Commit Graph

25215 Commits (8a402da056f99d0c3b69edb6ca7c76a609af7468)

Author SHA1 Message Date
William Vu 8a402da056 Explain "junk" in buffer for morris_fingerd_bof
And unrelated whitespace changes because I suck.
2018-11-22 23:15:12 -06:00
Brent Cook a59913434d
Land #10916, Xorg SUID privesc 2018-11-21 19:46:11 -06:00
Brent Cook 5d9195fe72
Land #10981, start printjob docs and bug fixes 2018-11-21 16:35:02 -06:00
Brent Cook 5fed559264
Land #10997, Remove harmful default command to execute 2018-11-21 16:19:40 -06:00
asoto-r7 96ede80dc4
Land #10876, ibm_mq_enum: IBM WebSphere MQ Name and Version Enumeration 2018-11-21 16:10:59 -06:00
asoto-r7 a3131f15de
ibm_mq_enum: Code cleanup, server channel and general exception handling improvements 2018-11-21 16:09:18 -06:00
Adam Cammack 188d94027c
Land #10996, Check `check` code for ms15-034 2018-11-21 14:45:56 -06:00
David Yates e706e2b58d
Remove harmful default command to execute 2018-11-21 11:09:13 +02:00
L ae3538952a Fix ms15-034 module 2018-11-21 12:31:56 +08:00
asoto-r7 7084538b8c
ibm_mq_channel_brute: Exception handling when channel.length > 20 chars 2018-11-20 16:24:17 -06:00
asoto-r7 d2a5b966f3
Land #10875, IBM WebSphere MQ Channel Name Bruteforce auxiliary module 2018-11-20 16:23:23 -06:00
Shelby Pace 288d78d372
Land #10352, Add check/response for CVE-2017-12149 2018-11-20 13:11:05 -06:00
Brent Cook d5d8216377
Land #10977, Add documentation and some enhancement to freesshd_authbypass module 2018-11-20 11:44:49 -06:00
Brent Cook bccb0972cf
Land #10984, don't examine a nil object in ms15_034_ulonglongadd 2018-11-20 08:37:48 -06:00
Shelby Pace 63a2396626 updated testing branch to branch off master 2018-11-20 08:14:19 -06:00
Brendan Coles 901b51f247
Update modules/auxiliary/scanner/http/iis_shortname_scanner.rb
Co-Authored-By: egre55 <34132245+egre55@users.noreply.github.com>
2018-11-20 11:13:17 +00:00
Brendan Coles 6c382ba711
Update modules/auxiliary/scanner/http/iis_shortname_scanner.rb
Co-Authored-By: egre55 <34132245+egre55@users.noreply.github.com>
2018-11-20 11:13:05 +00:00
Brendan Coles 5e513b209d
Update modules/auxiliary/scanner/http/iis_shortname_scanner.rb
Co-Authored-By: egre55 <34132245+egre55@users.noreply.github.com>
2018-11-20 11:12:51 +00:00
Shelby Pace 52df29ebcc test on branch off master 2018-11-19 15:08:38 -06:00
Brent Cook 509e1c2587
Land #10973, Rework DisclosureDate check in msftidy, including ISO 8601 support 2018-11-19 10:46:18 -06:00
Shaksham Jaiswal d904b93ec9
fixed is_vul 2018-11-19 13:39:08 +05:30
egre55 4a22656005 fixes 2018-11-18 21:56:51 +00:00
egre55 8b63c85bd2 fixes 2018-11-18 21:21:28 +00:00
Brendan Coles 467e0877f5 res.code 2018-11-18 12:40:09 +00:00
h00die 7ecdaa09c5 start printjob docs and bug fixes 2018-11-17 21:17:12 -05:00
Imran E. Dawoodjee b679bfa3d9
Carriage return errors fixed. 2018-11-18 03:29:17 +08:00
Imran E. Dawoodjee fd0f40a141
Add PowerShell as a separate target then set it as default. 2018-11-18 03:20:48 +08:00
William Vu 90b9204703 Update DisclosureDate to ISO 8601 in my modules
Basic msftidy fixer:

