5c84e9e61a
Remove web root guessing since not reliable
2019-03-29 16:16:06 +00:00
269cb4bca6
Land #11635 , Authors check for msftidy
2019-03-29 10:45:31 -05:00
af494300ec
Add timwr as an author to his own modules
2019-03-29 10:44:58 -05:00
f8c5852902
Add Horde Form File Upload
2019-03-29 12:31:14 +00:00
0a24266029
Land #11482 , RV320 Unauthenticated RCE
2019-03-28 17:53:05 -05:00
1e6850fa53
land #11623 oracle 12 support for hashdumper
2019-03-28 10:07:54 -04:00
2a311931d3
oracle hashdump cleanup
2019-03-28 10:06:56 -04:00
f2a19d5e32
Final revisions
2019-03-27 21:53:52 -05:00
927d20cb95
Land #11592 , Add CMS Made Simple (CMSMS) Showtime2 File Upload RCE
2019-03-27 15:21:07 -05:00
38bdccb91a
Use instance variables instead of datastore options
2019-03-27 15:17:32 -05:00
fdb1f4adea
Update cmsms_showtime2_rce.rb
...
Fix to CSRF Token stealing function for older versions of CMSMS
2019-03-27 20:09:14 +01:00
3f9c9341f9
add 2016 authors
2019-03-26 19:39:17 -04:00
399532154d
Fix a git snafu when landing #11131
...
While landing PR #11131 , I tripped over my own shoelaces and overwrote `weblogic_deserialize_rawobject.rb` with `weblogic_deserialize_unicastref.rb`, destroying my changes and introducing a great deal of confusion.
This PR gets us back to where we should have been, with #11131 landed and a few changes to add randomization and expanding on the T3 protocol.
2019-03-26 17:54:37 -05:00
385cfd679a
Land #11131 , Weblogic_serialize_rawobject CVE-2015-4852
2019-03-26 17:07:04 -05:00
26b67bbf91
Fix two-byte error, add randomization, T3 notes from @acamro
2019-03-26 16:45:17 -05:00
5f5d475c2e
Add expected traceback error to documentation
2019-03-26 16:44:45 -05:00
f9361324bd
Merge branch 'weblogic_serialize_rawobject' of git://github.com/acamro/metasploit-framework into acamro-weblogic_serialize_rawobject
2019-03-26 16:38:27 -05:00
d9fc7af68e
Fix version detection
2019-03-26 20:17:34 +00:00
75ec3e7df6
add date and more docs
2019-03-26 16:13:42 -04:00
b2d047b0b1
Land #11622 , merge common hash identifier code between modules
2019-03-26 13:12:00 -05:00
d185e8a018
indentation fix
2019-03-25 14:54:46 -05:00
3a8b09f08e
added checks on scan method
2019-03-25 14:48:19 -05:00
59f5c291c9
removed spare spaces and modified some indentation
2019-03-25 14:25:09 -05:00
a8ccc7eb25
Remove tabbed indents
2019-03-25 11:13:28 -05:00
b91231021a
Hashdump adheres to better coding style. Add docs
2019-03-25 02:36:34 -05:00
9d71020d9c
Removed credit
2019-03-24 19:11:22 -04:00
8a36a0f410
Added support for later versions of Outlook, rubocop complaints
2019-03-24 18:39:55 -04:00
656ea5240d
remove space at EOL
2019-03-24 08:11:24 -04:00
dfa1ab3a9b
es file explorer
2019-03-24 08:01:32 -04:00
170d28d46b
12c hashdump supported
2019-03-23 13:37:19 -05:00
d1cad4eb21
Add 12c support for hashdump
2019-03-23 13:15:38 -05:00
5ea406cd4c
create hash identifier library
2019-03-23 14:02:34 -04:00
5e470a538d
return unless res
2019-03-23 19:38:14 +11:00
ccc8d9cdab
return unless res
2019-03-23 08:51:25 +00:00
8853d6d5b5
Adding documentation + cleaning files from the exploit
2019-03-22 17:37:04 +01:00
712cbecab3
Land #11570 , Add option to keep temp files with JTR modules
2019-03-22 05:16:56 -05:00
49b936f0d5
fix case of variable
2019-03-21 20:54:32 -04:00
16a48009ed
Add webmin CVE
2019-03-21 11:28:45 -05:00
4524707437
Fix rebase regressions in jenkins_metaprogramming
...
