e4c71265fb
Improve banner checking in libssh_auth_bypass
...
Now we do the right thing when libssh is patched.
2018-10-19 15:21:12 -05:00
ab5fccc8f6
Add module doc for great justice
2018-10-19 12:57:58 -05:00
3cee96d8ed
Land #10664 , add Windows SetImeInfoEx Win32k NULL Pointer Dereference
2018-10-18 14:42:14 -05:00
1e5f3f2f7b
add documentation
2018-10-18 12:45:53 +08:00
8e442cc980
Update documenation
2018-10-15 15:45:39 -05:00
5433d2cca9
Sync up upstream master
2018-10-15 14:19:07 -05:00
ab63044fe0
Update cisco_prime_inf_rce.md
2018-10-15 22:37:47 +07:00
53f9c359e9
Update cisco_prime_inf_rce.md
2018-10-15 22:37:22 +07:00
38ad735b04
Create cisco_prime_inf_rce.md
2018-10-15 22:35:26 +07:00
6660b1857b
Land #10800 , Add docs for auxiliary/scanner/snmp/ Cisco modules
2018-10-15 07:13:06 +00:00
506bdd5604
Land #10797 , Add docs for auxiliary/scanner/sip/options_tcp module
2018-10-15 07:08:55 +00:00
8877582086
Land #10668 rsh stack clash solaris priv esc
2018-10-14 10:34:48 -04:00
90768e28ce
fixed up
2018-10-13 08:51:42 -04:00
149a74d07b
small fixes
2018-10-13 08:48:13 -04:00
5b14d94957
Land #10671 , struts2_namespace_ognl updates
...
There are still some outstanding concerns, but I want to unblock this.
2018-10-12 11:08:33 -05:00
55e1915725
cisco snmp docs
2018-10-11 23:12:44 -04:00
63756bc800
add sip options_tcp docs
2018-10-11 16:17:01 -04:00
a67122aaf7
updated doc, added x86_64 binary
2018-10-11 12:37:51 -05:00
04cc40136f
changed formatting, deleted post, renamed files
2018-10-10 14:41:14 -05:00
6544c6636c
Add documentation
2018-10-10 12:23:52 -05:00
48432491a2
Adding documentation
...
Documentation path: documentation/modules/exploit/windows/local/ms18_8120_win32k_privsec.md
2018-10-10 22:11:05 +05:30
3de0d81a44
Deleting documenation from /post/windows/escalate
2018-10-10 22:05:19 +05:30
c86f68cb60
Minor changes to module, updated documentation.
2018-10-09 20:39:00 +06:30
78624b7020
Updated documentation and fixed the code (mostly).
2018-10-09 10:52:06 +06:30
bed497c6ae
Land #10672 , Add COMMGR Buffer Overflow module
2018-10-08 10:04:52 -05:00
fcb0b90d7a
Fixed numbering in the documentation steps, offed some whitespace,
...
streamlined the send_request_cgi, removed the conn_check.
2018-10-08 15:04:32 +06:30
f70aa354fc
Added documentation for
...
modules/exploit/linux/http/netgear_unauth_exec.rb
2018-10-08 11:35:33 +06:30
c7efd57144
Sync up with master
2018-10-06 08:27:01 -05:00
c9ebe5ae23
Land #9745 , Add ifwatchd QNX privilege escalation exploit module
2018-10-06 05:03:50 -04:00
e2f97c75a0
Land #10616 , update Unitrends UEB module to support vulnerabilities in version 10
2018-10-05 16:20:38 -05:00
a51243ce91
Land #10745 , Update lastore_daemon_dbus_priv_esc tested versions
2018-10-05 11:35:31 -04:00
28fb27187a
Land #10418 , Add DCOM/RPC NTLM Reflection (MS16-075) Via Reflective DLL
...
