3ad5bd429a
Land #10732 , add api key for android wlan_geolocate
2018-10-02 11:46:30 -07:00
d340eeecf9
Land #10427 , add OSX VNC password gather module
2018-10-02 11:46:30 -07:00
b42af6cd96
Land #10728 , metadata updates for @rastating
2018-10-02 11:46:30 -07:00
92cd40c8db
Land #10594 , Fix hashdump and user enumeration on new macOS versions
2018-09-24 20:20:38 -07:00
d904fcb866
Land #10695 , Add docs for Apple iOS WebKit DoS
2018-09-24 10:48:42 -07:00
c3f335ebb7
Land #10663 extremeparr solaris LPE
2018-09-24 10:48:42 -07:00
62dacb3d1e
Land #10534 , Add FrontPage Credential Dump Module
...
This module downloads and parses the '_vti_pvt/service.pwd',
'_vti_pvt/administrators.pwd', and '_vti_pvt/authors.pwd' files
used by FrontPage to find credentials.
2018-09-24 10:48:42 -07:00
2b194e2b47
Land #10643 , CVE-2018-8440 ALPC Scheduler
...
Merge branch 'land-10643' into upstream-master
2018-09-24 10:48:41 -07:00
6c2d09d4e4
Land #10683 , to_s fixes for Heartbleed
2018-09-24 10:48:41 -07:00
53c1adcb41
Land #10628 , Add Solaris srsexec Arbitrary File Reader module
2018-09-24 10:48:41 -07:00
7ef006fcf9
Land #10680 , LEAK_COUNT option for Heartbleed
2018-09-24 10:48:40 -07:00
858b67f943
Land #10681 , payload cached sizes fix
2018-09-24 10:48:40 -07:00
058eabbd24
Land #10625 , repeat command to repeat commands
2018-09-20 13:27:24 -07:00
d16189a295
Land #10677 , Pimcore and Dolibarr module renames
2018-09-19 20:20:37 -07:00
785cf9e5aa
Land #10670 , Pimcore SQLi module
2018-09-19 18:52:40 -07:00
4ca0566e10
Land #10673 , dolibarr_list_creds{,_sqli} rename
2018-09-19 16:57:51 -07:00
65a19a92eb
Land #10652 , iOS Safari blur denial of service
2018-09-19 13:16:04 -07:00
a2213a3c1c
Land #10627 , Add SMB2 support to smb_enumshares
2018-09-17 20:36:27 -07:00
1ee8734717
Land #10570 , AKA Metadata Refactor
2018-09-17 20:31:07 -07:00
fd59cbb61f
Land #10620 Solaris 10 LPE for libnspr
2018-09-17 15:12:51 -07:00
2ee6a49a27
Land #10649 , https://seclists.org references
2018-09-17 15:09:39 -07:00
fa81a0802a
Land #10560 , ms17_010_eternalblue: use SMBDomain value when provided
...
instead of ignoring it
Merge branch 'land-10560' into upstream-master
2018-09-13 08:11:09 -07:00
eceb7d1702
Land #10589 , multidrop support for word xml docs
2018-09-12 09:03:42 -07:00
bd8dea2c21
Land #9897 , Fix #8404 ListenerComm Support For Exploit::Remote::TcpServer
2018-09-10 14:27:34 -07:00
42784dceb1
Land #10593 , Refactor SSH mixins and update modules
2018-09-10 13:43:30 -07:00
29b16e1ee7
Land #10611 , mRemote creds gather module fixes
...
Also update #10612 to align with these changes.
