efacaef9df
Clamp compatible payloads until we know better
2018-07-25 14:14:15 -05:00
86d634cb64
Update module for MVP
2018-07-25 12:01:36 -05:00
668bcb38cb
metadata setup
2018-07-25 11:29:47 -05:00
f5ccdcfcd2
Net SSH CommandStream fixes implemented
...
* Net::SSH::CommandStream typos fixed
* Net::SSH::CommandStream cleanup made more robust and refactored
* require 'net/ssh/command_stream' added to various modules
2018-07-25 11:22:28 -05:00
9fde9127ad
Land #10370 , minor CouchDB fix
2018-07-25 01:11:23 -05:00
d3b7dffcdc
Prefer res.body over res
2018-07-25 01:05:18 -05:00
bc89d7fe52
Land #10357 , CouchDB improvements and docs
2018-07-25 00:54:55 -05:00
625ea87ea9
Land #10368 , PhpMyAdmin Login Scanner Module
2018-07-24 23:25:27 -05:00
5df5ab30f6
Use store_valid_credential to save good credentials
2018-07-24 23:21:59 -05:00
efa3a77adc
modified name
2018-07-24 15:00:14 -05:00
4f81fcdc87
retn versions in chk_setup, tests to reflect, doc
2018-07-24 14:51:00 -05:00
976a3464e1
added phpmyadmin login scanner and aux module
2018-07-24 09:47:01 -05:00
dac5780feb
Land #10176 , creds data service CRUD operations
2018-07-23 23:36:32 -04:00
5d7f40d459
Land #10362 , Fix reporting in backup_file, add more docs
2018-07-23 18:22:35 -05:00
e3da0a6828
Merge branch 'master' into remote_creds_data
2018-07-23 16:39:13 -05:00
d2ed78570a
Land #10364 , Handle nil for shell_reverse_tcp_ipv6
...
This makes things like `msfvenom --list-options` or `info` when options
are not set work.
2018-07-23 14:02:14 -05:00
086af80509
Specify address family in shell_reverse_tcp_ipv6
2018-07-23 13:39:40 -05:00
cb0b90435d
Land #10349 , deconflict the method names in mix-ins
2018-07-23 13:38:46 -05:00
408dc7793f
Update aws_ec2_instance_metadata.rb
2018-07-23 10:00:12 +02:00
83ae5cb14d
fix backup_file.rb and add a few docs
2018-07-22 20:50:22 -04:00
2a969d70db
dicoogle
2018-07-21 21:31:45 -04:00
abfed97e03
remove EOL spaces
2018-07-21 11:21:11 -04:00
8b324c19d8
update couchdb scanner
2018-07-21 11:02:50 -04:00
0c906ed8d3
Update cached payload sizes
2018-07-19 17:58:45 -05:00
658267849b
deconflict the method names in mix-ins
2018-07-19 17:01:40 -05:00
65d42380d3
Merge branch 'master' into remote_creds_data
2018-07-19 16:25:06 -05:00
19239c72c0
Update cmsms_upload_rename_rce check and docs
2018-07-19 18:26:42 +00:00
28e3f3a5f0
Land #10327 , Add CMS Made Simple Upload/Rename Authenticated RCE
2018-07-19 12:18:12 -05:00
c5ac4c791f
Make changes based on community feedback
2018-07-19 12:17:02 -05:00
08290b81c0
Land #10282 , Add support for running external modules outside of msfconsole
2018-07-18 17:38:40 -05:00
b90583d07c
don't throw an exception in haraka checks if we cannot connect
2018-07-18 17:17:45 -05:00
0024cca3bf
Land #10328 , Log errors in Python ETERNALBLUE
2018-07-18 14:50:40 -05:00
70a1df70a1
Land #9753 , Linux BPF sign extension local privesc
2018-07-18 18:44:14 +08:00
4c4f0c1d3e
Update
...
Fixes for Kali linux 4.14 with ruby 2.3.
