Brendan
f2b9498643
Land #7576 , Fix RHOSTS use in auxiliary/scanner/ftp/titanftp_xcrc_traversal
2016-11-17 13:06:29 -06:00
Jin Qian
c03f35ef13
Fix the hanging of module auxiliary/scanner/ftp/titanftp_xcrc_traversal.rb
...
Thanks for Wei who pointed out the error: in store_loop call, it used "rhosts", should have been ip.
2016-11-17 10:08:59 -06:00
Cantoni Matteo
c9b9be9328
Update open_proxy aux module
2016-11-17 15:44:03 +01:00
Cantoni Matteo
b3b89a57b5
Add WordPress Symposium Plugin SQL Injection module
2016-11-17 15:04:53 +01:00
Cantoni Matteo
30f7006b5b
Fixed typos of an old commit
2016-11-17 14:39:33 +01:00
wchen-r7
c0af5b690d
Land #6638 , add local exploit module to execute payload w/ stealth
2016-11-16 16:25:15 -06:00
wchen-r7
e1ff37f3eb
Title change and handling Rex::TimeoutError exception
2016-11-16 16:23:44 -06:00
Brendan
18bafaa2e7
Land #7531 , Fix drb_remote_codeexec and create targets
2016-11-16 12:58:22 -06:00
OJ
be2aabb873
Merge updates to mettle stages from acammack-r7
2016-11-16 19:13:20 +10:00
wchen-r7
7b83720b90
Bring #6638 up to date
2016-11-15 12:27:05 -06:00
wchen-r7
f50e609d12
Land #7556 , Prevent psexec_command from dying when one host errors
2016-11-15 12:17:01 -06:00
wchen-r7
e5d3289c18
Fix name for exception
2016-11-15 12:14:58 -06:00
Brent Cook
b56b6a49ac
Land #7328 , Extend lsa_transname_heap exploit to MIPS
2016-11-15 07:37:19 -06:00
wchen-r7
fa9f2b340e
def setup isn't needed
2016-11-14 15:52:02 -06:00
wchen-r7
bab07b5691
Bring #7540 up to date
2016-11-14 14:59:21 -06:00
Jeffrey Martin
c458d662ed
report correct credential status as successful
2016-11-14 12:27:22 -06:00
Jeffrey Martin
4ae90cbbef
Land #7191 , Add exploit for CVE-2016-6267 - Trend Micro Smart Protection Server authenticated RCE.
2016-11-14 12:06:02 -06:00
William Webb
4e40546958
Land #7502 , Disk Pulse Enterprise Login Buffer Overflow
2016-11-14 10:28:53 -06:00
Brent Cook
4f323527c9
Land #7549 , Deprecate/move wp_ninja_forms_unauthenticated_file_upload
2016-11-14 03:00:02 -06:00
Pedro Ribeiro
908713ce68
remove whitespace at end of module name
2016-11-14 08:35:34 +00:00
Chris Higgins
4e9802786c
Removed spaces causing build to fail
2016-11-13 21:46:24 -06:00
Dylan Davis
a8a09261e1
Use files for rescue error, because left is not available
2016-11-11 21:49:06 -07:00
Pearce Barry
9eb9d612ca
Minor typo fixups.
2016-11-11 16:54:16 -06:00
Pearce Barry
1dae206fde
Land #7379 , Linux Kernel BPF Priv Esc (CVE-2016-4557)
2016-11-11 16:50:20 -06:00
David Maloney
8e3888f20c
the template ref in this module was missed
...
when we cleaned up all the other powershell template refs
we missed the one in this module which seems to e replicating
large ammounts of library code
7533
2016-11-11 14:24:33 -06:00
dmohanty-r7
2b5517f597
Land #7506 , Add gather AWS keys post module
2016-11-11 13:56:12 -06:00
Jenna Magius
db32c5fdcc
msftidy whitespace fixes
2016-11-11 10:28:37 -07:00
Dylan Davis
fddc2c221f
Catch the specific exception. Include the error code in the error message.