2018-09-10 13:27:13 -07:00
67e1742bd0
Land #10612 , store_loot text/xml ctype fixes
2018-09-10 13:09:13 -07:00
5861087061
Land #10598 , Store Credentials Found with PhpMyAdmin Password Extractor
2018-09-10 09:51:51 -07:00
3e801c22fb
Land #10546 , Add Apache Struts exploit: CVE-2018-11776
2018-09-07 12:56:02 -07:00
cc7f500b83
Land #10604 , CVE for ghostscript_failed_restore
2018-09-07 12:36:01 -07:00
1c05bb6ef3
Land #10584 , fix session upgrade HANDLE_TIMEOUT and upgrading osx shells
2018-09-06 03:54:18 -07:00
e9a94595c2
Land #10592 , support ERB for foxit_reader_uaf.rb
2018-09-05 19:50:30 -07:00
eb39f6da51
Land #10564 , Add Ghostscript exploit from taviso
2018-09-05 19:09:11 -07:00
d1d308e542
Land #10565 , Add Dolibarr ERP/CRM Auxiliary Module
2018-08-31 11:49:23 -07:00
4360b9e82e
Land #10566 , struts2_rest_xstream normalize_uri
2018-08-30 14:00:53 -07:00
2ecff39be4
Land #10484 , Add PhpMyAdmin password extractor
2018-08-30 10:18:38 -07:00
bc87643ea3
Land #10482 , Add Network Manager VPNC Privesc
2018-08-30 08:49:38 -07:00
d7728afe42
Land #10540 , weblogic_deserialize, add check method and linux target
2018-08-30 04:13:58 -07:00
7a99fc7066
Land #10545 , foxit fix generated strings, update doc
2018-08-30 03:58:19 -07:00
2269f7eb43
Land #10594 , Remove trailing space from CVE number
2018-08-29 14:39:19 -05:00
ec9cedf4fc
Land #10536 , https:// reference check for msftidy
2018-08-29 09:18:46 -07:00
08e069bbe1
Land #10542 , CVE ref for office_ms17_11882 exploit
2018-08-28 22:44:41 -07:00
add03ca7f8
Land #10543 , struts2_rest_xstream targeting fixes
2018-08-28 16:55:02 -07:00
11ae0d2a78
Land #10541 , Correct claymore_dos.py's CVE ref
2018-08-28 16:55:01 -07:00
631e8bf110
Land #8983 , Add peinjector post module
...
Merge branch 'land-8983' into upstream-master
2018-08-28 16:55:01 -07:00
98ee549705
Land #10538 , PSH target for struts2_rest_xstream
2018-08-28 16:55:01 -07:00
6f42bcafcf
Land #10531 , fix NOP generator for sparc
2018-08-27 09:41:14 -07:00
f22e6ec2bf
Land #10527 , Fix msftdiy EDB link check, enable HTTPS
2018-08-27 08:53:05 -07:00
376a343472
Land #10487 , add php5 session file target
2018-08-27 08:49:42 -07:00
0294d7eed1
Land #10516 , Add brace expansion encoder and update ${IFS} encoder
2018-08-27 08:49:42 -07:00
cca98bce25
Land #8914 , refactor auxiliary/admin/http credential storage
2018-08-24 11:20:26 -07:00
3c0f3f68f2
Land #10523 , Update Foxit Reader PoC Link
2018-08-24 09:38:06 -07:00
415379e7ee
Land #9364 , HP PJL/SNMP CVE-2017-2741 exploit
...
Finally!