Ugh.
2019-03-21 11:20:21 -05:00
be5ec3379b
Update cmsms_showtime2_rce.rb
2019-03-20 15:50:30 +01:00
cb7b9080bd
1) changed print_status with vprint_status 2) Fix iterations and line splits 3) Changed name of the module 4) removed DisclosureDate
2019-03-20 15:13:41 +01:00
9bb7f11897
Unregister SSLCert option since it is never used in thisHTTPServer module.
2019-03-20 14:21:40 +01:00
c18ab91054
Update modules/exploits/multi/http/cmsms_showtime2_rce.rb
...
Co-Authored-By: fabiocogno <fabio.cogno@gmail.com>
2019-03-20 14:13:38 +01:00
e0a3e01d26
Update modules/exploits/multi/http/cmsms_showtime2_rce.rb
...
Co-Authored-By: fabiocogno <fabio.cogno@gmail.com>
2019-03-20 14:13:25 +01:00
365e032452
Update modules/exploits/multi/http/cmsms_showtime2_rce.rb
...
Co-Authored-By: fabiocogno <fabio.cogno@gmail.com>
2019-03-20 14:13:12 +01:00
49bb5a1624
Update modules/exploits/multi/http/cmsms_showtime2_rce.rb
...
Co-Authored-By: fabiocogno <fabio.cogno@gmail.com>
2019-03-20 14:13:00 +01:00
050aa7a98c
Update modules/exploits/multi/http/cmsms_showtime2_rce.rb
...
Co-Authored-By: fabiocogno <fabio.cogno@gmail.com>
2019-03-20 14:12:47 +01:00
fe0d5e0c97
Update modules/exploits/multi/http/cmsms_showtime2_rce.rb
...
Co-Authored-By: fabiocogno <fabio.cogno@gmail.com>
2019-03-20 14:12:35 +01:00
ce218fc86a
Add can_flood post exploitation for CAN and added example list of frames
2019-03-20 13:17:41 +01:00
43f74b1cf2
Add CMS Made Simple (CMSMS) Showtime2 File Upload RCE
2019-03-19 23:48:46 +01:00
794134735e
Update modules/exploits/unix/webapp/wp_crop_rce.rb
...
Co-Authored-By: tiyeuse <39072217+tiyeuse@users.noreply.github.com>
2019-03-19 20:36:13 +01:00
a8095b8784
Additional Options
2019-03-19 12:53:27 -05:00
b168312db1
Add exploit module for Wordpress core <=4.9.8 (CVE-2019-8942)
2019-03-19 17:51:59 +01:00
23a86e7ad2
Add exploit module for Wordpress core <=4.9.8 (CVE-2019-8942)
2019-03-19 16:03:29 +01:00
a2d6c77fb8
indentation fixes
2019-03-19 15:28:24 +01:00
985f3748e5
Update splunk_upload_app_exec.rb
2019-03-19 15:08:51 +01:00
c9dcdf1b66
new error logic
2019-03-19 14:58:31 +01:00
65fab88a2e
Add IBM BigFix Sites Packages Enum
2019-03-19 08:51:00 -05:00
98a7938837
Update splunk_upload_app_exec.rb
2019-03-19 14:42:56 +01:00
aff77e58bf
Update modules/exploits/multi/http/splunk_upload_app_exec.rb
...
Co-Authored-By: avanzo <matteo@malvica.com>
2019-03-19 13:57:19 +01:00
109b2bcf7e
Update modules/exploits/multi/http/splunk_upload_app_exec.rb
...
Co-Authored-By: avanzo <matteo@malvica.com>
2019-03-19 13:46:57 +01:00
f98ad82583
Update modules/exploits/multi/http/splunk_upload_app_exec.rb
...
