Commit Graph

1476 Commits (c8ff6cb5a4ec4c1f99330333832cb591d5b59094)

Author SHA1 Message Date
Daniel Teixeira 160f960f78
Add files via upload 2018-01-04 20:25:41 +00:00
h00die 65f444ddcc
land #9362 exploit for pfsense graph injection 2018-01-04 14:35:52 -05:00
Brent Cook 520e890520
Land #8581, VMware Workstation ALSA Config File Local Privilege Escalation 2018-01-03 21:35:57 -06:00
Wei Chen b8dde2e650 Land #9360, Ayukov NFTP FTP client buffer overflow vulnerability
Land #9360
2018-01-03 20:56:12 -06:00
Wei Chen 04cf3017c0 Update ayukov_nftp exploit and module documentation 2018-01-03 20:52:57 -06:00
William Vu c3f10c1d57
Land #9336, Linksys WVBR0-25 exploit 2018-01-03 18:13:44 -06:00
headlesszeke 589de0483b Clarification in product linkage and small syntax fixup in repro steps 2018-01-03 17:00:26 -06:00
dmohanty-r7 a5fa63405f
Land #9206, Add Xplico RCE exploit module 2018-01-03 16:02:51 -06:00
headlesszeke 3b0f0aa358 Adding doc file for module linksys_wvbr0_user_agent_exec_noauth 2018-01-02 14:54:18 -06:00
wetw0rk 8f0e41e159 requested changes 2018-01-01 17:30:43 -06:00
wetw0rk bc088cb379 added md 2018-01-01 05:46:04 -06:00
Daniel Teixeira 76d345039d
Create ayukov_nftp.md 2017-12-31 15:42:32 +00:00
h00die 3516305517
land #9191 an exploit against HP LoadRunner magentproc 2017-12-29 16:35:43 -05:00
h00die b698095c49 slight updates to magentproc docs 2017-12-29 16:30:32 -05:00
Jeffrey Martin bb97467b31
docs for auxiliary/scanner/http/directadmin_login 2017-12-29 14:43:20 -06:00
Brent Cook 5e71be7772
add ard_root_pw documentation 2017-12-28 14:37:25 -06:00
Brent Cook ae17943d4c fix documentation preformat blocks 2017-12-27 22:32:26 -06:00
Jon Hart bbed7db13c
Merge branch 'upstream-master' into feature/mqtt-login 2017-12-27 13:08:44 -08:00
Tod Beardsley e6de25d63b
Land #9316 Cambium modules and mixins, tx @juushya
These cover several of the CVEs mentioned in

https://blog.rapid7.com/2017/12/19/r7-2017-25-cambium-epmp-and-cnpilot-multiple-vulnerabilities/
2017-12-26 12:39:51 -06:00
b0yd 7aa296577e Added readme 2017-12-22 14:34:35 -05:00
Jon Hart d4bc98c13f
Merge branch 'upstream-master' into feature/mqtt-login 2017-12-22 08:07:40 -08:00
William Vu caae33b417
Land #9170, Linux UDF for mysql_udf_payload 2017-12-21 20:48:24 -06:00
Jon Hart 917e9aa328
Doc READ_TIMEOUT 2017-12-20 19:10:49 -08:00
Jon Hart 962bc71d10
Merge branch 'feature/mqtt' into feature/mqtt-login 2017-12-20 18:58:36 -08:00
Jon Hart 9c0df54f36
syntax 2017-12-20 18:54:09 -08:00
Jon Hart fa1536209a
syntax 2017-12-20 18:52:34 -08:00
Jon Hart 508253eadc
More docs 2017-12-20 18:51:44 -08:00
Jon Hart 0f72ce1ee5
Add WIP documentation for auxiliary/scanner/mqtt/connect 2017-12-20 18:45:10 -08:00
Nick Marcoccio 86ce3c8781 Made suggested changes and added documentation 2017-12-20 15:54:16 -05:00
Brent Cook a8b845fff9
Land #9283, Add node.js ws websocket library DoS module 2017-12-20 14:20:42 -06:00
Tod Beardsley 8c1f1696af
Kill trailing whitespace in docs 2017-12-18 17:35:49 -06:00
Tod Beardsley 4aa480d655
Land #9311, docs for #9180 2017-12-18 17:34:55 -06:00
Tod Beardsley c2b8d23854
Kill trailing whitespace 2017-12-18 16:56:09 -06:00
Tod Beardsley 65da14c165
Adding docs for modules 2017-12-18 16:47:43 -06:00
Jon Hart a33ed82a40
Land #9214, @realoriginal's update to the Cisco SMI scanner to also fetch Cisco IOS configs 2017-12-18 12:22:26 -08:00
Ryan Knell 369d74cdb2 Updating documentation
