root
b73a884c05
struts2_s2045_rce.rb
2017-03-08 13:38:18 +08:00
nixawk
75a1d979dc
Fix: Incorrect disclosure month forma
2017-03-07 20:28:29 -06:00
nixawk
fc0f63e774
exploit Apache Struts2 S2-045
2017-03-07 20:10:59 -06:00
wchen-r7
e327f9b330
Update other module descriptions
2017-03-07 16:55:06 -06:00
wchen-r7
dc13b84189
Bring mms branch up to date w/ master
2017-03-07 16:13:39 -06:00
Jin Qian
7e19486a97
Merge branch 'wchen-r7-sms' into upstream-master
...
Merged #8047
2017-03-07 15:56:00 -06:00
=
7976966ce9
Issue 7923 - msftidy errors on master
2017-03-08 03:12:41 +05:30
wchen-r7
fbde0d18f2
Add auxiliary/client/mms/send_mms
2017-03-07 12:53:17 -06:00
wchen-r7
a466dc44c6
Do exception handling for sms client
2017-03-06 10:54:08 -06:00
Pearce Barry
b5afac6627
Per PR #8054 , we don't need the OUTPUTPATH option here.
2017-03-03 16:20:01 -06:00
Pearce Barry
4362c891b6
Land #8054 , Fix #8052 , remove forgotten OUTPUTPATH option
2017-03-03 15:36:30 -06:00
Brent Cook
bb140b9581
fix deprecated target ARCH
2017-03-03 13:38:16 -06:00
William Webb
d76e80bc44
Land #7424 , Ektron Webservices XSLT Remote Code Execution
2017-03-03 12:12:21 -06:00
wchen-r7
48e06e27b0
Fix #8052 , remove forgotten OUTPUTPATH option
...
Fix #8052
2017-03-03 12:00:07 -06:00
wchen-r7
6ad8afb8b3
Add API to send a text message (SMS) to mobile devices
2017-03-02 16:47:55 -06:00
Brent Cook
031285d49a
update payloads
2017-02-28 03:04:53 -06:00
Brent Cook
8c876f4a57
Land #7996 , Major rewrite and cleanup of reverse shell jcl payload
2017-02-28 02:12:40 -06:00
wchen-r7
69c7b0168c
Restore USERNAME and PASSWORD options for owa_login
...
Requested by our own pentesters, the username & password options
should be restored so users can more easily try one password but
multiple users.
2017-02-27 15:04:06 -06:00
Pearce Barry
37066acc03
Try harder to get user id, correctly handle dirs with spaces.
...
Fixes #7817 .
2017-02-25 20:32:53 -06:00
bwatters-r7
1e28e2b2c7
Cache sizes again...
2017-02-24 20:43:13 -06:00
bwatters-r7
493f17761b
payload cache size change- all together, now
2017-02-24 20:23:34 -06:00
bwatters-r7
15af90c011
payload cache size change
2017-02-24 20:22:27 -06:00
William Vu
634753f985
Add QNAP admin hash "disclosure"
2017-02-24 19:18:30 -06:00
William Webb
d9a7fac399
Land #8004 , Use post/windows/manage/priv_migrate instead of migrate -f
2017-02-24 17:30:14 -06:00
James Barnett
2631259919
Land #7973 , Enable cert validation for Nexpose
...
This PR enables connection to a Nexpose console using the
nexpose client gem.
It also allows you to connect using a trusted certificate
instead of simply overriding the SSL validation.
2017-02-24 14:27:24 -06:00
h00die
43550b8cdf
fixing line length
2017-02-23 19:55:23 -05:00
h00die
041238f77c
land #7896 Binom3 power meter scanner and brute
2017-02-23 19:49:50 -05:00
wchen-r7
70f7dccf62
copy and paste fail
2017-02-23 17:11:08 -06:00
wchen-r7
5d0b532b20
Fix #8002 , Use post/windows/manage/priv_migrate instead of migrate -f
...
Because migrate -f uses a meterpreter script, and meterpreter scripts
are deprecated, we should be replacing with a post module
Fix #8002
2017-02-23 17:04:36 -06:00
William Vu
236606838a
Land #7987 , MVPower DVR exploit
2017-02-23 01:46:04 -06:00
Brendan Coles
5d3a4cce67
Use all caps for module option names
2017-02-23 16:30:01 +11:00
bigendiansmalls
27a7b279f5
Major rewrite and cleanup of reverse shell jcl
...