2016-11-11 10:24:05 -07:00
Dylan Davis
69a4a327b8
Add begin-rescue blocks that prevent individual hosts from bailing out a threaded multi-host execution
2016-11-11 10:15:36 -07:00
wchen-r7
8cd9a9b670
Deprecate wp_ninja_forms_unauthenticated_file_upload
...
wp_ninja_forms_unauthenticated_file_upload actually supports
multiple platforms.
Instead of using:
exploit/unix/webapp/wp_ninja_forms_unauthenticated_file_upload
Please use:
exploit/multi/http/wp_ninja_forms_unauthenticated_file_upload
2016-11-10 11:17:09 -06:00
scriptjunkie
268a72f210
Land #7193 Office DLL hijack module
2016-11-08 23:15:27 -06:00
Pedro Ribeiro
50f578ba79
Add full disclosure link
2016-11-08 22:15:19 +00:00
Yorick Koster
3c1f642c7b
Moved PPSX to data/exploits folder
2016-11-08 16:04:46 +01:00
Pedro Ribeiro
95bd950133
Point to proper link on github
2016-11-07 17:59:29 +00:00
Pedro Ribeiro
f268c28415
Create dlink_hnap_login_bof.rb
2016-11-07 17:45:37 +00:00
Chris Higgins
099a5984f9
Updated with style suggestions from msftidy and rubocop.
...
Also updated with commented from other contributors.
2016-11-07 10:18:52 -06:00
William Vu
4eb42a9171
Fix broken ternary in phoenix_command
2016-11-07 00:12:04 -06:00
Chris Higgins
689fc28d1b
Added WinaXe 7.7 FTP client Server Ready buffer overflow
2016-11-06 23:35:16 -06:00
Tijl Deneut
92964c1f95
Update phoenix_command.rb
2016-11-06 21:22:54 +01:00
Tijl Deneut
2c2729f0b2
Update phoenix_command.rb
...
Coded was messed up by MS Edge, don't use it :)
2016-11-06 21:21:20 +01:00
Tijl Deneut
1b4409f950
Update phoenix_command.rb
...
Style fix: replace "ractionport == nil ?" with "ractionport.nil?"
Is it OK? Did not find time to install and run rubocop ...
2016-11-06 21:15:31 +01:00
Tijl Deneut
4ea9214466
Fixed a small bug
2016-11-06 16:20:55 +01:00
朱雄宇
e9d85750c2
fix get_ipv4_addr(@interface) usage
...
get_ipv4_addr(@interface) returns a string not list, so get_ipv4_addr(@interface)[0] only got the first character of IP, which raises an error.
2016-11-06 19:04:57 +08:00
William Vu
da356e7d62
Remove Compat hash to allow more payloads
2016-11-04 13:57:05 -05:00
William Vu
f0c89ffb56
Refactor module and use FileDropper
2016-11-04 13:57:05 -05:00
William Vu
6d7cf81429
Update references
2016-11-04 13:57:05 -05:00
William Vu
009d6a45aa
Update description
2016-11-04 13:57:05 -05:00
William Vu
bf7936adf5
Add instance_eval and syscall targets
2016-11-04 13:57:05 -05:00
OJ
4bf966f695
Add module to bypassuac using eventvwr
...
This module was inspired by the work done by Matt Nelson and Matt
Graeber who came up with the method in the first place. This works
nicely on a fully patched Windows 10 at the time of writing.
2016-11-05 04:41:38 +10:00
Jon Hart
5b810fae41
Update atg_client to identify responses that indicate the command was not understood
2016-11-04 10:12:02 -07:00
wchen-r7
ca5610ccde
Land #7511 , Update jenkins_script_console to support newer versions
2016-11-04 11:24:25 -05:00
OJ
e5ea4a53d3
Fix typo in windows cred phish module
2016-11-04 13:26:10 +10:00
OJ
b0970783ff
Another interim commit moving towards universal handlers
2016-11-04 13:25:02 +10:00
William Vu
5ed030fcf6
Land #7529 , nil.downcase fix for tomcat_mgr_deploy
...