2018-07-18 10:42:51 +00:00
08e33cad0c
Spelling fix
2018-07-17 20:12:37 -05:00
20905d1ca1
Fix syntax error
2018-07-17 18:48:07 -05:00
a24666a00a
msftidy fixes
2018-07-17 18:28:33 -05:00
e5efa4faac
Make failures consistent
2018-07-17 17:35:52 -05:00
96f9e60e84
Swap return for sys.exit(1)
2018-07-17 17:25:38 -05:00
09d347ca33
Add missed sys.exit(1)
2018-07-17 16:31:57 -05:00
e1be94e568
Pass RPORT to sess_port in Impacket
2018-07-17 13:49:38 -05:00
0bdaa0e23a
Catch connection errors and module.log them
2018-07-17 13:49:34 -05:00
5650412cc2
Land #10317 , nil fix for enum_dns
2018-07-17 13:03:06 -05:00
677b22698d
Land #10273 , [clean up] iis_webdav_scstoragepathfromurl
2018-07-17 09:33:32 -05:00
1e004769ca
CMS Made Simple Upload/Rename Authenticated RCE
2018-07-17 09:00:39 -05:00
703f94d981
Check that /etc/rc.local is writeable
2018-07-17 12:52:51 +02:00
97e89cf3bb
Cleanup rc_local patching code
2018-07-17 12:49:55 +02:00
df32ab674d
Fix newline bad character
2018-07-17 12:48:26 +02:00
6bf184dbcf
Update tested versions
2018-07-17 06:24:16 +00:00
9a7c34e6e9
Land #10064 , Claymore Dual Miner API RCE
2018-07-16 18:02:20 -05:00
7df20539af
Fix msftidy
2018-07-16 11:55:37 +02:00
c84eb9fee9
Handle file patching on framework side
2018-07-16 11:54:37 +02:00
4f137f2f3f
rc.local persistence
2018-07-16 09:34:03 +02:00
8e1f68f384
Update ms15_034_http_sys_memory_dump.rb with VHOST
...
Added VHOST to cater to targets that require virtual hostname to be defined
2018-07-16 15:13:23 +08:00
7524af35ec
Check if IPRANGE was supplied - Fix #10316
2018-07-15 15:38:56 +00:00
134417b598
Account for nil
2018-07-14 10:44:09 -05:00
6e450973b9
Land #10295 , Add QNAP Q'Center change_passwd Command Execution exploit
2018-07-14 10:09:46 -05:00
18e65abc54
Fix link
2018-07-14 10:03:01 -05:00
9bdec97b2e
Fix bpf_sign_extension_priv_esc
2018-07-13 23:01:17 +00:00
72e5b94eb8
Land #10293 , fixup php/base64 and add docs for cmd/unix/reverse_bash
2018-07-13 17:15:22 -05:00
4e72dff791
Update module references
2018-07-14 05:03:13 +10:00
b40a146723
Land #10297 , Add priv escalation mod for CVE-2018-8897
2018-07-13 10:54:25 -05:00
f33d12676f
Added License, make msftidy happy, and include original cve project
...
readme document.
2018-07-13 10:19:41 -05:00
4fa2a4775d
Update the target check and added cleanup
2018-07-13 09:27:41 -05:00
9ba0a72ea1
Rename file
2018-07-13 01:11:37 -05:00
e1e8444188
Clean up ruby code for CVE-2018-8897
2018-07-13 01:06:21 -05:00
a020d48caf
Move module documentation to documentation directory
2018-07-13 04:46:25 +00:00
f02c05e530
This one is the same as cve_2018_8897_exe.rb
2018-07-12 22:09:44 -05:00
c9001699cd
Land #10027 , Hadoop unauthed command execution
2018-07-12 21:58:49 -05:00
50252c75d6
Clean up module
...
With a little rubocop -a.
2018-07-12 21:58:00 -05:00
2f37482535
Land #10278 , gitlist_arg_injection fixes
2018-07-12 19:03:52 -05:00
9080b38dcc
Add Axis camera exploit (VDOO research)
2018-07-12 18:46:49 -05:00
e613b2570a
Land #10299 , Add 88 CVEs to various auxiliary and exploit modules
2018-07-12 18:26:07 -05:00
88bbc50104
Utilize uniq to make char array more readable
...
Hat tip @bcoles.
