Land #10584 , fix session upgrade HANDLE_TIMEOUT and upgrading osx shells
2018-09-06 03:54:18 -07:00
e9a94595c2
Land #10592 , support ERB for foxit_reader_uaf.rb
2018-09-05 19:50:30 -07:00
eb39f6da51
Land #10564 , Add Ghostscript exploit from taviso
2018-09-05 19:09:11 -07:00
d1d308e542
Land #10565 , Add Dolibarr ERP/CRM Auxiliary Module
2018-08-31 11:49:23 -07:00
4360b9e82e
Land #10566 , struts2_rest_xstream normalize_uri
2018-08-30 14:00:53 -07:00
2ecff39be4
Land #10484 , Add PhpMyAdmin password extractor
2018-08-30 10:18:38 -07:00
bc87643ea3
Land #10482 , Add Network Manager VPNC Privesc
2018-08-30 08:49:38 -07:00
d7728afe42
Land #10540 , weblogic_deserialize, add check method and linux target
2018-08-30 04:13:58 -07:00
7a99fc7066
Land #10545 , foxit fix generated strings, update doc
2018-08-30 03:58:19 -07:00
2269f7eb43
Land #10594 , Remove trailing space from CVE number
2018-08-29 14:39:19 -05:00
ec9cedf4fc
Land #10536 , https:// reference check for msftidy
2018-08-29 09:18:46 -07:00
08e069bbe1
Land #10542 , CVE ref for office_ms17_11882 exploit
2018-08-28 22:44:41 -07:00
add03ca7f8
Land #10543 , struts2_rest_xstream targeting fixes
2018-08-28 16:55:02 -07:00
11ae0d2a78
Land #10541 , Correct claymore_dos.py's CVE ref
2018-08-28 16:55:01 -07:00
631e8bf110
Land #8983 , Add peinjector post module
...
Merge branch 'land-8983' into upstream-master
2018-08-28 16:55:01 -07:00
98ee549705
Land #10538 , PSH target for struts2_rest_xstream
2018-08-28 16:55:01 -07:00
6f42bcafcf
Land #10531 , fix NOP generator for sparc
2018-08-27 09:41:14 -07:00
f22e6ec2bf
Land #10527 , Fix msftdiy EDB link check, enable HTTPS
2018-08-27 08:53:05 -07:00
376a343472
Land #10487 , add php5 session file target
2018-08-27 08:49:42 -07:00
0294d7eed1
Land #10516 , Add brace expansion encoder and update ${IFS} encoder
2018-08-27 08:49:42 -07:00
Green-m
bwatters-r7
Jacob Robles
Brent Cook
Brendan Coles
William Vu
Wei Chen
h00die
Jeffrey Martin
Shelby Pace
Tim W
Adam Cammack