2018-08-23 20:50:23 -07:00
7b7c5a73c4
Land #10504 , add Foxit Reader UAF Module and Docs
2018-08-23 16:57:43 -07:00
91bab0d842
Land #10510 , full disclosure for CVE-2018-15473
2018-08-22 12:52:48 -07:00
0739892cc8
Land #10498 , module doc for ssh_enumusers
2018-08-21 09:05:07 -07:00
8c29a3b5da
Land #10471 , Import target DefaultOptions into the datastore
2018-08-21 09:05:06 -07:00
5970f4882d
Land #10479 , Add CVE-2018-15473 to ssh_enumusers
2018-08-21 09:05:06 -07:00
dd32b8bd76
Land #10491 , fix error generating PPC NOPS
2018-08-21 09:05:06 -07:00
f295b22290
Land #10313 , add linux autostart persistence module
2018-08-20 03:19:57 -07:00
e5ef254155
Land #10320 , add module for persistence in /etc/rc.local
2018-08-19 00:33:19 -07:00
e1097f7e38
Land #10120 , npm "marked" ReDoS module
2018-08-16 13:43:26 -07:00
bf7c530f7e
Land #10456 , known_hosts fix for SSH modules
2018-08-16 13:43:26 -07:00
7cfe93133b
Land #10394 , Cleanup aws_ec2_instance_metadata
2018-08-15 12:52:58 -07:00
9617c79f44
Land #10420 , cgit < 1.2.1 Directory Traversal
2018-08-13 14:28:21 -07:00
1a86d57bce
Land #10404 , Add Path Traversal Oracle GlassFish
2018-08-13 09:18:05 -07:00
8b75c7d9ab
Land #10436 , Add WebLogic exploit (CVE-2018-2628)
2018-08-09 12:54:19 -07:00
b42cf88276
Land #10386 , Add IEC104 client module
2018-08-04 05:44:48 -07:00
714fdb12fd
Land #10417 , Update check method of Hadoop exploit
2018-08-04 05:30:08 -07:00
3fd0119d27
Land #9692 , Add DoS module for Siemens Siprotec 4
2018-08-04 05:23:03 -07:00
9ac0d0cf6e
Land #10358 , Add Dicoogle PACS Directory Traversal scanner module
2018-08-03 22:30:03 -07:00
937174d321
Land #10412 , Add Cisco directory traversal auxiliary module
2018-08-02 14:47:24 -07:00
65fcdcfd2f
Land #9884 , add linux ufo priv esc module
2018-08-02 02:56:27 -07:00
43f1f8eeb2
Land #10405 , Cleanup dropped files for CMSMS
2018-08-01 12:46:44 -07:00
f49f37f76d
Land #10406 , Fix notes service, port, protocol
2018-08-01 12:42:35 -07:00
133291e85b
Land #10409 , Add Meterpreter target for axis_srv_parhand_rce
2018-08-01 10:49:29 -07:00
0bad10de4e
Land #10403 , joomla_pages fixes
2018-07-31 09:03:18 -07:00
580f4cf509
Land #10255 , Adding Micro Focus Secure Messaging Gateway RCE
2018-07-30 19:08:43 -07:00
0bc84bb6c6
Land #10305 , SonicWall XML-RPC RCE
2018-07-30 12:15:59 -07:00
2cb4b97164
Land #10384 , upload_exec fixes
2018-07-30 11:57:09 -07:00
e6d9f39204
Land #10398 , unused option cleanup in enum_juniper
2018-07-30 11:55:22 -07:00
4b59552f8a
Land #10397 , Added line in psexec_psh to support SMB2
2018-07-30 11:09:36 -07:00
7e180a390c
Land #10060 , vTiger CRM v6.3.0 Upload RCE
2018-07-30 10:34:17 -07:00
ea2a9081a6
Land #10247 , add WordPress Arbitrary File Deletion
2018-07-30 07:09:04 -07:00
b42545a153
Land #10387 , Update mov_ss and add mov_ss_dll
2018-07-27 12:55:43 -07:00
3a67d89711
Land #10383 , Add WP Responsive Thumbnail Slider Plugin Exploit Module
2018-07-26 21:56:35 -07:00
e74ef65aa5
Land #9964 , android post module to extract subscriber info
2018-07-26 15:00:23 -07:00
4ec22c0ceb
Land #10376 , Handle connection errors and fail_with in check
2018-07-26 09:28:58 -07:00
5171e7edd2
Land #10319 , enable VHOST for ms15_034_http_sys_memory_dump
2018-07-25 16:53:51 -07:00
8e5639a081
Land #10374 , Net::SSH::CommandStream fixes
2018-07-25 16:23:47 -07:00
10ffd286d9
Land #10375 , smb_login defaults that suck less
2018-07-25 13:33:47 -07:00
3f53efe785
Land #10375 , DETECT_ANY_AUTH should be false
2018-07-25 13:33:47 -07:00
5fce9d8222
Land #10300 , Add root exploit for Axis network cameras
2018-07-25 12:47:50 -07:00
428623f890
Land #10370 , minor CouchDB fix
2018-07-24 23:13:33 -07:00
68272c410e
Land #10357 , CouchDB improvements and docs
2018-07-24 22:59:52 -07:00
3fbd4f8f2f
Land #10368 , PhpMyAdmin Login Scanner Module
2018-07-24 21:27:32 -07:00
e9b04b9750
Land #10362 , Fix reporting in backup_file, add more docs
2018-07-23 16:27:45 -07:00
6a5a19faca
Land #10364 , Handle nil for shell_reverse_tcp_ipv6
...