The shell does exactly the same as the previous, just made the code read much
better so as to not severely anger the gray beards and other lesser
mainframe deities. The only architectural change is the payload uses the
spawn system call vs exec - this provides for a cleaner exit in some cases.
2017-02-22 17:17:27 -06:00
bwatters-r7
40e6413867
Land #7980 , Add a sploit for CVE-2017-5982, kodi file traversal
2017-02-22 13:11:48 -06:00
Carter
25b3cc685a
Update netgear_r7000_cgibin_exec.rb
2017-02-22 11:36:52 -05:00
Brendan Coles
47fec5626e
Style update
2017-02-22 07:56:17 +00:00
Brendan Coles
e491f01c70
Add MVPower DVR Shell Unauthenticated Command Execution module
2017-02-22 05:15:57 +00:00
wchen-r7
48f6740fee
Land #7969 , Add Module Trend Micro IMSVA Remote Code Execution
2017-02-21 17:29:04 -06:00
bwatters-r7
a9b9a58d4d
Land #7893 , Add Module AlienVault OSSIM/USM Remote Code Execution
2017-02-21 13:35:56 -06:00
William Webb
83cc28a091
Land #7972 , Microsoft Office Word Macro Generator OS X Edition
2017-02-21 13:26:42 -06:00
Jan-Erik Rediger
49da6289a9
Fix typo in smtp fuzzer
2017-02-20 21:47:59 +01:00
jvoisin
73eed104a9
Take into account @h00die's comments.
2017-02-20 13:22:20 +01:00
William Vu
dad21b1c1d
Land #7979 , another downcase fix for a password
2017-02-19 21:26:52 -06:00
jvoisin
7bd6aff1cf
Add a sploit for CVE-2017-5982
2017-02-19 21:57:27 +01:00
h00die
92c1fa8390
remove downcase
2017-02-18 20:13:32 -05:00
Carter
e99ba0ea86
Msftidy stuff
2017-02-18 00:34:49 -05:00
Carter
189d5dc005
Thanks netgear
2017-02-18 00:15:45 -05:00
Brent Cook
ef2fff798e
update sizes
2017-02-17 18:57:02 -06:00
Brent Cook
24151a9c27
Land #7753 , Add auxiliary RomPager misfortune cookie authentication bypass
2017-02-17 18:07:15 -06:00
Carter
52350292cf
Fix msftidy warning
2017-02-17 18:41:11 -05:00
Carter
63d1de9acd
Updates from review
...
Also testing some things, line 84 and 85 mostly
2017-02-17 18:29:46 -05:00
Brent Cook
2c570b6709
Land #7942 , Microsoft SQL Server Clr Stored Procedure Payload Execution
2017-02-17 17:28:54 -06:00
Brent Cook
e4c324c988
Land #7941 , treat a user with no mailbox as a valid credential anyway
2017-02-17 17:09:57 -06:00
Brent Cook
8019a9e519
Land #7947 , fix crash in panda_psevents when an unexpected target OS is found
2017-02-17 14:08:27 -06:00
wchen-r7
1f23b44003
I modified windows/fileformat/office_word_macro the wrong way
2017-02-16 23:16:06 -06:00
Jeffrey Martin
cbfe18e4d7
use certificates in nexpose
2017-02-16 14:34:02 -06:00
wchen-r7
7503f643cc
Deprecate windows/fileformat/office_word_macro
...
Please use exploits/multi/fileformat/office_word_macro instead,
because the new one supports OS X.
2017-02-16 12:32:14 -06:00
wchen-r7
3d269b46ad
Support OS X for Microsoft Office macro exploit
2017-02-16 12:28:11 -06:00
Carter
811f6d4d58
Update netgear_r7000_cgibin_exec.rb
2017-02-16 08:38:06 -05:00
Carter
90224af813
Fix msftidy warning
2017-02-15 22:39:16 -05:00
Carter
81d63c8cc7
Create netgear_r7000_cgibin_exec.rb
2017-02-15 22:33:48 -05:00
David Manouchehri
f113114643
Added assigned CVE.
2017-02-15 17:05:23 -05:00
aushack
3b386f86f6
Typo fix.
2017-02-14 17:05:46 +11:00
h00die
843f559069
land #7917 piwik exploit module
2017-02-14 00:52:27 -05:00
OJ
ec316bfb6c
Use DATABASE when logging in with SQL mixin
2017-02-14 10:34:27 +10:00
h00die
a47a479bd3
add else case
2017-02-12 19:08:31 -05:00
James Barnett
94a234e5bf
Specify sname as http/https to keep with standards throughout the code.