2018-07-12 17:59:12 -05:00
cfcb77afd0
Rename to please msftidy
2018-07-12 17:41:06 -05:00
3546286049
Add missed ARCH_CMD to top-level Arch array
...
It's not necessary because of targets, but it's required for printing.
2018-07-12 17:37:06 -05:00
1a3a4ef5e4
Revised 88 aux and exploit modules to add CVEs / references
2018-07-12 17:34:52 -05:00
156b822401
First stab at cve-2018-8897
2018-07-12 17:31:53 -05:00
4b62f41369
Add QNAP Q'Center change_passwd Command Execution exploit
2018-07-12 20:00:17 +00:00
3dda19f3c6
Update documentation in cmd/unix/reverse_bash
...
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=146464
https://bugs.launchpad.net/ubuntu/+source/bash/+bug/215034
2018-07-12 13:29:33 -05:00
1f0535618d
Document bareword string deprecation in php/base64
2018-07-12 13:29:33 -05:00
378930e5f4
Prefer %w array over quoted array in php/base64
...
irb(main):001:0> ["(",")",".","_","c","h","r","e","v","a","l","b","s","6","4","d","o"] == %w{( ) . _ c h r e v a l b s 6 4 d o}
=> true
irb(main):002:0>
2018-07-12 13:29:33 -05:00
904de2dd09
Land #10238 , Add ManageEngine Exchange Reporter Plus RCE exploit
2018-07-12 16:07:32 +00:00
486225c2a8
Code review changes
...
Use target_uri, split url inside normalize function, replace print with vprint, return CheckCode::Appears
2018-07-12 14:27:28 +02:00
acb20e5a29
Land #9780 , CouchDB auth bypass and RCE
2018-07-12 03:36:17 -05:00
a08420e0d0
Land #10286 , Docker server version scanner
2018-07-12 03:08:41 -05:00
cce3b6f369
Clean up module
2018-07-12 02:57:14 -05:00
f53080ee60
Fix exploit and do final cleanup
2018-07-12 02:13:30 -05:00
167745c124
Selectively add RuboCop fixes
2018-07-11 22:49:46 -05:00
ccc3267166
Correct rubocop -a
...
We'll update .rubocop.yml later.
2018-07-11 22:49:46 -05:00
ca5e496b8f
Run rubocop -a
2018-07-11 21:40:19 -05:00
7d8b9a90d7
Add more reporting
2018-07-11 17:22:48 -04:00
30c43e22d9
Fix typo
2018-07-11 17:04:31 -04:00
bb8ac4a7ab
Add info & update_info
2018-07-11 16:52:16 -04:00
1ded8ffb29
Land #10260 , Add phpMyAdmin v4.8.1/4.8.0 LFI RCE
2018-07-11 11:10:52 -05:00
c26fcc0af1
Merge branch 'master' into remote_creds_data
2018-07-11 10:27:49 -05:00
1f0045fa03
Improve Description
2018-07-11 01:27:10 -04:00
00f4d3967c
Add basic reporting
2018-07-11 00:47:43 -04:00
d488b51264
Use peer instead of ip & port
2018-07-11 00:41:55 -04:00
5a89642ddd
Simplify the module greatly
2018-07-11 00:15:56 -04:00
ffc2f044cc
Remove lines that were not required
2018-07-11 00:04:44 -04:00
7b1e7eb085
Minor improvement to description
2018-07-11 00:04:12 -04:00
2b2029b487
Align Hashrockets
2018-07-11 00:03:26 -04:00
9491c63778
Fix several minor details
2018-07-10 23:56:05 -04:00
66c207a124
Remove timeout of 25 seconds
2018-07-10 23:53:13 -04:00
718606c9f2
Add Auxiliary module to enumerate the Docker Server Version
2018-07-10 19:34:49 -04:00
ef3ea2dd44
Land #10280 , Use default CheckCode in ETERNALBLUE
2018-07-10 17:39:42 -05:00
10cd6c99d9
Land #10231 , Monstra Fileupload Exec
2018-07-10 14:23:15 -05:00
07dca243ff
changed grammar, removed redundant code
2018-07-10 14:13:57 -05:00
1af360d7e0
Land #10108 , add IBM QRadar SIEM exploit
2018-07-10 11:52:32 -05:00
171fa562a3
added parsing for repos in Gitlist source
2018-07-10 11:32:46 -05:00
f64c9588e9
Undefine check method and let the base class do it
...