This makes things like `msfvenom --list-options` or `info` when options
are not set work.
2018-07-23 12:14:48 -07:00
28bb518dbd
Land #10349 , deconflict the method names in mix-ins
2018-07-23 11:40:49 -07:00
e075836ad5
Land #10346 , update check method and doc for CMS Made Simple
2018-07-20 15:49:07 -07:00
fdc24fe453
Land #10327 , Add CMS Made Simple Upload/Rename Authenticated RCE
2018-07-19 10:20:10 -07:00
64201ad782
Land #10282 , Add support for running external modules outside of msfconsole
2018-07-18 15:40:21 -07:00
6919d1a981
Land #10328 , Log errors in Python ETERNALBLUE
2018-07-18 12:53:38 -07:00
691d8f2c41
Land #9753 , Linux BPF sign extension local privesc
2018-07-18 11:05:32 -07:00
ba3fa4bf91
Land #10317 , nil fix for enum_dns
2018-07-17 11:04:55 -07:00
4c87d38a60
Land #10273 , [clean up] iis_webdav_scstoragepathfromurl
2018-07-17 07:36:22 -07:00
88518ec4ae
Land #10064 , Claymore Dual Miner API RCE
2018-07-16 16:04:38 -07:00
d138ddba8d
Land #10295 , Add QNAP Q'Center change_passwd Command Execution exploit
2018-07-14 08:20:32 -07:00
36f776d4a6
Land #10293 , fixup php/base64 and add docs for cmd/unix/reverse_bash
2018-07-13 15:17:52 -07:00
06e8cc49f5
Land #10297 , Add priv escalation mod for CVE-2018-8897
2018-07-13 08:57:19 -07:00
942befab73
Land #10302 , module doc fixes
2018-07-12 21:53:05 -07:00
f6a7f19e2b
Land #10027 , Hadoop unauthed command execution
2018-07-12 20:00:57 -07:00
dbd03f9914
Land #10278 , gitlist_arg_injection fixes
2018-07-12 17:05:33 -07:00
465dceb182
Land #10299 , Add 88 CVEs to various auxiliary and exploit modules
2018-07-12 16:28:05 -07:00
9db75849a9
Land #10298 , bug fix for #10219
2018-07-12 15:51:22 -07:00
4f67361b46
Land #10238 , Add ManageEngine Exchange Reporter Plus RCE exploit
2018-07-12 09:37:50 -07:00
f18fd4aca1
Land #9780 , CouchDB auth bypass and RCE
2018-07-12 11:24:05 -05:00
81ef17aa62
Land #10286 , Docker server version scanner
2018-07-12 11:24:04 -05:00
8586e6fc8f
Land #10260 , Add phpMyAdmin v4.8.1/4.8.0 LFI RCE
2018-07-12 11:24:03 -05:00
d11eaf3d74
Land #10280 , Use default CheckCode in ETERNALBLUE
2018-07-12 11:24:03 -05:00
45f354e55d
Land #10231 , Monstra Fileupload Exec
2018-07-12 11:24:02 -05:00
3a92908e9b
Land #10108 , add IBM QRadar SIEM exploit
2018-07-12 11:24:02 -05:00
d480ee8e20
Land #10275 , Update missing CVE references for exploit modules
2018-07-12 11:24:01 -05:00
4284ffe8a4
Land #10276 , Update missing CVE references for auxiliary modules
2018-07-12 11:23:09 -05:00
9dc3e35f23