2017-02-10 17:31:08 -06:00
Christian Mehlmauer
baa473a1c6
add piwik superuser plugin upload module
2017-02-11 00:20:50 +01:00
James Lee
026f6eb715
Land #7929 , improve php_cgi_arg_injection
2017-02-10 10:01:38 -06:00
OJ
2d834a3f5a
Finalise module, and add supporting binaries
2017-02-10 12:56:40 +10:00
jakxx
58779f0aaf
owa_login no mailbox bugfix
...
The owa_login module currently misses a success condition where the
creds are valid but there is no mailbox setup. This commit adds the
check for the condition for OWA 2013.
2017-02-09 21:35:58 -05:00
OJ
1c62559e55
Add v1 of SQL Clr stored proc payload module
2017-02-10 10:28:22 +10:00
wchen-r7
4a9a8adaa1
Land #7928 , http_version now stores the fingerprints
2017-02-09 16:28:51 -06:00
Jeffrey Martin
d7a6edb5a4
Land #7939 , Override `empty?` for the weird ones
2017-02-09 15:40:24 -06:00
James Lee
4f13bde471
Override `empty?` for the weird ones
...
Fixes #7899
2017-02-09 14:57:20 -06:00
bwatters-r7
272d1845fa
Land #7934 , Add exploit module for OpenOffice with a malicious macro
2017-02-09 13:42:58 -06:00
Christian Mehlmauer
8ade9b8aae
Land #7905 , WordPress content injection module
2017-02-09 15:49:50 +01:00
wchen-r7
e1a1ea9d68
Fix grammar
2017-02-08 19:26:35 -06:00
William Vu
cf395ea7b1
Make error checks more consistent
2017-02-08 18:00:44 -06:00
William Vu
0d56676690
Add error check for listing posts
2017-02-08 17:13:12 -06:00
wchen-r7
047a9b17cf
Completed version of openoffice_document_macro
2017-02-08 16:29:40 -06:00
Spencer McIntyre
cba5e266f8
Land #7916 , module for netgear password disclosure
2017-02-08 15:48:55 -05:00
Carter
e7b421e226
Update netgear_password_disclosure.rb
2017-02-08 13:40:11 -05:00
Mehmet Ince
4ee05313d8
Update tested version numbers
2017-02-08 19:31:01 +03:00
William Vu
766e7b013d
Once more, with feeling
2017-02-08 09:17:37 -06:00
William Vu
a71b097e6b
Revert status iteration, since it doesn't work
...
Also.
2017-02-08 09:13:42 -06:00
Carter
fd935c8e3c
Update netgear_password_disclosure.rb
2017-02-08 09:14:39 -05:00
William Vu
6b2a995a7d
Revert AutoPublish, since it doesn't work
...
Apparently.
2017-02-08 07:43:17 -06:00
William Vu
df38a91fbd
Be nice and parse JSON for the error
2017-02-08 07:37:09 -06:00
Carter
2dfff95669
Fix msftidy warning
2017-02-08 08:28:23 -05:00
William Vu
befe224c58
Use wordpress_and_online? before actions
2017-02-08 07:24:57 -06:00
William Vu
46ab03f528
Add SearchTerm to filter listed posts
2017-02-08 06:10:46 -06:00
William Vu
064420075f
Update diagnostics and print better header
2017-02-08 04:54:25 -06:00
William Vu
6df55c9733
Gotta catch 'em (post statuses) all
2017-02-08 04:31:06 -06:00
William Vu
7583d050b7
Add AutoPublish to publish updated posts
2017-02-08 04:01:42 -06:00
William Vu
e480107bd5
Add PostCount (default 100) to list more posts
2017-02-08 03:52:20 -06:00
jvoisin
f3bcc9f23f
Take care of suhosin
2017-02-08 09:59:36 +01:00
jvoisin
028d4d6077
Make the payload a bit more random
2017-02-08 09:59:22 +01:00
William Vu
13f4b0d7ae
Be more specific with invalid post ID
2017-02-08 02:18:52 -06:00
Carter
c16b7e42a6
Fix review stuff
2017-02-07 21:41:38 -05:00
Carter
46fbc9dd3f
Fix some formatting
2017-02-07 21:32:19 -05:00