Wei Chen
f02c05e530
This one is the same as cve_2018_8897_exe.rb
2018-07-12 22:09:44 -05:00
Metasploit
63fb0d744a
automatic module_metadata_base.json update
2018-07-12 20:08:32 -07:00
William Vu
c9001699cd
Land #10027 , Hadoop unauthed command execution
2018-07-12 21:58:49 -05:00
William Vu
50252c75d6
Clean up module
...
With a little rubocop -a.
2018-07-12 21:58:00 -05:00
Metasploit
c62fc5e976
automatic module_metadata_base.json update
2018-07-12 17:13:23 -07:00
William Vu
2f37482535
Land #10278 , gitlist_arg_injection fixes
2018-07-12 19:03:52 -05:00
Metasploit
ab05c1a810
automatic module_metadata_base.json update
2018-07-12 16:35:55 -07:00
Wei Chen
e613b2570a
Land #10299 , Add 88 CVEs to various auxiliary and exploit modules
2018-07-12 18:26:07 -05:00
William Vu
88bbc50104
Utilize uniq to make char array more readable
...
Hat tip @bcoles.
2018-07-12 17:59:12 -05:00
Metasploit
e3be355c25
automatic module_metadata_base.json update
2018-07-12 15:59:01 -07:00
William Vu
3ab2f6a569
Land #10298 , bug fix for #10219
2018-07-12 17:49:18 -05:00
bwatters-r7
cfcb77afd0
Rename to please msftidy
2018-07-12 17:41:06 -05:00
William Vu
3546286049
Add missed ARCH_CMD to top-level Arch array
...
It's not necessary because of targets, but it's required for printing.
2018-07-12 17:37:06 -05:00
asoto-r7
1a3a4ef5e4
Revised 88 aux and exploit modules to add CVEs / references
2018-07-12 17:34:52 -05:00
bwatters-r7
156b822401
First stab at cve-2018-8897
2018-07-12 17:31:53 -05:00
h00die
6751d48564
A few aux module docs
2018-07-12 17:50:47 -04:00
Brendan Coles
4b62f41369
Add QNAP Q'Center change_passwd Command Execution exploit
2018-07-12 20:00:17 +00:00
William Vu
3dda19f3c6
Update documentation in cmd/unix/reverse_bash
...
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=146464
https://bugs.launchpad.net/ubuntu/+source/bash/+bug/215034
2018-07-12 13:29:33 -05:00
William Vu
1f0535618d
Document bareword string deprecation in php/base64
2018-07-12 13:29:33 -05:00
William Vu
378930e5f4
Prefer %w array over quoted array in php/base64
...
irb(main):001:0> ["(",")",".","_","c","h","r","e","v","a","l","b","s","6","4","d","o"] == %w{( ) . _ c h r e v a l b s 6 4 d o}
=> true
irb(main):002:0>
2018-07-12 13:29:33 -05:00
Metasploit
4114d5e8fa
Weekly dependency update
2018-07-12 10:05:32 -07:00
Brendan Coles
104e4cee2e
Merge branch 'master' into soundtrack_logo_module_refs
2018-07-13 03:01:33 +10:00
Brendan Coles
4df7853fd3
Merge pull request #7 from wvu-r7/pr/10283
...
Fuel the hype machine
2018-07-13 02:57:40 +10:00
William Vu
147f59836a
Fuel the hype machine
2018-07-12 11:34:09 -05:00
Jacob Robles
f30c4e0465
Land #10226 , Add code randomization capabilities to Metasploit::Framework::Compiler
2018-07-12 11:20:04 -05:00
Metasploit
a9728d1bf1
automatic module_metadata_base.json update
2018-07-12 09:14:02 -07:00
Brendan Coles
904de2dd09
Land #10238 , Add ManageEngine Exchange Reporter Plus RCE exploit
2018-07-12 16:07:32 +00:00
William Vu
e72b873f56
Fire off bind handlers when session_created? runs
...
Also refactor because bind handlers don't use setup_handler.
2018-07-12 10:45:59 -05:00
Wei Chen
faf3adaee2
Update
2018-07-12 10:11:45 -05:00
Kacper Szurek
486225c2a8
Code review changes
...
Use target_uri, split url inside normalize function, replace print with vprint, return CheckCode::Appears
2018-07-12 14:27:28 +02:00
Metasploit
9c2777c6b9
automatic module_metadata_base.json update
2018-07-12 01:56:07 -07:00
William Vu
aae98cb12a
Land #9780 , once more with feeling
...
Missed the merge, lol.
2018-07-12 03:42:27 -05:00
William Vu
acb20e5a29
Land #9780 , CouchDB auth bypass and RCE
2018-07-12 03:36:17 -05:00
Metasploit
048c1ee7b7
automatic module_metadata_base.json update
2018-07-12 01:18:45 -07:00
Green-m
2652971c5d
Merge pull request #1 from wvu-r7/pr/9780
...
exploit/linux/http/apache_couchdb_cmd_exec fixes some problems.
2018-07-12 16:16:06 +08:00
William Vu
a08420e0d0
Land #10286 , Docker server version scanner
2018-07-12 03:08:41 -05:00
William Vu
e62dbecbef
Add module doc
2018-07-12 03:06:16 -05:00
William Vu
cce3b6f369
Clean up module
2018-07-12 02:57:14 -05:00
William Vu
f53080ee60
Fix exploit and do final cleanup
2018-07-12 02:13:30 -05:00
William Vu
167745c124
Selectively add RuboCop fixes
2018-07-11 22:49:46 -05:00
William Vu
ccc3267166
Correct rubocop -a
...
We'll update .rubocop.yml later.
2018-07-11 22:49:46 -05:00
William Vu
ca5e496b8f
Run rubocop -a
2018-07-11 21:40:19 -05:00
Agora Security
7d8b9a90d7
Add more reporting
2018-07-11 17:22:48 -04:00
Agora Security
30c43e22d9
Fix typo
2018-07-11 17:04:31 -04:00
Agora Security
bb8ac4a7ab
Add info & update_info
2018-07-11 16:52:16 -04:00
Adam Cammack
adff986908
Land #10287 , Add advanced option to skip WP checks
2018-07-11 14:25:19 -05:00
Shelby Pace
f855a5ab51
Land #10284 , Inform the user about lack of CVE
2018-07-11 11:47:43 -05:00
Shelby Pace
70837deeb1
Land #10268 , Ensure module_reference loads rb modules
2018-07-11 11:33:26 -05:00
Metasploit
147511dc66
automatic module_metadata_base.json update
2018-07-11 09:22:09 -07:00
Shelby Pace
1ded8ffb29
Land #10260 , Add phpMyAdmin v4.8.1/4.8.0 LFI RCE
2018-07-11 11:10:52 -05:00