Merge branch 'land-10418' into upstream-master
2018-10-04 16:54:53 -05:00
523040e488
Add note about compiling problems
2018-10-04 16:42:23 -05:00
fe7ce02dfd
Update tested versions
2018-10-04 21:13:21 +00:00
071aa04111
Land #10738 , Add Zahir Enterprise 6 build 10b BOF
2018-10-04 11:00:12 -05:00
b5c13690c0
Add documentation for Zahir Import File Module
2018-10-04 10:12:12 -05:00
8b955f8ec5
Land #10704 , Navigate CMS Unauthenticated RCE
2018-10-04 06:44:21 -05:00
11d9b44922
Add exploit module for TeamCity Agent XMLRPC
2018-10-03 18:33:10 +08:00
97729727d8
Minor modifications
2018-10-02 06:57:04 -05:00
2c0d4de70b
Land #10732 , add api key for android wlan_geolocate
2018-10-02 05:09:10 -05:00
6dd36bd8da
Land #10427 , add OSX VNC password gather module
2018-10-02 14:47:51 +08:00
488b88fe04
fix documentation
2018-10-02 14:30:56 +08:00
b5cf682169
cleanup post/osx/gather/vnc_password_osx and add loot/credentials
2018-10-02 14:22:09 +08:00
e6c041003e
fix documentation
2018-10-02 11:51:29 +08:00
c1f5540e16
Land #10723 , fix another typo in windows reverse_tcp docs
2018-10-01 13:52:43 +08:00
af2378d6ec
Update reverse_tcp.md
...
fix typos in line 264.
2018-10-01 03:03:50 +07:00
0720718716
Update reverse_tcp.md
...
fix typos line 33.
2018-10-01 02:55:53 +07:00
2b86297138
Refactor
2018-09-27 11:16:54 +02:00
2d568f884e
Add documentation for Navigate CMS Unauthenticated Remote Code Execution
2018-09-26 22:44:20 +02:00
1607c2b890
Land #10428 , Update Windows MySQL UDF files, add docs
2018-09-24 21:11:52 -05:00
d981530f78
Update documentation with correct module name and detailed notes about Tomcat versions
2018-09-24 12:47:58 -05:00
02ef565730
Update evasion_module_type branch
2018-09-24 08:20:32 -05:00
888ec9430c
fix typo
2018-09-24 17:37:59 +08:00
738665e56f
Add documentation for #10652
2018-09-24 17:11:24 +08:00
b486708b02
Land #10663 extremeparr solaris LPE
2018-09-23 13:53:18 -04:00
7687e6e7b7
Update tested versions
2018-09-22 03:57:03 +00:00
849547793b
Land #10643 , CVE-2018-8440 ALPC Scheduler
...
Merge branch 'land-10643' into upstream-master
2018-09-21 15:38:45 -05:00
47bf780b88
specify meterpreter, update documentation
...
Warning is after spell...
2018-09-21 12:31:56 -05:00
17c7d828c1
fixes
2018-09-21 17:16:04 +00:00
6db716d2ec
Update documentation
2018-09-21 07:15:14 -05:00
a7f53b9361
Land #10628 , Add Solaris srsexec Arbitrary File Reader module
2018-09-21 01:56:43 +00:00
ee0776b095
print when not verbose
2018-09-20 20:54:41 -04:00
c5f6d4b8a5
Land #10670 , Pimcore SQLi module
2018-09-19 20:50:21 -05:00
5477220106
Update documentation
2018-09-19 20:48:42 -05:00
7698b7d7db
changed location of dolibarr module/documentation
2018-09-19 11:17:27 -05:00
42ccc37bca
Added description to module
2018-09-19 10:22:51 -05:00
05095c8f8d
Add documentation
2018-09-19 09:29:51 -05:00
b6ca8cac7f
renamed/relocated files, changed uri
2018-09-19 08:11:45 -05:00
36fa8f2ffc
Added exploit module for Delta Electronics Delta Industrial Automation COMMGR 1.08 Stack Buffer Overflow.
2018-09-19 15:28:46 +08:00
827219aff3
Revert "Added exploit module for Delta Electronics Delta Industrial Automation COMMGR 1.08 Stack Buffer Overflow"
...
This reverts commit d06587caef
2018-09-19 15:22:12 +08:00
d06587caef
Added exploit module for Delta Electronics Delta Industrial Automation COMMGR 1.08 Stack Buffer Overflow
2018-09-19 15:09:40 +08:00
6a63feced4
Merge remote-tracking branch 'upstream/master' into pr/10418
2018-09-18 19:54:44 -05:00
b98dfe0e7f
changed wording and line numbers
2018-09-18 13:33:09 -05:00
4fb223b293
Add Solaris RSH Stack Clash Privilege Escalation module
2018-09-18 17:38:59 +00:00
269da6ac9a
removed remaining line from template
2018-09-18 12:23:13 -05:00
34f07619d5
added documentation for module
2018-09-18 12:08:31 -05:00
03d50f2773
Adding documentation
2018-09-18 15:41:03 +05:30
2f5bd4b714
Add Solaris 'EXTREMEPARR' dtappgather Privilege Escalation module
2018-09-18 07:23:10 +00:00
5089c19453
Land #10620 Solaris 10 LPE for libnspr
2018-09-17 18:10:16 -04:00
86f5b25d8f
Land #10563 , Add 'Notes' metadata section
2018-09-17 11:18:08 -05:00
5a21444d39
Fix documentation
...