Added a missing backtick
2017-12-18 10:34:00 -05:00
William Vu 76823e9fe6
Land #9183, Jenkins Groovy XStream RCE 2017-12-18 03:38:27 -06:00
Pearce Barry 880a1d4283
Land #9312, Module acting as a Pyrotechnical Device Deployment Tool (PDT) for Hardware Bridge 2017-12-17 18:32:28 -06:00
Pearce Barry 8344401484
Add docs, minor tweaks. 2017-12-17 18:15:49 -06:00
RootUp 95e2f1da95
Update samsung_browser_sop_bypass.md 2017-12-17 11:02:24 +05:30
RootUp 53a098a7f3
Update samsung_browser_sop_bypass.md 2017-12-16 22:46:29 +05:30
RootUp 6b54fe6775
Create samsung_browser_sop_bypass.md 2017-12-16 22:26:08 +05:30
Brent Cook c6a2ae2551
Land #9248, Add wd_mycloud_multiupload_upload exploit 2017-12-13 18:51:02 -06:00
h00die c0a534140d
Land #9284 a regex dos for ua_parser_js npm module 2017-12-13 19:31:49 -05:00
h00die 544e4e3d0b fix md formatting 2017-12-13 19:30:50 -05:00
Nicholas Starke dd5532c5de Addressing Formatting Issues
There were several formatting and layout issues
that are fixed in this commit.  Also changing
`RHOSTS` to `RHOST`.
2017-12-13 14:26:27 -06:00
Wei Chen b99663fb6c
Bring #9282 up to date with upstream-master 2017-12-13 13:16:30 -06:00
Wei Chen 37514eec17
Land #9234, Add exploit for ClickJacking vuln for pfSense
Land #9234
2017-12-12 14:56:21 -06:00
Wei Chen 6149f51273
Land #9256, Add aux module to discover WSDD enabled devices
Land #9256
2017-12-12 11:55:42 -06:00
Matthew Kienow d79b0ad981
Land #9286, Advantech WebAccess webvrpcs BOF RCE 2017-12-12 00:25:56 -05:00
Pearce Barry 7f93cca446
Land #9288, Add Dup Scout Enterprise login buffer overflow 2017-12-11 17:12:20 -06:00
Nicholas Starke 2d23054a1f Changes as per comments
A few things were changed as per the PR comments:
1) The module title was reworded
2) The module description was multi-lined
3) Negative logic was rewritten to use 'unless'
4) Strings which did not require interpolation were rewritten
5) Documentation markdown was added.
2017-12-11 14:11:40 -06:00
mr_me f8977ed72c added some fixes 2017-12-11 11:34:17 -06:00
Ryan Knell c5f218c84c Addressing comments
1. Updated documentation
2. Made the Sec-WebSocket-Key header a random value
2017-12-11 11:49:31 -05:00
Chris Higgins 3a14ac3b37 Fixed a spelling error in documentation 2017-12-09 02:30:42 -06:00
Chris Higgins e91830efe7 Add Dup Scout Enterprise login buffer overflow 2017-12-09 02:20:05 -06:00
Ryan Knell 668585a1f9 Adding documentation
Adding module documentation for ws_dos.
2017-12-08 15:52:57 -05:00
mr_me 073ffcb3bc added some docs 2017-12-07 16:58:14 -06:00
Austin 900f7d6f69
docs on options 2017-12-07 14:47:40 -05:00
Austin 12425d962c
Rename office_dde_delivery to office_dde_delivery.md 2017-12-06 22:40:57 -05:00
Austin 1e4b707a60
MS Office DDE Documentation 2017-12-06 21:46:47 -05:00
Brent Cook ce2db3cd87
Land #9275, CVE-2017-11882 (docs fix) 2017-12-05 10:16:54 -06:00
Austin 14226c5f33
missing docs on options
Missed fixes on documentation
2017-12-04 20:58:36 -05:00
William Webb 69b01d26bb
Land #9226, Microsoft Office OLE object memory corruption 2017-12-04 16:50:27 -08:00
Austin b7f17f5519
fix documentation 2017-12-04 16:41:27 -05:00
Brent Cook f83e9815dd
Land #9210, Add a Polycom HDX RCE 2017-12-04 12:49:35 -06:00
Brendan Coles 775529277f Add documentation 2017-11-29 17:37:34 +00:00
bwatters-r7 9dc3d60fc2
Stupid Typos 2017-11-29 10:29:38 -06:00
bwatters-r7 efa8d566d7