Don't think it was ever needed, since the password is case-sensitive.
Fixed a minor merge conflict where PASSWORD became HttpPassword.
2016-11-03 15:39:46 -05:00
Jin Qian
2f8d3c3cf3
Remove the bug where downcase() is invoked on password which is optional and can be empty.
2016-11-03 15:23:19 -05:00
Brendan
dae1f26313
Land #7521 , Modernize TLS protocol configuration for SMTP / SQL Server
2016-11-03 12:56:50 -05:00
William Vu
eca4b73aab
Land #7499 , check method for pkexec exploit
2016-11-03 10:59:06 -05:00
William Vu
1c746c0f93
Prefer CheckCode::Detected
2016-11-03 11:14:48 +01:00
William Vu
2cdff0f414
Fix check method
2016-11-03 11:14:48 +01:00
Brendan
5169341f62
Land #7522 , Fix psh template to avoid 100% cpu spike on CTRL+C
2016-11-02 16:40:34 -05:00
OJ
7895ba810d
Update payload cached size for the powershell payload
2016-11-03 02:50:13 +10:00
OJ
cc8c1adc00
Add first pass of multi x86 http/s payload (not working yet)
2016-11-03 02:44:53 +10:00
William Vu
a651985b4f
Land #7498 , Joomla account creation and privesc
2016-11-01 22:46:36 -05:00
William Vu
f414db5d6d
Clean up module
2016-11-01 22:46:28 -05:00
OJ
494b4e67bd
Refactor http/s handler & payloads
...
This commit moves much of the platform-specific logic from the
reverse_http handler down into the payloads. This makes the handler
a bit more agnostic of what the payload is (which is a good thing).
There is more to do here though, and things can be improved.
Handling of datastore settings has been changed to make room for the
ability to override the datastore completely when generating the
payloads. If a datastore is given via the `opts` then this is used
instead otherwise it falls back to the settings specified in the usual
datatstore location.
Down the track, we'll have a payload that supports multiple stages, and
the datastore will be generated on the fly, along with the stage itself.
Without this work, there's no other nice way of getting datastore
settings to be contained per-stager.
2016-11-02 11:33:59 +10:00
h00die
a924981369
Landing #7516 , X11 print fixes
2016-11-01 19:50:05 -04:00
Adam Cammack
a79f860cb7
Add UUIDs to mettle stages
2016-11-01 16:58:21 -05:00
Brendan
05e2aad837
Land #7497 , Add Kerberos domain user enumeration module
2016-11-01 14:34:47 -05:00
OJ
e4b4264d79
Fix psh template to avoid 100% cpu spike on CTRL+C
...
Fixes #7293
2016-11-02 05:19:52 +10:00
attackdebris
1b4cef10d1
Change creds_name to Kerberos
2016-11-01 17:59:51 +00:00
William Webb
31b593ac67
Land #7402 , Add Linux local privilege escalation via overlayfs
2016-11-01 12:46:40 -05:00
Brent Cook
f8912486df
fix typos
2016-11-01 05:43:03 -05:00
OJ
47ec362148
Small fixes for dbvis enum
2016-11-01 07:35:36 +10:00
William Vu
5c065459ae
print_{good,error} more specifically in open_x11
2016-10-31 11:29:00 -05:00
OJ
ffb53b7ca3
Tidy arch check in meterpreter inject
2016-11-01 01:51:12 +10:00
OJ
557424d2ec
Small tidy of the multiport_egress_traffic module
2016-11-01 01:46:58 +10:00
OJ
ec8536f7e9
Fix firefox module to use symbols where appopriate
2016-11-01 01:43:25 +10:00
OJ
b9bbb5e857
Replace regex use with direct string checks in dbvis module
2016-11-01 01:35:01 +10:00
OJ
3c57ff5c59
Avoid internal constants for bypassuac file path generation
2016-11-01 01:32:24 +10:00
OJ
6ce7352c45
Revert silly change in applocker bypass
2016-11-01 01:30:54 +10:00
OJ
3c56f1e1f7
Remove commented x64 arch from sock_sendpage
2016-11-01 01:29:11 +10:00
Pearce Barry
6b264ce6c4
Land #7508 , Fix typo PAYLOAD_OVERWRITE vs PAYLOAD_OVERRIDE
...