Added 'post' when use module.
2018-09-15 14:27:21 +02:00
68750ca19c
Added documentation
...
Documentation is added for the post-exploitation modules vnc_password_osx.
2018-09-15 12:20:01 +02:00
af7d76b52d
changes from first review
2018-09-14 20:10:59 -04:00
6cef61ddbc
finish srsexec add docs
2018-09-13 21:20:09 -04:00
a8c459db18
Update description with correct patched release
2018-09-13 08:22:13 +00:00
0db1c34c40
Add check for Solaris system patches
2018-09-12 07:36:54 +00:00
e75b5592f7
Add ForceExploit option
2018-09-11 09:23:50 +00:00
d658ccf653
Add Solaris libnspr NSPR_LOG_FILE Privilege Escalation module
2018-09-11 08:11:11 +00:00
d8f2d08058
finish up docs and 10 exploit
2018-09-10 21:08:30 -04:00
3d5da50b12
Land #10598 , Store Credentials Found with PhpMyAdmin Password Extractor
2018-09-10 11:49:52 -05:00
589fb4bf3b
first try at ueb mix
2018-09-09 22:41:01 -04:00
7604712e04
Add Documentation for office365userenum
2018-09-07 18:22:09 -04:00
718aaca0f4
Land #10546 , Add Apache Struts exploit: CVE-2018-11776
2018-09-07 14:54:23 -05:00
9abb6aebb3
Fixup reverse_ord_tcp docs
2018-09-07 11:47:14 -05:00
18ffd36409
storing config file, changed regex
2018-09-07 08:13:10 -05:00
8f2ab08c5e
updated docs
2018-09-07 15:06:03 +05:30
41d12166fd
Use a string hash key for documentation
2018-09-06 15:57:52 -05:00
36d125e1a8
modified line in scenarios output
2018-09-06 12:15:04 -05:00
50df5e386a
modified doc to reflect new output
2018-09-06 12:11:14 -05:00
1bee1e3861
Add IIS ShortName Scanner documentation
2018-09-06 12:02:32 +00:00
f34146b288
Add module doc
2018-09-05 19:57:15 -05:00
d25aad571f
Land #10474 , add documention for windows/shell/reverse_ord_tcp
2018-09-05 09:04:47 -05:00
d0b470879b
Add documentation for windows_defender_exe
2018-09-04 14:16:24 -05:00
b1479ec350
Update swagger docs to be compliant with new notes field
2018-08-31 16:53:59 -05:00
34944ff5be
Land #10568 , Update weblogic module docs
2018-08-31 14:05:46 -05:00
da7a29f715
Documentation update
2018-08-31 13:57:41 -05:00
0dea5fcfd9
Land #10565 , Add Dolibarr ERP/CRM Auxiliary Module
2018-08-31 13:47:46 -05:00
e49435a766
Update weblogic module docs
...
Update the module docs to match the new name
of the module.
2018-08-31 06:00:41 -05:00
628ea736a0
delete newline
2018-08-30 15:54:04 -05:00
d0cc05b074
added documentation
2018-08-30 15:28:52 -05:00
a9376266bc
Land #10484 , Add PhpMyAdmin password extractor
2018-08-30 12:16:17 -05:00
6ec8522786
Land #10482 , Add Network Manager VPNC Privesc
2018-08-30 10:46:54 -05:00
9f13d0fc56
Adding documentation
...
As there was no escalate folder I have created one to maintain my documentation, kindly suggest if any issues.