Land #10107 , Add the scanner/smb/impacket/secretsdump module
2018-07-06 13:02:46 -07:00
a4f0dc5ea2
Land #10133 , Add HID discoveryd RCE exploit
2018-07-06 12:35:38 -07:00
e915bb0f66
Land #10262 , Add GitList argument injection exploit module
2018-07-06 12:30:10 -07:00
5d95172a81
Land #10171 , Implement desktop shell and screensaver post modules
2018-07-05 15:36:46 -07:00
fbd68df409
Land #10263 , fix double-nested array
2018-07-05 15:22:50 -07:00
b5981caa0b
Land #10219 , Add HP VAN SDN Controller exploit
2018-07-05 12:23:50 -07:00
7f3dfccbfe
Land #10242 , avoid using SMBv2 on Windows XP Native Upload targets
2018-07-02 15:37:11 -07:00
144923db3a
Land #10237 , Add Boxoft WAV to MP3 Converter exploit module
2018-07-02 12:03:05 -07:00
d4054c24bd
Land #9896 , Java JMX Package Name Randomization
...
Land #9896
2018-07-02 11:43:42 -07:00
709630e35c
Land #10185 , add SMBv1/2 support in psexec
2018-06-29 15:51:50 -07:00
fa95c0c2a1
Land #9958 , Nagios xi 2 electric
2018-06-29 10:18:13 -07:00
9bed9f0797
Land #10213 , Add FTPShell client 6.70 Stack Buffer Overflow exploit
2018-06-29 07:39:54 -07:00
fd7ea515aa
Land #10218 , MS17-010 Windows Embedded Standard 7
2018-06-28 14:14:42 -07:00
d310659a77
Land #10216 , add linux mic capture support for mettle
2018-06-28 10:58:50 -05:00
33a909939d
Land #10215 , add support for payload estimation for IPv6-specific modules
2018-06-27 14:49:00 -07:00
13f981f03f
Land #9998 , customizable golden ticket duration
2018-06-27 13:53:30 -07:00
165fb9dc79
Land #10109 , Teradata login scanner and SQL runner
2018-06-27 13:39:02 -07:00
d4dfb98fb9
Land #10207 , msftidy fixes
2018-06-26 12:40:50 -07:00
f14597bcb2
Land #10199 , Kace Systems Management Command Injection
2018-06-26 10:11:07 -07:00
0a9dca2b5a
Land 10200, Add SickRage Password Leak Auxiliary Module
2018-06-25 15:27:22 -07:00
679378d025
Land #10156 , WebKit, as used in WebKitGTK+ Crash - CVE-2018-11646
2018-06-21 14:33:05 -07:00
cddb0f2b4d
Land #10195 , ms17_010_eternalblue_win8 bug fixes
2018-06-21 13:38:14 -07:00
5fb3ffed55
Land #10189 , ETERNALBLUE updates
2018-06-20 21:55:20 -07:00
0bcbcab3d8
Land #10184 , Add sleepya's ETERNALBLUE exploit for Win8+
2018-06-19 15:44:55 -07:00
17c0bc1fa7
Land #10183 , Add auxiliary mod to exploit httpdasm dir traversal vuln
2018-06-19 12:58:49 -07:00
95cb9f3654
Land #9825 , Add 'phpMyAdmin Authenticated Remote Code Execution'
2018-06-18 06:55:53 -07:00
Brent Cook
Tim W
William Vu
Adam Cammack
h00die
Brendan Coles
bwatters-r7
Shelby Pace
Jacob Robles
Wei Chen
asoto-r7
Erin Bleiweiss