Fixes #7504 .
2016-10-30 17:58:43 -05:00
Alex Flores
45d6012f2d
fix check method
2016-10-30 14:57:42 -04:00
Spencer McIntyre
ccce361768
Remove accidentally included debug output
2016-10-29 18:46:51 -04:00
Spencer McIntyre
fa7cbf2c5a
Fix the jenkins exploit module for new versions
2016-10-29 18:19:14 -04:00
Konrads Smelkovs
f754adad0c
Fix typo PAYLOAD_OVERWRITE vs PAYLOAD_OVERRIDE
2016-10-29 11:20:32 +01:00
OJ
640827c24b
Final pass of regex -> string checks
2016-10-29 14:59:05 +10:00
OJ
57eabda5dc
Merge upstream/master
2016-10-29 13:54:31 +10:00
OJ
8b97183924
Update UUID to match detected platform, fail exploit on invalid session
2016-10-29 13:45:28 +10:00
OJ
0737d7ca12
Tidy code, remove regex and use comparison for platform checks
2016-10-29 13:41:20 +10:00
Jon Hart
8173e87756
Add references
2016-10-28 16:12:46 -07:00
Pearce Barry
5c12d55c84
Land #7484 , Add Telpho10 Credentials Dump Exploit
2016-10-28 17:41:46 -05:00
Pearce Barry
991a3fe448
Markdown docs added.
2016-10-28 17:38:00 -05:00
Jon Hart
96c204d1ea
Add aws_keys docs; correct description
2016-10-28 15:27:47 -07:00
OJ
751742face
Fix typo in arch check for inject script
2016-10-29 08:25:23 +10:00
OJ
1ca2fe1398
More platform/arch/session fixes
2016-10-29 08:11:20 +10:00
dmohanty-r7
d918e25bde
Land #7439 , Add Ghostscript support to ImageMagick Exploit
2016-10-28 17:07:13 -05:00
Jon Hart
7dea613507
Initial commit of module for snagging AWS key material from shell/meterpreter sessions
2016-10-28 14:48:55 -07:00
Jan Rude
971c8207bd
Update telpho10_credential_dump.rb
...
Code improvements suggested by @h00die
2016-10-28 16:45:14 -05:00
Jan Rude
c9574a4707
Update telpho10_credential_dump.rb
...
output correction
2016-10-28 16:44:52 -05:00
Jan Rude
05ee51a832
Update telpho10_credential_dump.rb
...
do not write to stdout
2016-10-28 16:44:40 -05:00
Jan Rude
fb534a9e85
add telpho10_exploit
...
telpho10 credential dump exploit
2016-10-28 16:44:27 -05:00
Jeff
5eca6866f2
Fix failing versions, specify version explicitly
2016-10-28 16:24:06 -05:00
Quentin Kaiser
c7b775ac1c
Fix detection following @bwatters-r7 recommendations. Remove safesync exploit that shouldn't be here.
2016-10-28 18:03:56 +00:00
Filipe Reis
88a2a770a3
Update to have checks in place
...
Add: added checks to the code
2016-10-28 11:24:39 +01:00
Chris Higgins
c153686465
Added Disk Pulse Enterprise Login Buffer Overflow
2016-10-27 21:49:17 -05:00
OJ
1d617ae389
Implement first pass of architecture/platform refactor
2016-10-28 07:16:05 +10:00
Brendan
9eaaba1dea
Added user logging into the db and humored rubocop
2016-10-27 15:50:17 -05:00
mr_me
16b7c77851
satisfying travis
2016-10-27 13:37:04 -05:00
mr_me
a8ab7b09b0
Added Bassmaster batch Arbitrary JavaScript Injection Remote Code Execution Vulnerability (CVE-2014-720)
2016-10-27 13:22:39 -05:00
attackdebris
c2af2ab214
Move kerberos_enumusers module to aux/gather & add documentation
2016-10-27 19:11:22 +01:00
Filipe Reis
88beea0c56
updating code
...