Preserve the to-do without rewording - should be enough.
2018-07-10 11:05:00 -05:00
1fddbdb8ef
Specify the `command` option external modules
2018-07-10 10:24:07 -05:00
533d87efa4
Return CheckCode::Unsupported in ETERNALBLUE
...
Defining a check method in the module overrides it.
2018-07-09 16:01:24 -05:00
5776b64a1b
modified exploit
2018-07-09 13:56:33 -05:00
64ec8e96cb
Land #10275 , Update missing CVE references for exploit modules
2018-07-09 13:26:18 -05:00
f5e40b14a3
removed double eval as suggested
2018-07-09 13:24:31 -05:00
4f039de2fc
Fix CVE numbers
2018-07-09 13:22:08 -05:00
4403a4ab47
Fix CVE number
2018-07-09 12:56:00 -05:00
7d8a95de9f
Fixed requested changes for PR
2018-07-09 12:44:38 -05:00
44b9798afb
modified regex, id=filesmanager lines
2018-07-09 10:55:29 -05:00
bbc16e1873
Merge branch 'master' into remote_creds_data
2018-07-09 09:49:14 -05:00
bf24ce847a
Fix token issues
2018-07-09 09:29:11 -05:00
bc33078e01
fixed comma
...
fixed comma
2018-07-09 12:27:58 +05:30
6f6ad86e2c
fix tab
...
fix tab and space.
2018-07-09 11:49:11 +05:30
aff39e65d5
Update missing CVE references for auxiliary modules
...
Based on existing references such as BID, OSVDB, blog posts, etc
2018-07-08 19:00:11 -05:00
5fc5a47cd2
Update CVE references for exploit modules
...
These are based on cross references by EDB, OSVDB, module short
name, blog post and BID.
2018-07-08 18:46:04 -05:00
f14d06b9d1
Fix ufo_privilege_escalation
2018-07-08 11:05:30 +00:00
a634e6347d
minor code cleanup
2018-07-08 06:09:38 +00:00
4a835b2493
fix warning, and version
...
fix warning, and version and indentation
2018-07-07 17:27:09 +05:30
1c448de882
Land #10107 , Add the scanner/smb/impacket/secretsdump module
2018-07-06 14:59:33 -05:00
b5fb970aec
Land #10133 , Add HID discoveryd RCE exploit
2018-07-06 14:32:29 -05:00
545e91af00
Land #10262 , Add GitList argument injection exploit module
2018-07-06 14:28:20 -05:00
82c74eb765
Small changes
2018-07-06 14:25:58 -05:00
b1456df757
made suggested changes
2018-07-06 12:48:38 -05:00
fe1b17684a
Add Targets and Session file inclusion
2018-07-06 12:17:26 -05:00
b4b7bf03da
Land #10171 , Implement desktop shell and screensaver post modules
2018-07-05 17:33:06 -05:00
970c164e06
fix undefined method capitalize error for array
2018-07-05 14:33:51 -07:00
5d0652fab1
changed inconsistent capitalization
2018-07-05 15:56:41 -05:00
2b452d5681
added documentation and check
2018-07-05 15:47:21 -05:00
cb078b9586
Drop database
2018-07-05 14:58:30 -05:00
05a0d79be7
Land #10219 , Add HP VAN SDN Controller exploit
2018-07-05 14:21:44 -05:00
43096d9d78
Add phpMyAdmin v4.8.1/4.8.0 LFI RCE
...
Module and Doc
2018-07-05 13:33:35 -05:00
53d5d82498
Rename module to match new vector
2018-07-05 13:31:16 -05:00
507fd22958
added http post and generating payload
2018-07-05 13:21:22 -05:00
762b4b5e53
Simplify creds auth by checking X-Auth-Token alone
...
It's a lot more direct than checking for the redirect.
2018-07-05 13:20:27 -05:00
2b069f45ca
Clarify how we're using the auth token for creds
...