Co-Authored-By: avanzo <matteo@malvica.com>
2019-03-19 13:46:44 +01:00
983442d690
Update splunk_upload_app_exec.rb
2019-03-18 19:04:45 +01:00
3316e8c4bf
fixed standard payload syntax
2019-03-18 19:00:33 +01:00
2f1ee95073
Update splunk_upload_app_exec.rb
2019-03-18 15:11:04 +01:00
7a31fc2d17
added splunk 7.2.4 support
2019-03-18 09:12:00 +01:00
a1e6d4d19a
Update note about staging payloads over HTTPS
2019-03-16 13:36:58 -05:00
14febf69aa
add no cleanup to jtr modules
2019-03-16 11:39:59 -04:00
621fa8e4db
Fix issues and refactor module
2019-03-16 00:38:48 -05:00
0fa2d985e7
Add Jenkins ACL bypass and metaprogramming RCE
2019-03-16 00:32:36 -05:00
f2edda207f
Land #11382 , Added BMC Patrol Agent Command Exec Module
2019-03-15 13:21:06 -05:00
82f0c9e9ee
Land #11385 , Add Webmin Upload Exec
2019-03-15 08:15:49 -05:00
5abfc2c136
Add Module Doc
2019-03-14 13:46:34 -05:00
fa3e84f764
Cleanup and Add Option
2019-03-14 13:26:41 -05:00
1d586e46c0
Use MIME for form
2019-03-14 10:13:48 -05:00
1e00c28701
Checked the functionality of module. Added ability to connect via HTTPS.
2019-03-14 15:54:02 +01:00
9a32231cb5
Change upload and add option
...
Change the contents of the uploaded file and
don't overwrite and existing file by default.
Add option to specify name of file.
2019-03-14 09:34:55 -05:00
926d5842a2
Land #11547 , Add Total.js Directory Traversal module
2019-03-12 16:31:21 -05:00
bd1cd7fae8
Bug and style fixes
...
webmin RCE
2019-03-12 10:54:43 -05:00
e906ecb163
Add a function to check extensions
2019-03-11 22:23:11 +01:00
5ee43d43d6
Land #11544 , add reregister_tcp/udp_options
2019-03-11 15:49:23 -05:00
a4c1181b9f
Land #11545 , Add elFinder Command Injection
2019-03-11 15:01:46 -05:00
8822b82a28
Refactory and fix
2019-03-10 22:39:27 +01:00
14e0643962
Refactory and fix
2019-03-10 19:33:08 +01:00
0a5964d2a4
Add Total.js Directory Traversal module
2019-03-10 18:47:53 +01:00
eb6f0d5620
Add Total.js Directory Traversal module
2019-03-10 17:57:24 +01:00
59fc1ec7ab
Rubocop changes
2019-03-09 12:22:04 -05:00
6d14a53c80
Update tested versions
2019-03-09 04:41:51 +00:00
9aa01c9ed2
Add elfinder_php_connector_exiftran_cmd_injection exploit
2019-03-09 03:24:18 +00:00
172a984d60
add deregister_tcp/udp_options
2019-03-08 16:04:32 -06:00
7c97ca6a8e
Land #11535 , add deregister_http_client_options
2019-03-07 18:16:14 -06:00
cf19a711fd
Land #11427 , Add Fortinet SSL VPN Bruteforce Login Utility
2019-03-07 12:25:41 -06:00
468679f907
Land #11092 , Add FreeBSD 8.3 / 9.0 Intel SYSRET Privilege Escalation module
2019-03-06 19:50:08 -06:00
9ca5ac294d
Land #10012 , Add an Android module to run payloads with su on a rooted device
2019-03-06 19:46:33 -06:00
433af12942
add deregister_http_client_options
2019-03-06 19:37:56 -06:00
7347db65a6
Land #11534 , fix module title for sonicwall_xmlrpc_rce
2019-03-06 17:44:39 -06:00
eb15c457fe
Land #11524 , remove some unused bits from modules
2019-03-06 17:43:20 -06:00
8b251934ab
remove mixin, just register the options
2019-03-06 17:42:27 -06:00
d923e1fb84
Land #11523 , remove unneded RHOST reregister in scanners
2019-03-06 17:35:54 -06:00
d67bfdfea4
Fix module heading and typo
...
The newline in the name breaks the msfconsole output
2019-03-07 10:29:15 +11:00
RatioSec Research
William Vu
Brent Cook
h00die
7043mcgeep
Wei Chen
fabiocogno
asoto-r7
Brendan Coles
Shelby Pace
rwincey
wilfried
Jacob Robles
PietroBiondi
blightzero
Shelby Pace
Matteo Malvica
Patrick Webster