Fix: changing to seggested fixes
2016-10-27 14:30:59 +01:00
Julien (jvoisin) Voisin
23ab4f1fc1
Remove one last tab
2016-10-27 12:32:40 +02:00
Julien (jvoisin) Voisin
d9f07183bd
Please h00die ;)
2016-10-27 12:18:33 +02:00
Julien (jvoisin) Voisin
2ac54f5028
Add a check for the linux pkexec module
2016-10-27 10:28:13 +02:00
Filipe Reis
2851faefe8
Update module info
...
Fix: removed info that didn't belong
2016-10-27 03:11:38 +01:00
Filipe Reis
e522d7f5a4
Fixing issues regarding travis checks
...
Fix: EOL spaces;
2016-10-27 02:50:20 +01:00
Filipe Reis
8ad1c66bd3
Code update and file rename
...
Fix: clean up and improving code using all the comments.
Fix: rename file to a more meaning and more easy to search
2016-10-27 02:46:40 +01:00
Filipe Reis
0af47ef411
Fixing warning from travis checks
...
Fixing: Auxiliary modules have no 'Rank': Rank = ExcellentRanking
Fixing: Spaces at EOL
2016-10-26 23:29:17 +01:00
Filipe Reis
5a127886bb
Fixing issues regarding travis checks
...
Fixing unicode issues;
Fixing CVE format;
Fixing EOL spaces;
Fixing the way cookies are read.
2016-10-26 23:24:09 +01:00
Filipe Reis
94b05d7943
Joomla Account Creation and Privilege Escalation
...
This module allows to create an arbitrary account with administrative privileges in Joomla versions 3.4.4 through 3.6.3.
2016-10-26 23:11:38 +01:00
William Webb
9672759be8
Land #7462 , Add support for Unicode domains
2016-10-26 16:47:09 -05:00
attackdebris
18c3d42aca
This commit adds the kerberos_enumusers module
2016-10-26 20:56:41 +01:00
Brent Cook
1a1841d441
rebuilt metasploit-payloads without debug info
2016-10-26 05:43:36 -05:00
Brent Cook
ed35bf5011
remove unneeded badchars from payload specification
2016-10-26 04:47:33 -05:00
Jon Hart
342bfd628a
Dont' set default PORTS or PROBE options. Require user configuration.
2016-10-25 15:58:46 -05:00
Jon Hart
2a18ea0e33
Initial commit of generic module for detecting UDP amplification vulnerabilities
2016-10-25 15:58:46 -05:00
Louis Sato
f7f28a0833
Land #7480 , deprecation msg for udp_probe
2016-10-25 15:52:56 -05:00
David Maloney
6a31dad678
clean up some style guide issues with rubocop
...
applied rubocop to the module for some
tidying up
2016-10-25 11:24:32 -05:00
drforbin
94979f4541
changed formatting for else statements
2016-10-25 09:42:00 -05:00
drforbin
6f3c20069b
fixed formatting errors for travis
2016-10-25 09:42:00 -05:00
drforbin
0ec153eb9c
changed formatting, changed to OptPath. cleaned unneeded code
2016-10-25 09:41:59 -05:00
drforbin
3b9a441382
cleaned up write_target, and variables REXE
2016-10-25 09:41:59 -05:00
drforbin
c3ada74728
changed formatting to comform with travis
2016-10-25 09:41:59 -05:00
drforbin
0395d57512
formatting changes and design changes. tested
2016-10-25 09:41:58 -05:00
drforbin
337e3b6cce
added persistence_exe.rb to windows post modules
2016-10-25 09:41:58 -05:00
David Maloney
c00df4dd71
Land #6969 , Regsrv cmd delivery server module
...