In the service token's case, the service token *is* the auth token.
2018-07-05 13:05:23 -05:00
b00f0e87e0
Add SonicWall XML-RPC Remote Code Execution exploit module
2018-07-05 12:06:13 -05:00
a272dcabd7
Fix typos and additional updates regarding to review
2018-07-05 13:33:40 +01:00
3b8149216f
print a verbose error message
2018-07-04 23:20:58 +01:00
4c1c2e9288
Adding Micro Focus Secure Messaging Gateway RCE
2018-07-04 17:47:13 +01:00
41b0adad88
Use uninstall action command injection
2018-07-03 18:07:22 -05:00
7d0b8dee4a
making request for Gitlist source
2018-07-03 14:27:46 -05:00
a25a656d28
Add "E" to HP to make HPE for better searches
...
We'll stick with calling it HP everywhere else.
2018-07-03 10:29:09 -05:00
e1a9aae109
Add Wordress Arbitrary File Deletion module
2018-07-03 12:21:38 +02:00
5946245d87
avoid using SMBv2 on Windows XP Native Upload targets
2018-07-02 16:07:27 -05:00
2ec091931a
Land #10237 , Add Boxoft WAV to MP3 Converter exploit module
2018-07-02 14:01:27 -05:00
3e33a6f0a4
Update moduel boxoft_wav_to_mp3
2018-07-02 14:00:33 -05:00
1bf94ac448
Spruce up check method and related
2018-07-02 13:59:24 -05:00
12141136d7
Land #9896 , Java JMX Package Name Randomization
...
Land #9896
2018-07-02 13:41:39 -05:00
6e090acc76
Stop joking with timeouts
2018-07-02 13:18:31 -05:00
78ca4d4217
Finally use Msf::Util::EXE.to_zip 8)
2018-07-02 13:04:59 -05:00
2196640de4
Add manageengine_adshacluster_rce
...
Manage Engine Exchange Reporter Plus <= 5310 Unauthenticated RCE
2018-07-02 19:11:08 +02:00
54fce378fa
added target versions to documentation
2018-07-02 09:20:17 -05:00
aa3fcea377
update check method to print error message normaliy
2018-07-01 23:17:34 -04:00
c3b71d4642
Update mismatch indentation and others
2018-07-01 22:43:07 -04:00
70eb943b5a
Update monstra_fileupload_exec.rb
2018-06-30 13:40:12 +05:30
89ba960309
username and password values removed
...
username and password values removed
2018-06-30 12:47:13 +05:30
128438f444
Merge pull request #2 from touhidshaikh/monstra_fileupload_exec
...
Monstra fileupload exec
2018-06-30 12:03:14 +05:30
6ace45e312
Add correct IBM CVE
...
Turns out IBM decided to revisit the advisory and attribute 3 different CVE numbers intead of 1.
2018-06-30 12:06:16 +07:00
85dc81a58b
Land #10185 , add SMBv1/2 support in psexec
2018-06-29 17:49:27 -05:00
3b5555542c
add exploit module and documentation
2018-06-29 15:17:12 -05:00
78cefe0528
Clarify original exploit credit
...
It's definitely more than a PoC (exploit). It's weaponized.
2018-06-29 13:02:40 -05:00
34f303187f
Drop privesc retval, since it's obsoleted by print
2018-06-29 12:53:59 -05:00
fc3199259b
Land #9958 , Nagios xi 2 electric
2018-06-29 12:16:18 -05:00
dbb502ae19
Refactor code and address review comments
2018-06-29 12:13:15 -05:00
675a736ab7
Update Docs
2018-06-29 11:08:31 -05:00
574c47cba6
Change Ranking
...
Command to change the database user
account could cause a DoS condition
if the credentials are incorrect.