diff --git a/tools/dev/msftidy.rb b/tools/dev/msftidy.rb
index 9a21b9e398..e9ff2b21e5 100755
--- a/tools/dev/msftidy.rb
+++ b/tools/dev/msftidy.rb
@@ -442,6 +442,8 @@ class Msftidy
     # Check disclosure date format
     if @source =~ /["']DisclosureDate["'].*\=\>[\x0d\x20]*['\"](.+?)['\"]/
       d = $1  #Captured date
+      File.write(@full_filepath, @source.sub(d, Date.parse(d).to_s))
+      fixed('Probably updated traditional DisclosureDate to ISO 8601')
       # Flag if overall format is wrong
       if d =~ /^... (?:\d{1,2},? )?\d{4}$/
         # Flag if month format is wrong
2018-11-16 12:18:28 -06:00
Imran E. Dawoodjee 08b3efa046
Enhanced module and added documentation. 2018-11-16 21:18:45 +08:00
Aaron Ringo a174c606aa Changed SELINUX check to use built in methods 2018-11-16 04:22:18 -06:00
h00die 189f29e534
Land #10572 eaton ssh private key scanner 2018-11-15 17:16:36 -05:00
h00die de014f0599 remove variable only used once 2018-11-15 17:14:13 -05:00
Chris Higgins 4987f67b9b
Land #10925, smb_login error/status message 2018-11-14 13:19:04 -06:00
Jacob Robles 795aa3c99c
Land #10828, git submodule url exec CVE-2018-17456 2018-11-14 12:39:13 -06:00
Jacob Robles 798d3156bc
Print git command for module 2018-11-14 10:57:36 -06:00
Aaron Ringo 4fc047db87 Added advanced option to check console lock on linux systems, default true & updated docs 2018-11-13 22:33:12 -06:00
Shelby Pace 5e85683228
removed to_s from string 2018-11-13 15:28:55 -06:00
BrianWGray 3849d5de18 resolve description update request 2018-11-13 16:21:43 -05:00
Shelby Pace ac8932c144 update 9631 to a current branch 2018-11-13 15:15:25 -06:00
Alex Gonzalez da134f06e3
Updated check method
Fixed check method and redundant variable declarations
2018-11-13 16:01:40 -05:00
Brent Cook f2712ecdf6
Land #10607, Add External Module: office365userenum.py 2018-11-13 10:57:05 -06:00
Green-m 7a4770790c
Land #10938, add docs for modules and fix bug.
Add docs for auxiliary module http_basic/imap/mysql, and fix a bug
in modules/auxiliary/server/capture/mysql.rb
2018-11-13 16:22:03 +08:00
Aaron Ringo 538055c406 Initial documentation for Xorg Privesc Module
killed white spaces
2018-11-12 15:44:13 -06:00
Aaron Ringo ef7fc783be Added Selinux check, changed version check, retested on all platforms 2018-11-11 12:34:30 -06:00
Brendan Coles a5429d21a6
Update modules/exploits/multi/local/xorg_x11_suid_server.rb
Co-Authored-By: aringo <ringo.aaron@gmail.com>
2018-11-11 07:39:32 -06:00
Brendan Coles 2a7b18bcbf
Update modules/exploits/multi/local/xorg_x11_suid_server.rb
Co-Authored-By: aringo <ringo.aaron@gmail.com>
2018-11-11 07:38:42 -06:00
Aaron Ringo e6f548c5f4 added meterpreter, took out in session, moved to exploits/multi/local 2018-11-11 01:43:36 -06:00
BrianWGray 1c2da8a5c8 correct trailing space issue 2018-11-10 15:40:03 -05:00
BrianWGray 33f624bbb2 Module updated to reflect requested changes 2018-11-10 14:36:06 -05:00
Brendan Coles 1f14a9846d
Land #10767, Add Cisco Prime Infrastructure remote root exploit 2018-11-10 17:08:16 +00:00