Commit Graph

771 Commits (f88e68da25be81e75e47b0c1aea9a9ae7431482f)

Author SHA1 Message Date
Pedro Ribeiro f88e68da25 fix msftidy stuff 2017-01-12 18:04:58 +00:00
Pedro Ribeiro 2827a7ea1a add 660v2 sploit 2017-01-12 17:50:57 +00:00
William Vu 1d6ee7192a
Land #7427, new options for nagios_xi_chained_rce 2016-11-30 17:11:02 -06:00
William Vu 3e8cdd1f36 Polish up USER_ID and API_TOKEN options 2016-11-30 17:10:52 -06:00
William Webb 6c6221445c
Land #7543, Create exploit for CVE-2016-6563 / Dlink DIR HNAP Login 2016-11-21 09:59:50 -06:00
Brent Cook 005d34991b update architecture 2016-11-20 19:09:33 -06:00
Brent Cook f313389be4 Merge remote-tracking branch 'upstream/master' into land-7507-uuid-arch 2016-11-20 19:08:56 -06:00
wchen-r7 4596785217
Land #7450, PowerShellEmpire Arbitrary File Upload 2016-11-17 17:47:15 -06:00
Jeffrey Martin c458d662ed
report correct credential status as successful 2016-11-14 12:27:22 -06:00
Jeffrey Martin 4ae90cbbef
Land #7191, Add exploit for CVE-2016-6267 - Trend Micro Smart Protection Server authenticated RCE. 2016-11-14 12:06:02 -06:00
Pedro Ribeiro 908713ce68 remove whitespace at end of module name 2016-11-14 08:35:34 +00:00
Pedro Ribeiro 50f578ba79 Add full disclosure link 2016-11-08 22:15:19 +00:00
Pedro Ribeiro 95bd950133 Point to proper link on github 2016-11-07 17:59:29 +00:00
Pedro Ribeiro f268c28415 Create dlink_hnap_login_bof.rb 2016-11-07 17:45:37 +00:00
Alex Flores 45d6012f2d fix check method 2016-10-30 14:57:42 -04:00
OJ 57eabda5dc
Merge upstream/master 2016-10-29 13:54:31 +10:00
Quentin Kaiser c7b775ac1c Fix detection following @bwatters-r7 recommendations. Remove safesync exploit that shouldn't be here. 2016-10-28 18:03:56 +00:00
OJ 1d617ae389
Implement first pass of architecture/platform refactor 2016-10-28 07:16:05 +10:00
wolfthefallen 684feb6b50 moved STAGE0 and STAGE1 into datastore 2016-10-18 11:47:38 -04:00
wolfthefallen e806466fe3 correct carriage return and link issue 2016-10-17 10:31:39 -04:00
wolfthefallen 7e68f7d2a4 EmpirePowerShell Arbitrary File Upload (Skywalker) 2016-10-17 10:03:07 -04:00
Brent Cook cfddc734a8
Land #7286, WiFi pineapple preconfig command injection module 2016-10-14 12:57:42 -05:00
Brent Cook e05a325786
Land #7285, WiFi pineapple command injection via authentication bypass 2016-10-14 12:57:05 -05:00
h00die 9d2355d128 removed debug line 2016-10-10 10:23:51 -04:00
h00die 2ad82ff8e3 more nagios versatility 2016-10-10 10:21:49 -04:00
Brendan 04f8f7a0ea
Land #7266, Add Kaltura Remote PHP Code Execution 2016-09-21 17:14:49 -05:00
Mehmet Ince 2d3c167b78
Grammar changes again. 2016-09-20 23:51:12 +03:00
Mehmet Ince 0f16393220
Yet another grammar changes 2016-09-20 19:48:40 +03:00
Mehmet Ince fb00d1c556
Another minor grammer changes 2016-09-20 19:23:28 +03:00
Brendan 251421e4a7 Minor grammar changes 2016-09-20 10:37:39 -05:00
Mehmet Ince 385428684f
Move module and docs under the exploit/linux/http folder 2016-09-20 12:45:23 +03:00
catatonic c06ee991ed Adding WiFi pineapple command injection via authenticaiton bypass. 2016-09-06 17:22:25 -07:00
catatonic 8d40dddc17 Adding WiFi pineapple preconfig command injection module. 2016-09-06 17:18:36 -07:00
Quentin Kaiser e4d118108a Trend Micro SafeSync exploit. 2016-09-06 19:33:23 +00:00
William Vu fed2ed444f Remove deprecated modules
psexec_psh is undeprecated because users have been reporting
idiosyncrasies between it and psexec in the field.
2016-09-03 12:43:01 -05:00
Pearce Barry 226ded8d7e
Land #6921, Support basic and form auth at the same time 2016-08-25 16:31:26 -05:00
wchen-r7 c64e1b8fe6
Land #7181, NUUO NVRmini 2 / Crystal / NETGEAR ReadyNAS Surveillance 2016-08-08 16:04:33 -05:00
wchen-r7 cb04ff48bc
Land #7180, Add exploit for CVE 2016-5674 / Nuuo / Netgear unauth RCE 2016-08-08 15:55:39 -05:00
Quentin Kaiser 1320647f31 Exploit for Trend Micro Smart Protection Server (CVE-2016-6267). 2016-08-08 18:47:46 +00:00
Pedro Ribeiro 3b64b891a6 Update nuuo_nvrmini_unauth_rce.rb 2016-08-05 21:53:25 +01:00
Pedro Ribeiro 746ba4d76c Add bugtraq reference 2016-08-05 21:53:08 +01:00
Pedro Ribeiro 2aca610095 Add github link 2016-08-04 17:38:31 +01:00
Pedro Ribeiro 7d8dc9bc82 Update nuuo_nvrmini_unauth_rce.rb 2016-08-04 17:38:14 +01:00
Pedro Ribeiro b48518099c add exploit for CVE 2016-5674 2016-08-04 16:55:21 +01:00
Pedro Ribeiro 0deac80d61 add exploit for CVE 2016-5675 2016-08-04 16:54:38 +01:00
wchen-r7 1e1866f583 Fix #7158, tiki_calendar_exec incorrectly reports successful login
Fix #7158
2016-07-28 17:03:31 -05:00
Brendan 4720d77c3a
Land #6965, centreon useralias exec 2016-07-26 15:02:36 -07:00
Brent Cook b08d1ad8d8
Revert "Land #6812, remove broken OSVDB references"
This reverts commit 2b016e0216, reversing
changes made to 7b1d9596c7.
2016-07-15 12:00:31 -05:00
Brent Cook 2b016e0216
Land #6812, remove broken OSVDB references 2016-07-11 22:59:11 -05:00
William Webb 52c6daa0f2
Land #7048, Riverbed SteelCentral NetProfiler and NetExpress Remote
Command Injection
2016-07-10 18:54:12 -05:00