This Lands kn0's PR for the Regsrv32 command delivery server
2016-10-24 11:46:59 -05:00
Jon Hart
7f65b28483
Deprecate udp_probe in favor of udp_sweep
2016-10-23 13:06:58 -07:00
Vex Woo
b5ba862e98
parse ipv4 / website info
2016-10-23 10:53:43 -05:00
Vex Woo
50284cf01b
parse domain/ip info from certificate
2016-10-23 10:33:17 -05:00
nixawk
c79c102998
remove unuse variable @uri
2016-10-21 23:59:09 -05:00
nixawk
893a6ef82e
add censys search module
2016-10-21 23:45:44 -05:00
Pearce Barry
51ffea3e03
Land #7470 , fixes bad file refs for cmdstagers
2016-10-21 14:01:04 -05:00
David Maloney
e442f5f76b
Land #7460 , zoomeye search module
...
typo in previous land commit
2016-10-21 13:48:28 -05:00
David Maloney
264fe7b8f8
Land #7460 , zoomeye search module
2016-10-21 13:47:46 -05:00
Pearce Barry
9a0307b0c0
Land #7369 , Panda Antivirus Priv Esc
2016-10-21 13:20:41 -05:00
David Maloney
6b77f509ba
fixes bad file refs for cmdstagers
...
when moving to the rex-exploitation gem some of the
file references were missed, partially due to silly differences
between how each file was referenced
Fixes #7466
2016-10-21 12:31:18 -05:00
David Maloney
05ffa0074c
Land 37460, zoomeye search module
...
Lands nixawk's zoomeye search aux module
2016-10-21 10:25:58 -05:00
nixawk
ada571bfdf
Fix login - check condition
2016-10-20 22:52:24 -05:00
nixawk
344b688ae5
remove ZoomEye_APIKEY, add (USERNAME / PASSWORD)
2016-10-20 22:48:01 -05:00
h00die
12e4fe1c5c
updated dlls and docs
2016-10-20 20:45:50 -04:00
nixawk
097a273abb
fix dork_search
2016-10-19 20:54:31 -05:00
nixawk
72b2ba2e88
replace [Net::HTTP] with [rex/proto/http]
2016-10-19 20:40:45 -05:00
nixawk
a77f415893
remove unuseful condition
2016-10-19 20:05:12 -05:00
nixawk
9f3f0fd358
make [matches_records] simple
2016-10-19 19:59:02 -05:00
Brendan
b5a41c3011
Convert ANSI data to UTF-8 char by char because MS might
...
put an invalid character in the WORKGROUP name during SMB
handshake
2016-10-19 17:42:26 -05:00
nixawk
fcc22d9027
add module references info
2016-10-19 02:23:11 -05:00
William Vu
2668a4a1cd
Fix #6993 , tnspoison_checker cleanup
2016-10-19 00:53:33 -05:00
nixawk
3630388e91
zoomeye search
2016-10-18 22:52:23 -05:00
wolfthefallen
684feb6b50
moved STAGE0 and STAGE1 into datastore
2016-10-18 11:47:38 -04:00
wolfthefallen
e806466fe3
correct carriage return and link issue
2016-10-17 10:31:39 -04:00
wolfthefallen
7e68f7d2a4
EmpirePowerShell Arbitrary File Upload (Skywalker)
2016-10-17 10:03:07 -04:00
h00die
0d1fe20ae5
revamped
2016-10-15 20:57:31 -04:00
OJ
25238f1a26
Update capcom exploit module to support Windows 10
2016-10-15 11:56:48 +10:00
William Webb
8e2ff8df80
Land #7433 , Add IP Addresses to HTTP PUT/DELETE scanner output
2016-10-14 13:27:17 -05:00
William Webb
5e7d546fa2
Land #7094 , OpenNMS Java Object Deserialization RCE Module
2016-10-14 13:19:11 -05:00
Brent Cook
cfddc734a8
Land #7286 , WiFi pineapple preconfig command injection module
2016-10-14 12:57:42 -05:00
Brent Cook
e05a325786
Land #7285 , WiFi pineapple command injection via authentication bypass
2016-10-14 12:57:05 -05:00
William Vu
1da40b5deb
Change HAVE_POPEN to USE_POPEN
...