2018-06-29 10:56:18 -05:00
57b89444f3
Additional style fixes
2018-06-29 10:53:57 -05:00
c508a5f7f3
Land #10213 , Add FTPShell client 6.70 Stack Buffer Overflow exploit
2018-06-29 14:40:51 +00:00
1e148a8862
Update ftpshell_cli_bof.rb
2018-06-29 14:22:40 +01:00
7532490a1e
Style/Whitespace fixes
2018-06-29 07:02:45 -05:00
40ac79ced0
Land #10218 , MS17-010 Windows Embedded Standard 7
2018-06-28 16:11:56 -05:00
1854793253
Update ftpshell_cli_bof.rb
2018-06-28 13:01:13 +01:00
bd2fb56adf
Update ftpshell_cli_bof.rb
2018-06-28 12:55:48 +01:00
36a37cf6ab
Add HP VAN SDN Controller exploit
2018-06-28 02:14:04 -05:00
f3e3d0c30b
monstra_fileupload_exec.rb
...
Monstra CMS - Authenticated Arbitrary File Upload / Remote Code Execution CVE 2017-18048
2018-06-28 10:55:41 +05:30
a5c0881c08
add Windows Embedded Standard 7 support
2018-06-27 19:17:18 -06:00
54c2bc36e9
fix: invert if else order
2018-06-28 01:33:56 +02:00
e614805948
chore: fix msftidy
2018-06-28 01:27:51 +02:00
2a31958f6a
Bump metasploit_payloads-mettle to version 0.4.1
2018-06-27 17:55:08 -04:00
e17744df8d
Land #10215 , add support for payload estimation for IPv6-specific modules
2018-06-27 16:46:54 -05:00
25b9f97a32
Update cached payload size update to support IPv6
2018-06-27 16:26:41 -05:00
dbb0748c1c
Land #9998 , customizable golden ticket duration
2018-06-27 15:51:56 -05:00
d7770a98b2
s/Seperated/Separated/
2018-06-27 15:36:41 -05:00
ce7d4cd280
Land #10109 , Teradata login scanner and SQL runner
2018-06-27 15:35:57 -05:00
9d8294fcc9
Mark Teradata login scanner executable
2018-06-27 15:35:13 -05:00
8b2bd35659
Fixup option references in Teradata SQL
2018-06-27 15:34:29 -05:00
1dbcf0fd09
Cleanup Teradata SQL options
2018-06-27 15:12:21 -05:00
3985191e0f
Add `userpass` option to Teradata login scanner
2018-06-27 15:10:02 -05:00
ef309e0d5f
Fixup metadata whitespace
2018-06-27 15:09:23 -05:00
837427ccae
Update ftpshell_cli_bof.rb
2018-06-27 16:42:29 +01:00
4a4e38a7b0
FTPShell client 6.70 (Enterprise edition)
2018-06-27 16:37:22 +01:00
da22b36997
chore: fix typo
2018-06-27 17:16:38 +02:00
53f158ef4f
refactor: universal check, payload platform check
2018-06-27 17:11:47 +02:00
9c38c9f63c
Land #10207 , msftidy fixes
2018-06-26 14:38:57 -05:00
c5e7184fdb
Land #10199 , Kace Systems Management Command Injection
2018-06-26 10:11:10 -05:00
c4bf12cbe0
ntds_grabber msftidy fixes
2018-06-26 08:22:11 -05:00
00102a7413
oscommerce msftidy fix
2018-06-26 08:21:10 -05:00
76535b5e51
Check hidden val && check auth requirement
2018-06-25 17:24:13 -05:00
2fd0d797ac
psexec smb2 support
2018-06-25 15:06:23 -05:00
10c36bbd7d
modified get_creds, renamed make_request
2018-06-25 12:45:06 -05:00
81bdbd712c
added disclosureDate and modified style
2018-06-22 15:58:21 -05:00
510c2d04ef
add auxiliary module and documentation - SickRage
2018-06-22 11:18:02 -05:00
6d3c141553
Update patched version check
2018-06-22 15:08:19 +00:00
a71a5a10d5
Add Quest KACE Systems Management Command Injection
2018-06-22 08:07:18 +00:00
eaf043d30b
Land #10156 , WebKit, as used in WebKitGTK+ Crash - CVE-2018-11646
2018-06-21 16:28:37 -05:00
6dafb13f28
Module metadata cleanup
2018-06-21 15:10:47 -05:00
2f40b2cb45
address missed impacket dependency check
2018-06-21 13:56:17 -05:00
c4632f44aa
Fix windows
2018-06-21 16:46:15 +00:00
2008de4080
Support Windows screensaver and locking
2018-06-21 16:46:00 +00:00
38e1429879
Land #10189 , ETERNALBLUE updates
2018-06-20 23:53:20 -05:00
4bb6afb24e
Move dependency check so we can send our metadata
...