Added documentation for iamroot 2017-11-29 10:26:06 -06:00
Zenofex d174ef3a70 Add wd_mycloud_multiupload_upload exploit 2017-11-28 07:12:00 -06:00
bwatters-r7 244acc48b6
Land #9212, pfsense group member exec module 2017-11-27 11:27:29 -06:00
Austin 43ff4f12e5
update docs 2017-11-22 06:57:35 -05:00
Yorick Koster b5994bde79
Update pfsense_clickjacking.md 2017-11-22 11:10:47 +01:00
Yorick Koster 5b5c5520e6
Update pfsense_clickjacking.md 2017-11-22 11:09:54 +01:00
Yorick Koster 916ee05cce Add exploit module for Clickjacking vulnerability in CSRF error page pfSense 2017-11-22 11:06:22 +01:00
Austin 73c692fb65
fix docs 2017-11-21 21:31:06 -05:00
Jon Hart 879db5cf38
Land #9050, @mpizala's improvements to the docker_daemon_tcp module 2017-11-21 17:13:24 -08:00
Matthew Kienow b6c81e6da0
Reimplement slowloris as external module 2017-11-21 16:21:01 -05:00
Daniel Teixeira aa16288140
Update slow_loris.md 2017-11-21 15:49:45 -05:00
Daniel Teixeira 6d2007a4db
Update slow_loris.md 2017-11-21 15:49:44 -05:00
Daniel Teixeira fbb9e9d473
Update slow_loris.md 2017-11-21 15:49:44 -05:00
Daniel Teixeira 4419c0d851
Create slow_loris.md 2017-11-21 15:49:44 -05:00
Austin fcf2cfa134
Create office_ms17_11882.md 2017-11-21 14:45:56 -05:00
Martin Pizala 90d6165e68
bypass user namespaces docs 2017-11-19 22:10:39 +01:00
h00die b7f7afb3be version detect, 2.2.6 handling 2017-11-19 08:28:07 -05:00
Austin 40bb622b7a
update docs
Updating documentation
2017-11-18 13:07:24 -05:00
Austin 74a1b405c4
action addition DOWNLOAD 2017-11-16 12:46:31 -05:00
h00die f8891952c6 pfsense group member exec module 2017-11-15 21:00:58 -05:00
Adam Cammack c740f4369c
Land #9197, Cleanup Mako Server exploit 2017-11-15 15:01:31 -06:00
Austin 256bf5a5ca
Create polycom_hdx_traceroute_exec.md 2017-11-15 10:38:53 -05:00
Mehmet İnce 54936b6ac3 Updatig documentation and tweaking initiate_session 2017-11-15 01:04:06 +03:00
Mehmet İnce 86e47589b0 Add xplico remote code execution 2017-11-14 09:30:57 +03:00
William Vu f3e2f4d500
Land #9167, D-Link DIR-850L exploit 2017-11-10 18:15:39 -06:00
William Vu 3936d3baa1 Clean up module 2017-11-10 18:15:22 -06:00
Steven Patterson df2b62dc27
Add Mako Server CMD injection Linux support, update docs, move to multi 2017-11-10 16:28:39 -05:00
h00die 52888871e3
Land #8747 RCE for Geutebrueck GCore on Windows 2017-11-08 20:22:54 -05:00
h00die 7ad151e68b gcore formatting update 2017-11-08 20:21:40 -05:00
Adam Cammack 39916ef61a
Land #9133, Command injection in Mako Server examples 2017-11-08 15:11:01 -06:00
Patrick Webster d95b333ae9 Added exploit module for HP LoadRunner command exec vuln CVE-2010-1549. 2017-11-09 03:59:18 +11:00
bwatters-r7 5a07be9b96
Land #9041, Add LPE on Windows using CVE-2017-8464 2017-11-08 10:09:03 -06:00
bwatters-r7 19e3e181c1 Fix compiling instructions 2017-11-08 09:36:32 -06:00
Spencer McIntyre fa8d017579 Change documentation from a first person context 2017-11-08 09:29:46 -05:00
bwatters-r7 11093b8393 Added documentation 2017-11-08 08:07:06 -06:00
Pearce Barry fc87ee08d9
Land #9060, IBM Lotus Notes DoS (CVE-2017-1130). 2017-11-07 11:20:12 -06:00
attackdebris d770406049 Add docs 2017-11-07 10:58:28 -05:00
RootUp 85b8b4116a
Create ibm_lotus_notes2.md 2017-11-07 12:08:08 +05:30
h00die c9e3b8816b remove old name 2017-11-04 13:53:04 -04:00
h00die 9236aff6ee forgot to add my docs 2017-11-04 13:51:41 -04:00
Austin 646c7f7c0a
update doc 2017-11-04 11:40:32 -04:00
