95e2f1da95
Update samsung_browser_sop_bypass.md
2017-12-17 11:02:24 +05:30
53a098a7f3
Update samsung_browser_sop_bypass.md
2017-12-16 22:46:29 +05:30
6b54fe6775
Create samsung_browser_sop_bypass.md
2017-12-16 22:26:08 +05:30
36a3088a67
Land #9303 , allow arguments to the editor with the 'edit' command
2017-12-15 13:46:15 -06:00
0a1eea9860
Allow local_editor in cmd_edit to take arguments
...
Such as vim -i NONE. This may allow command injection via arguments.
However, you can already start an arbitrary program by setting
LocalEditor or escaping the editor.
msf > setg LocalEditor /bin/sh
LocalEditor => /bin/sh
msf > edit -i
[*] Launching /bin/sh -i
$
2017-12-14 19:51:57 -06:00
234ef5627e
Land #9299 , Add arch to MS17-010 detection
2017-12-14 12:20:56 -08:00
be4f9236f2
Bump version of framework to 4.16.24
2017-12-14 10:08:05 -08:00
9ea7747a5c
Land #9233 , Fix #9232 corruption of non-latin characters in W methods
...
Merge branch 'land-9233' into upstream-master
2017-12-14 11:54:36 -06:00
3cd287ddd6
Update the MS17-010 scanner to use dcerpc_getarch
2017-12-14 02:08:30 -06:00
8e4b007edc
Move verify_arch to dcerpc_getarch
...
We can use this code elsewhere, such as the MS17-010 scanner.
2017-12-14 02:08:25 -06:00
c6a2ae2551
Land #9248 , Add wd_mycloud_multiupload_upload exploit
2017-12-13 18:51:02 -06:00
125a079fa9
add cve reference
2017-12-13 18:50:21 -06:00
d7ad443be1
Merge branch 'master' of https://github.com/rapid7/metasploit-framework into upstream-master
2017-12-13 19:33:05 -05:00
c0a534140d
Land #9284 a regex dos for ua_parser_js npm module
2017-12-13 19:31:49 -05:00
544e4e3d0b
fix md formatting
2017-12-13 19:30:50 -05:00
deacebc46b
Land #9264 , Add private type when storing SSH password
...
Land #9264
2017-12-13 18:24:31 -06:00
cfec0f4965
Land #9282 , Add exploit for MSFT Office DDR in RTF format
...
Land #9282
2017-12-13 18:16:04 -06:00
dd5532c5de
Addressing Formatting Issues
...
There were several formatting and layout issues
that are fixed in this commit. Also changing
`RHOSTS` to `RHOST`.
2017-12-13 14:26:27 -06:00
b99663fb6c
Bring #9282 up to date with upstream-master
2017-12-13 13:16:30 -06:00
37514eec17
Land #9234 , Add exploit for ClickJacking vuln for pfSense
...
Land #9234
2017-12-12 14:56:21 -06:00
c7019e5aee
Only load files once
2017-12-12 14:54:49 -06:00
6149f51273
Land #9256 , Add aux module to discover WSDD enabled devices
...
Land #9256
2017-12-12 11:55:42 -06:00
fdd4fc1c41
Land #9292 , fix variable name to store the username
...
Land #9292
2017-12-12 11:21:33 -06:00
b335cacfc1
Update wp_slideshowgallery_upload.rb
...
Variable on line 67 needs to be changed to "user" from "username" which was undefined and causing error during exploit execution.
[-] Exploit failed: NameError undefined local variable or method `username' for #<Msf::Modules::Mod6578706c6f69742f756e69782f7765626170702f77705f736c69646573686f7767616c6c6572795f75706c6f6164::MetasploitModule:0x0055c61ab093f8>
After changing the incorrect variable name from "username" to "user", the exploit completes.
2017-12-12 00:33:28 -05:00
d79b0ad981
Land #9286 , Advantech WebAccess webvrpcs BOF RCE
2017-12-12 00:25:56 -05:00
e7a2dd2e71
fixed email
2017-12-11 23:20:46 -06:00
26e2eb8f1a
Changed to good ranking
2017-12-11 23:14:36 -06:00
7f93cca446
Land #9288 , Add Dup Scout Enterprise login buffer overflow
2017-12-11 17:12:20 -06:00
9a6c54840b
Minor tweak to use vprint...
2017-12-11 16:48:47 -06:00
2d23054a1f
Changes as per comments
...
A few things were changed as per the PR comments:
1) The module title was reworded
2) The module description was multi-lined
3) Negative logic was rewritten to use 'unless'
4) Strings which did not require interpolation were rewritten
5) Documentation markdown was added.
2017-12-11 14:11:40 -06:00
f8977ed72c
added some fixes
2017-12-11 11:34:17 -06:00
63b5bb3dea
Land #9126 , Add android advanced options
2017-12-11 04:11:44 -06:00
602335abf1
bump payloads
2017-12-11 04:11:21 -06:00
1653e31f71
Merge branch 'upstream-master' into land-9126-
2017-12-11 03:57:00 -06:00
bbbe48efbb
Land #9289 , typo fix for sysgauge_client_bof.md
2017-12-09 19:37:13 -06:00
3a14ac3b37
Fixed a spelling error in documentation
2017-12-09 02:30:42 -06:00
e91830efe7
Add Dup Scout Enterprise login buffer overflow
2017-12-09 02:20:05 -06:00
348cbe54b6
Bump version of framework to 4.16.23
2017-12-08 10:01:55 -08:00
378f11d859
Land #9279 , add docker pull badge to readme
2017-12-07 21:53:35 -06:00
34ef650b0d
fixed up msftidy, opps.
2017-12-07 17:03:39 -06:00
073ffcb3bc
added some docs
2017-12-07 16:58:14 -06:00
75a82b3fe7
Advantech WebAccess webvrpcs ViewDll1 Stack-based Buffer Overflow Remote Code Execution Vulnerability
2017-12-07 16:34:26 -06:00
900f7d6f69
docs on options
2017-12-07 14:47:40 -05:00
5a81f8091d
change some options for somethinf for sensible
2017-12-07 14:44:36 -05:00
5b5ac878cc
Land #9285 , Handle IPv6 addresses in `full_uri`
2017-12-07 13:25:05 -06:00
335cc13cab
remove option, advanced Message seems to break it.
2017-12-07 14:17:14 -05:00
2565ad6a27
Handle IPv6 addresses in full_uri (add brackets)
2017-12-07 12:56:55 -06:00
7bdc99a153
Fix HANDLER + some default options!
2017-12-07 13:53:39 -05:00
306c5d20d9
Adding ua_parser_js ReDoS Module
...
"ua-parser-js" is an npm module for parsing browser
user-agent strings. Vulnerable version of this module
have a problematic regular expression that can be exploited
to cause the entire application processing thread to "pause"
as it tries to apply the regular expression to the input.
This is problematic for single-threaded application environments
such as nodejs. The end result is a denial of service
condition for vulnerable applications, where no further
requests can be processed.
2017-12-07 10:25:29 -06:00
09aa433fdc
Add MESSAGE field for "obfuscation"
2017-12-07 08:04:31 -05:00
RootUp
Brent Cook
William Vu
William Webb
Metasploit
bwatters-r7
h00die
Wei Chen
Nicholas Starke
securekomodo
Matthew Kienow
mr_me
Pearce Barry
Chris Higgins
Austin
Adam Cammack