William Vu
48ed8a72c2
Add helpful comment
2017-01-24 20:03:39 -06:00
William Vu
ec8add6caa
Always check and print status
2017-01-24 20:00:17 -06:00
William Vu
42a8e2a113
Remove extraneous variable
2017-01-24 19:50:31 -06:00
William Vu
97050a6c47
Fix nil bug in scan
2017-01-24 19:49:23 -06:00
Brent Cook
836da6177f
Cipher::Cipher is deprecated
2017-01-22 10:20:03 -06:00
Brent Cook
f69b4a330e
handle Ruby 2.4 Fixnum/Bignum -> Integer deprecations
2017-01-22 10:20:03 -06:00
wchen-r7
3155af679a
Fix a typo
2017-01-03 16:03:45 -06:00
Spencer McIntyre
cd90fd3b1c
Fix PHPMailer targets since 5.2.20 is not affected
2016-12-30 15:31:15 -05:00
Spencer McIntyre
1eab4b3a7d
Add an optional explicit triggeruri for phpmailer
2016-12-30 14:24:07 -05:00
Spencer McIntyre
64037b0d6e
Use a proper target instead of VERSION
2016-12-29 17:37:16 -05:00
Spencer McIntyre
c9dd7a50b6
Add the PHPMailer Argument Injection exploit
2016-12-29 17:17:06 -05:00
Brent Cook
005d34991b
update architecture
2016-11-20 19:09:33 -06:00
Brent Cook
f313389be4
Merge remote-tracking branch 'upstream/master' into land-7507-uuid-arch
2016-11-20 19:08:56 -06:00
wchen-r7
8cd9a9b670
Deprecate wp_ninja_forms_unauthenticated_file_upload
...
wp_ninja_forms_unauthenticated_file_upload actually supports
multiple platforms.
Instead of using:
exploit/unix/webapp/wp_ninja_forms_unauthenticated_file_upload
Please use:
exploit/multi/http/wp_ninja_forms_unauthenticated_file_upload
2016-11-10 11:17:09 -06:00
wchen-r7
ca5610ccde
Land #7511 , Update jenkins_script_console to support newer versions
2016-11-04 11:24:25 -05:00
William Vu
5ed030fcf6
Land #7529 , nil.downcase fix for tomcat_mgr_deploy
...
Don't think it was ever needed, since the password is case-sensitive.
Fixed a minor merge conflict where PASSWORD became HttpPassword.
2016-11-03 15:39:46 -05:00
Jin Qian
2f8d3c3cf3
Remove the bug where downcase() is invoked on password which is optional and can be empty.
2016-11-03 15:23:19 -05:00
Spencer McIntyre
ccce361768
Remove accidentally included debug output
2016-10-29 18:46:51 -04:00
Spencer McIntyre
fa7cbf2c5a
Fix the jenkins exploit module for new versions
2016-10-29 18:19:14 -04:00
OJ
57eabda5dc
Merge upstream/master
2016-10-29 13:54:31 +10:00
OJ
1d617ae389
Implement first pass of architecture/platform refactor
2016-10-28 07:16:05 +10:00
mr_me
16b7c77851
satisfying travis
2016-10-27 13:37:04 -05:00
mr_me
a8ab7b09b0
Added Bassmaster batch Arbitrary JavaScript Injection Remote Code Execution Vulnerability (CVE-2014-720)
2016-10-27 13:22:39 -05:00
David Maloney
6b77f509ba
fixes bad file refs for cmdstagers
...
when moving to the rex-exploitation gem some of the
file references were missed, partially due to silly differences
between how each file was referenced
Fixes #7466
2016-10-21 12:31:18 -05:00
wchen-r7
9e97febcd1
Land #7429 , Ruby on Rails Dynamic Render File Upload Remote Code Exec
2016-10-13 11:45:46 -05:00
William Vu
e78d3d6bf0
Fix erroneous cred reporting in SonicWALL exploit
...
A session ID will be returned in the parsed JSON if the login succeeded.
Bad user:
{"noldapnouser"=>1, "loginfailed"=>1}
Bad password:
{"loginfailed"=>1}
Good user/password:
{"userid"=>"1", "sessionid"=>"4WJ9cNg1TkBrwjzX"}
2016-10-11 19:25:52 -05:00
mr_me
bd646ded1b
fixed the check function
2016-10-11 14:06:03 -05:00
mr_me
d8f98ccd4e
run through msftidy
2016-10-10 22:36:20 -05:00
mr_me
f2252bb179
fixed a few things, thanks @h00die
2016-10-10 22:30:01 -05:00
mr_me
3c3f424a4d
added a some references
2016-10-10 17:56:03 -05:00
mr_me
bca3aab1db
added CVE-2016-0752
2016-10-10 17:36:20 -05:00
Pearce Barry
5de1d34869
Land #7341 , add module metasploit_static_secret_key_base
2016-09-23 09:20:48 -05:00
Brent Cook
9f3c8c7eee
Land #7268 , add metasploit_webui_console_command_execution post-auth exploit
2016-09-22 00:50:58 -05:00
Justin Steven
dcfbb9ee6a
Tidy info
...
Replace errant \t with \x20
2016-09-21 20:14:11 +10:00
Justin Steven
1e24568406
Tweak verbosity re: found secrets
2016-09-21 20:14:08 +10:00
Justin Steven
30d07ce0c7
Tidy metasploit_static_secret_key_base module
...
* Inline magic values
* Optimise out dead Rails3-specific code
2016-09-21 20:13:58 +10:00
Louis Sato
8b1d29feef
Land #7304 , fix rails_secret_deserialization popchain
2016-09-20 16:05:03 -05:00
Justin Steven
a1ca27d491
add module metasploit_static_secret_key_base
2016-09-20 07:04:00 +10:00
Justin Steven
116c754328
tidy Platform
2016-09-15 10:35:42 +10:00
Justin Steven
8a0c8b54fc
merge branch 'master' into PR branch
...
make Travis happy
2016-09-15 10:31:24 +10:00
Justin Steven
ff1c839b7d
appease msftidy
...
trailing whitespace
2016-09-15 08:18:43 +10:00
James Barnett
6509b34da1
Land #7255 , Fix issue causing Glassfish to fail uploading to Windows targets.
2016-09-14 12:57:41 -05:00
William Vu
8533e6c5fd
Land #7252 , ARCH_CMD to ARCH_PHP for phoenix_exec
2016-09-14 10:38:37 -05:00
Pedro Ribeiro
8d4ee3fac6
Forgot the bracket!
2016-09-13 19:01:22 +01:00
Pedro Ribeiro
41bdae4b84
update links and CVE on webnms_file_upload
2016-09-13 18:50:25 +01:00
Justin Steven
17bad7bd4f
fix popchain
...
ERB changed as per <https://github.com/ruby/ruby/commit/e82f4195d4 >
which broke the popchain used for code execution.
2016-09-13 21:25:14 +10:00
Justin Steven
6bafad44f2
drop 'require uri', tweak option text
2016-09-09 20:31:23 +10:00
Justin Steven
0b012c2496
Combine Unix and Windows modules
2016-09-09 20:28:13 +10:00
wchen-r7
445a43bd97
Trim the fat
2016-08-30 15:56:51 -05:00
wchen-r7
1b505b9b67
Fix #7247 , Fix GlassFish on Windows targets
...
Fix #7247
2016-08-30 15:46:08 -05:00