Jon Hart
7b386ea2c8
Fix msftidy warnings wrt Set-Cookie
2017-12-19 06:58:23 -08:00
Tod Beardsley
85350a9645
Add Rapid7 blog references
2017-12-18 17:11:47 -06:00
Tod Beardsley
ae4edd65e1
Hard wrap descriptions
2017-12-18 17:03:13 -06:00
Tod Beardsley
c2b8d23854
Kill trailing whitespace
2017-12-18 16:56:09 -06:00
Tod Beardsley
65da14c165
Adding docs for modules
2017-12-18 16:47:43 -06:00
Tod Beardsley
72d3592b9c
New requires for Cambium mixins
2017-12-18 16:38:18 -06:00
Tod Beardsley
27a324237b
Initial commit for Cambium issues from @juushya
...
Note, these will trigger a bunch of WARNING msftidy messages for setting
cookies directly. This is on purpose.
2017-12-18 16:32:55 -06:00
Tod Beardsley
f18f90e7e4
Merge remote-tracking branch 'upstream/master'
2017-12-12 14:48:58 -06:00
Wei Chen
6149f51273
Land #9256 , Add aux module to discover WSDD enabled devices
...
Land #9256
2017-12-12 11:55:42 -06:00
Wei Chen
fdd4fc1c41
Land #9292 , fix variable name to store the username
...
Land #9292
2017-12-12 11:21:33 -06:00
securekomodo
b335cacfc1
Update wp_slideshowgallery_upload.rb
...
Variable on line 67 needs to be changed to "user" from "username" which was undefined and causing error during exploit execution.
[-] Exploit failed: NameError undefined local variable or method `username' for #<Msf::Modules::Mod6578706c6f69742f756e69782f7765626170702f77705f736c69646573686f7767616c6c6572795f75706c6f6164::MetasploitModule:0x0055c61ab093f8>
After changing the incorrect variable name from "username" to "user", the exploit completes.
2017-12-12 00:33:28 -05:00
Matthew Kienow
d79b0ad981
Land #9286 , Advantech WebAccess webvrpcs BOF RCE
2017-12-12 00:25:56 -05:00
mr_me
e7a2dd2e71
fixed email
2017-12-11 23:20:46 -06:00
mr_me
26e2eb8f1a
Changed to good ranking
2017-12-11 23:14:36 -06:00
Pearce Barry
7f93cca446
Land #9288 , Add Dup Scout Enterprise login buffer overflow
2017-12-11 17:12:20 -06:00
Pearce Barry
9a6c54840b
Minor tweak to use vprint...
2017-12-11 16:48:47 -06:00
mr_me
f8977ed72c
added some fixes
2017-12-11 11:34:17 -06:00
Brent Cook
63b5bb3dea
Land #9126 , Add android advanced options
2017-12-11 04:11:44 -06:00
Brent Cook
602335abf1
bump payloads
2017-12-11 04:11:21 -06:00
Brent Cook
1653e31f71
Merge branch 'upstream-master' into land-9126-
2017-12-11 03:57:00 -06:00
William Vu
bbbe48efbb
Land #9289 , typo fix for sysgauge_client_bof.md
2017-12-09 19:37:13 -06:00
Chris Higgins
3a14ac3b37
Fixed a spelling error in documentation
2017-12-09 02:30:42 -06:00
Chris Higgins
e91830efe7
Add Dup Scout Enterprise login buffer overflow
2017-12-09 02:20:05 -06:00
Metasploit
348cbe54b6
Bump version of framework to 4.16.23
2017-12-08 10:01:55 -08:00
Tod Beardsley
61a8c2456d
Merge remote-tracking branch 'upstream/master'
2017-12-08 11:42:24 -06:00
Brent Cook
378f11d859
Land #9279 , add docker pull badge to readme
2017-12-07 21:53:35 -06:00
mr_me
34ef650b0d
fixed up msftidy, opps.
2017-12-07 17:03:39 -06:00
mr_me
073ffcb3bc
added some docs
2017-12-07 16:58:14 -06:00
mr_me
75a82b3fe7
Advantech WebAccess webvrpcs ViewDll1 Stack-based Buffer Overflow Remote Code Execution Vulnerability
2017-12-07 16:34:26 -06:00
Adam Cammack
5b5ac878cc
Land #9285 , Handle IPv6 addresses in `full_uri`
2017-12-07 13:25:05 -06:00
William Vu
2565ad6a27
Handle IPv6 addresses in full_uri (add brackets)
2017-12-07 12:56:55 -06:00
William Vu
0a0d24d8f8
Land #9276 , cleanup of crufty code
2017-12-07 00:43:27 -06:00
Christian Mehlmauer
912fbc3b8c
add docker pull badge to readme
2017-12-06 20:34:40 +01:00
Brent Cook
ce2db3cd87
Land #9275 , CVE-2017-11882 (docs fix)
2017-12-05 10:16:54 -06:00
Brent Cook
c15f379343
remove some unneeded backward-compat code
2017-12-04 22:27:21 -06:00
Austin
14226c5f33
missing docs on options
...
Missed fixes on documentation
2017-12-04 20:58:36 -05:00
William Webb
04b57f82e8
Land #9274 , Remove spaces from EOL
2017-12-04 17:11:06 -08:00
William Webb
adba277be0
axe errant spaces at EOL
2017-12-04 16:57:48 -08:00
William Webb
69b01d26bb
Land #9226 , Microsoft Office OLE object memory corruption
2017-12-04 16:50:27 -08:00
William Vu
19b37c7070
Land #9263 , drb_remote_codeexec fixes
...
See pull requests #7531 and #7749 for hysterical raisins.
2017-12-04 18:45:03 -06:00
Brent Cook
3cf1ffeb5f
Land #9273 , add authors to osx local root exploit
2017-12-04 18:42:23 -06:00
Brent Cook
b13f4e25e1
thanks for making this well-known
2017-12-04 18:32:31 -06:00
Brent Cook
a27bb38d51
add authors
2017-12-04 18:25:18 -06:00
Austin
b96dac28d5
fix info segment
2017-12-04 16:42:41 -05:00
Austin
b7f17f5519
fix documentation
2017-12-04 16:41:27 -05:00
Brent Cook
f83e9815dd
Land #9210 , Add a Polycom HDX RCE
2017-12-04 12:49:35 -06:00
Brent Cook
7edab268f5
handle case-insensitive password, fix received
2017-12-04 12:47:40 -06:00
Austin
06334aa2bd
Update polycom_hdx_traceroute_exec.rb
2017-12-04 11:05:01 -05:00
Metasploit
fd1681edd9
Bump version of framework to 4.16.22
2017-12-01 10:04:07 -08:00
Austin
c788e4e540
Update office_ms17_11882.rb
2017-12-01 11:36:03 -05:00