Austin 40bcb3f0c8
update documentation 2017-11-03 09:09:51 -04:00
h00die 697031eb36 mysql UDF now multi 2017-11-03 05:26:05 -04:00
Austin caad1bbf27
Create dlink_dir850l_unauth_exec.md 2017-11-02 15:54:45 -04:00
William Vu e3ac6b8dc2
Land #9109, wp-mobile-detector upload and execute 2017-11-01 13:25:16 -05:00
Steven Patterson 8613852ee8
Add Mako Server v2.5 command injection module/docs 2017-10-26 23:29:11 -04:00
h00die cd35ae4661
Land #9106 negear dgn1000 unauth rce module 2017-10-22 22:18:53 -04:00
h00die 210f6f80b7 netgear1000dng cleanup 2017-10-22 22:17:40 -04:00
Austin e9fdb5bd94 Create netgear_dgn1000_unauth_setup_exec.md 2017-10-22 16:54:06 -04:00
h00die cfd7761818 wp_mobile_detector rce 2017-10-20 23:19:58 -04:00
Jon Hart 9658776adf
Land #9079, adding @h00die's gopher scanner 2017-10-20 17:16:08 -07:00
h00die f250e15b6e
Land #9105 rename psh to polycom for name collision 2017-10-20 20:10:57 -04:00
h00die fd028338e1 move psh to polycom so no more powershell name collision 2017-10-20 20:08:11 -04:00
h00die 5a6da487ab
Land #9043 two exploit modules for unitrends backup 2017-10-20 20:00:35 -04:00
caleBot e8de6a46d5 Update ueb9_bpserverd.md 2017-10-20 12:21:17 -06:00
Jon Hart f938a1029b
Make note about stopping container after 2017-10-20 10:30:12 -07:00
Jon Hart e82cb4577d
Show module selection + config 2017-10-20 10:12:46 -07:00
Jon Hart a8b4d4e4a2
Link to gopher container 2017-10-20 10:04:09 -07:00
Jon Hart 811bae7361
Add docker go(pher) example 2017-10-20 09:59:25 -07:00
Wei Chen c67a5872cd
Land #9055, Add exploit for Sync Breeze HTTP Server
Land #9055
2017-10-13 17:34:03 -05:00
h00die 297ca25953 fix IPs 2017-10-12 21:40:27 -04:00
h00die a63c947768 gopher proto 2017-10-12 21:32:01 -04:00
William Webb 8cfd4928ed
Land #9069, Add docs for scanner/http/open_proxy 2017-10-11 23:08:07 -05:00
Wei Chen d0e65a4177
Land #9068, add doc for auxiliary/scanner/http/files_dir
Land #9068
2017-10-11 17:13:26 -05:00
Wei Chen eaf686f164
Fix format 2017-10-11 17:12:45 -05:00
Wei Chen 3a8a85bbe5
Land #9065, add doc for auxiliary/scanner/http/http_login
Land #9065
2017-10-11 17:09:35 -05:00
Wei Chen fc40fe0da2
Fix format 2017-10-11 17:08:49 -05:00
Wei Chen 2503d2ab2e
Land #9067, add doc for auxiliary/scanner/http/http_header
Land #9067
2017-10-11 17:03:29 -05:00
Wei Chen 17b4678998
Fix format 2017-10-11 17:02:41 -05:00
Indranil Roy 72291d31fb Update open_proxy.md 2017-10-12 03:29:49 +05:30
itsmeroy2012 17d7faa96b fixing typos 2017-10-12 03:00:09 +05:30
bwatters-r7 294230c455
Land #8509, add Winsxs bypass for UAC 2017-10-11 16:24:52 -05:00
Wei Chen 978ede363e
Land #9066, add doc for http_version
Land #9066
2017-10-11 15:39:44 -05:00
Jeffrey Martin 1786634906
Land #9059, Tomcat JSP Upload via PUT Bypass 2017-10-11 15:05:00 -05:00
Wei Chen 8b3cc2b94f Tweak format 2017-10-11 14:14:56 -05:00
root 03e7797d6c fixed msftidy errors and added documentation 2017-10-11 07:57:01 -04:00
itsmeroy2012 1c8871cbe3 Documentation on auxiliary module open_proxy 2017-10-11 16:29:56 +05:30
itsmeroy2012 579cfed5f4 Documentation on auxiliary module files_dir 2017-10-11 16:15:19 +05:30
itsmeroy2012 fcf6a1ec96 Documentation on http_header 2017-10-11 15:30:43 +05:30
itsmeroy2012 e526b37e81 Fixing whitespaces 2017-10-11 15:18:51 +05:30
itsmeroy2012 ee3b638b48 Changing description 2017-10-11 15:17:54 +05:30
itsmeroy2012 7f1f862dc2 KB for http_version 2017-10-11 15:14:22 +05:30