I missed this detail about the module.run method when adding the check.
Defining the metadata or where you put it doesn't matter so much as if
you're sending it over JSON-RPC.
2018-06-20 15:03:26 -05:00
8277a4da24
Add better targeting feedback
2018-06-20 12:41:22 -05:00
13a4b2e359
Add dependency check for Impacket
2018-06-20 12:22:17 -05:00
a8e9c20d6c
Make open works on windows
2018-06-20 09:23:57 +00:00
4c0ac00f38
Make screensaver works on OSX
2018-06-20 09:13:51 +00:00
a1176e011a
Land #10184 , Add sleepya's ETERNALBLUE exploit for Win8+
2018-06-19 17:34:38 -05:00
0820268d8a
Improve rank handling with shim logic
2018-06-19 16:46:20 -05:00
72432c200a
Land #10183 , Add auxiliary mod to exploit httpdasm dir traversal vuln
2018-06-19 14:56:36 -05:00
b315886f9b
Update option description
2018-06-19 14:55:53 -05:00
9be8aa6877
Be more verbose on error handling
2018-06-19 14:54:27 -05:00
a0189cc3f6
made suggested changes to module
2018-06-19 12:22:44 -05:00
9913606ed9
Correct rank and formatting in Haraka
2018-06-19 11:44:02 -05:00
9545bac809
Rename remote_exploit_generic template
...
Dropping "generic" from the name. I initially had some reservations
about leaving it in, and after discussion with @acammack-r7, we've
decided it adds nothing useful.
2018-06-19 11:43:56 -05:00
df4cee1d77
Fix PEP 8 in added code
2018-06-19 11:20:15 -05:00
781478b283
Document some things
2018-06-19 11:20:15 -05:00
ecea36c459
Convert PoC to external module
2018-06-19 11:20:10 -05:00
45e8adc617
Add sleepya's ETERNALBLUE exploit for Win8+
2018-06-18 11:41:57 -05:00
b78bb78f95
added auxiliary module and documentation
2018-06-18 10:25:33 -05:00
cb50d0fade
Land #9825 , Add 'phpMyAdmin Authenticated Remote Code Execution'
2018-06-18 08:51:53 -05:00
2e2ded22fc
Use Gem::Version
...
Simplify version comparisons
2018-06-18 08:35:47 -05:00
122ea2ddcb
Update module, Add docs
...
Changed the module to an exploit module and
added documentation.
2018-06-18 07:33:05 -05:00
351a0bd37f
Cleanup command execution code
2018-06-18 07:24:54 +00:00
a750aedb6b
Move xdg_screensaver to multi module
2018-06-18 07:19:52 +00:00
1f6b9a51ea
Remove useless import
2018-06-18 06:56:39 +00:00
8342751b05
Move xdg_open to multi module
2018-06-18 06:54:13 +00:00
ec88683ad2
Land #10165 , Fix missing RequestError in a few post modules
2018-06-15 15:38:49 -05:00
3e8bd83c29
Land #10172 , Rm duplicate word in agitum_outpost_acs description
2018-06-15 15:13:23 -05:00
2ded48a510
Merge branch 'master' into remote_creds_data
2018-06-15 10:26:10 -05:00
William Vu
Shelby Pace
Sonny Gonzalez
Wei Chen
Matthew Kienow
Brent Cook
James Barnett
Adam Cammack
asoto-r7
reka193
h00die
bwatters-r7
Brendan Coles
Tim W
Jacob Robles
Eliott Teissonniere
Sunny Neo
Kacper Szurek
Agora Security
Erin Bleiweiss
flandini
Touhid M Shaikh
thesubtlety
Mehmet İnce
Aloïs Thévenot
Green-m
Ishaq Mohammed
Pedro Ribeiro
Daniel Teixeira
zerosum0x0
phra
Jeffrey Martin