2018-08-30 21:13:33 +05:30
9d3e1c1942
Land #10540 , weblogic_deserialize, add check method and linux target
2018-08-30 06:08:03 -05:00
953bafc7e7
Land #10545 , foxit fix generated strings, update doc
2018-08-30 05:55:44 -05:00
d5ad683ba6
More doc updates
2018-08-29 10:59:36 -05:00
88c908665d
Update documentation
2018-08-29 06:24:30 -05:00
086ec5bdfb
Fix generated strings in pdf
2018-08-29 06:24:20 -05:00
b373dcc5d4
First draft of module and documentation for struts_namespace_rce against CVE-2018-11776
2018-08-28 16:53:26 -05:00
f6b0e720e4
Add documentation for peinjector
2018-08-28 14:02:34 -05:00
94e8cdac37
Move files to correct location
2018-08-28 12:38:54 -05:00
49c5a91fa7
Add linux target to weblogic_deserialize module
2018-08-28 11:51:04 -05:00
672dbb7acb
Land #9364 , HP PJL/SNMP CVE-2017-2741 exploit
...
Finally!
2018-08-23 22:47:09 -05:00
8213c21dc9
Land #10467 documentation for postgresql hashdump
2018-08-23 21:35:05 -04:00
a866bdd09d
slight syntax updates to md
2018-08-23 21:34:48 -04:00
1585eff29f
Land #10466 docs for postgres_version
2018-08-23 21:10:34 -04:00
3024725122
slight syntax updates to md
2018-08-23 21:09:52 -04:00
b8ce6782d9
Land #10517 updated docs for CloudMe Sync
2018-08-23 20:54:01 -04:00
2193dd662d
Land #10504 , add Foxit Reader UAF Module and Docs
2018-08-23 18:56:07 -05:00
5f9432ed6a
added rca to cloudme doc
2018-08-23 16:12:13 -05:00
7a534707ab
Add note about unauthenticated telnetd service
2018-08-23 16:16:47 -04:00
ecc6c473d8
Add note about unauthenticated telnetd service
2018-08-23 15:50:41 -04:00
ee6bf7a77c
Fix documentation markdown table format
2018-08-23 15:23:41 -04:00
18712c25cd
Add uname to module documentation scenario
2018-08-23 15:23:41 -04:00
77b77287cc
Add module and payload documentation
2018-08-23 15:23:40 -04:00
46b45f379b
Add documentation for MS16 Reflection DCOM->RPC
2018-08-21 11:27:07 -04:00
fd6880d0d0
Add Foxit Reader UAF Module and Docs
2018-08-21 08:21:51 -05:00
06582a00a0
Add module doc for ssh_enumusers
...
And update description in module.
2018-08-20 19:26:51 -05:00
b8b48fd37a
Land #10313 , add linux autostart persistence module
2018-08-20 18:17:50 +08:00
865898cba7
minor fixes
2018-08-20 17:51:41 +08:00
3cebfe4e14
Documentation
2018-08-19 23:56:00 +05:30
f09148d843
Add documentation
2018-08-19 08:20:41 +00:00
ac71bc86ee
Land #10320 , add module for persistence in /etc/rc.local
2018-08-19 15:30:50 +08:00
e38775b504
minor tweaks
2018-08-19 15:27:04 +08:00
a673ca1bc4
Update reverse_ord_tcp.md
2018-08-17 19:59:39 +05:30
59d977edfa
Documentation on windows/shell/reverse_ord_tcp
...
Part of Issue #7142
2018-08-17 16:22:39 +05:30
a22acf3f3e
Document autostart module
2018-08-17 14:24:28 +08:00
c24ceb9483
Move and update marked_redos module doc
2018-08-16 15:12:36 -05:00
5096eee2ec
Land #10120 , npm "marked" ReDoS module
2018-08-16 15:01:12 -05:00
809a15541c
Create documentation for PostgreSQL hash dumper
...
Documentation on auxiliary/scanner/postgres/postgres_hashdump
Part of issue #8296
Please see and following installation and exploitation steps using your machine. Please replace IP's where appropriate depending on if you are attacking your local machine or another machine on your network.
2018-08-16 08:39:39 -04:00
William Vu
Wei Chen
Tim W
Pedro Ribeiro
Brendan Coles
h00die
Shelby Pace
Jacob Robles
Dhiraj Mishra
Imran E. Dawoodjee
Brent Cook
bwatters-r7
Dylan Pindur
Delfan Azhar Andhika
Pyriphlegethon
asoto-r7
root
Hubert Lin
Kevin Gonzalvo
Oliver Morton
Shaksham Jaiswal
Erin Bleiweiss
7echSec
Matthew Kienow
Mumbai
Arpit Agrawal
Eliott Teissonniere
Kevin Kirsche