PS target doesn't support it, so the option should be renamed.
2016-10-14 11:58:39 -05:00
Brent Cook
4c248ebe9e
Merge branch 'master' into land-7430-
2016-10-14 09:48:33 -05:00
Brent Cook
acec45c8b3
Land #7409 , CVE-2013-5093 Graphite Pickle Handling - Add Version Check
2016-10-14 08:54:57 -05:00
Brent Cook
9fbe1ddd9d
Land #7384 , CVE-2016-6415 - Cisco IKE Information Disclosure
2016-10-14 08:41:34 -05:00
h00die
12493d5c06
moved c code to external sources
2016-10-13 20:37:03 -04:00
OJ
022830634b
Rejig platform to use windows instead of win32/win64
2016-10-14 10:10:04 +10:00
William Vu
5b46e72aea
Update module logic
2016-10-13 17:40:16 -05:00
William Vu
6f4f2bfa5f
Add PS target and remove MIFF
2016-10-13 17:39:55 -05:00
William Vu
e70ba8110d
Update references
2016-10-13 17:35:55 -05:00
William Vu
88bb2e2295
Update description
2016-10-13 17:35:30 -05:00
wchen-r7
9e97febcd1
Land #7429 , Ruby on Rails Dynamic Render File Upload Remote Code Exec
2016-10-13 11:45:46 -05:00
nixawk
b74539be44
check if isakmp payload is same to IKE Leak data
2016-10-13 04:20:23 -05:00
Brent Cook
2014b2d2ab
Land #7432 , Fix erroneous cred reporting in SonicWALL exploit
2016-10-12 22:39:15 -05:00
Pearce Barry
a2a1d6c28a
Land #7411 , Add an HTA server module using Powershell
2016-10-12 13:05:40 -05:00
nixawk
7536d1d94a
print leak data
2016-10-12 02:42:50 -05:00
nixawk
70d4833654
Fix report_vuln
2016-10-12 02:16:00 -05:00
William Vu
e78d3d6bf0
Fix erroneous cred reporting in SonicWALL exploit
...
A session ID will be returned in the parsed JSON if the login succeeded.
Bad user:
{"noldapnouser"=>1, "loginfailed"=>1}
Bad password:
{"loginfailed"=>1}
Good user/password:
{"userid"=>"1", "sessionid"=>"4WJ9cNg1TkBrwjzX"}
2016-10-11 19:25:52 -05:00
Alton J
98d7b19ab9
Passed IP parameter to additional functions.
2016-10-11 15:09:50 -05:00
Alton J
acff0fa9cf
Added IP addresses to output.
2016-10-11 14:43:42 -05:00
Alton J
f0ff4a0721
Added IP addresses to output.
2016-10-11 14:42:06 -05:00
Spencer McIntyre
bd110430e9
Remove unnecessary require statements
2016-10-11 15:35:49 -04:00
mr_me
bd646ded1b
fixed the check function
2016-10-11 14:06:03 -05:00
Sonny Gonzalez
3fd806b87f
Merge remote-tracking branch 'upstream/pr/6993' into land-6993
2016-10-11 09:33:26 -05:00
mr_me
95017cea0c
Merge remote-tracking branch 'upstream/master' into rails
2016-10-11 08:31:33 -05:00
Brent Cook
157740ba06
update payload sizes
2016-10-11 07:01:17 -05:00
Tim
3d9cb7375c
store Android payload information in byte array
2016-10-11 14:41:32 +08:00
mr_me
d8f98ccd4e
run through msftidy
2016-10-10 22:36:20 -05:00
mr_me
f2252bb179
fixed a few things, thanks @h00die
2016-10-10 22:30:01 -05:00
mr_me
3c3f424a4d
added a some references
2016-10-10 17:56:03 -05:00
mr_me
bca3aab1db
added CVE-2016-0752
2016-10-10 17:36:20 -05:00
h00die
9d2355d128
removed debug line
2016-10-10 10:23:51 -04:00
h00die
2ad82ff8e3
more nagios versatility
2016-10-10 10:21:49 -04:00