dcff4d37b6
Land #17163 , Pfsense PfBlockerNG RCE module check method improvement
...
Merge branch 'land-17163' into upstream-master
2022-12-01 09:25:18 -06:00
330cb2944b
fix typo
...
OptString.new('FILENAME', [true, 'The OpoenOffice Text document name', 'msf.odt']) -> OpoenOffice changed to OpenOffice
2022-11-30 22:10:18 +01:00
d3057f15b2
Land #17275 , Add Exploit For CVE-2022-41082 (ProxyNotShell)
2022-11-30 18:16:19 +01:00
8ea8e2410d
Land #17299 , Fixes #17227
...
Fixes #17227 - polkit_dbus_auth_bypass module when run from a command…
2022-11-28 16:22:52 -05:00
5d3cfa69b8
Land #17210 , add ParseError rescue to snmp modules
...
snmp_enum, snmp_enumshares and snmp_enumusers now rescue
SNMP ParseErrors
2022-11-28 15:37:02 -05:00
3462dc6bf4
Land #17087 , remote control collection rce
...
Merge branch 'land-17087' into upstream-master
2022-11-28 14:29:52 -06:00
264d45e04a
Appease rubocop
2022-11-28 10:16:55 -05:00
f24df8a051
Change an exception class and drop DOMAIN passing
2022-11-28 10:06:14 -05:00
9aa1a84b3a
added target uri in to "Authorization not requested" error message
2022-11-27 15:35:34 +03:00
25a0d0ff0e
Fixes #17227 - polkit_dbus_auth_bypass module when run from a command shell
2022-11-25 15:13:57 +11:00
6350daf2d8
Land #17273 , F5 exploit module CVE-2022-41800
...
F5 exploit module CVE-2022-41800 (authenticated RCE in RPM code)
2022-11-23 17:57:18 -05:00
cbb50ed902
Remove non-functioning Arch'es
2022-11-23 10:42:07 -08:00
3f58bfe11e
Check that the target is Exchange Server 2019
2022-11-23 10:47:10 -05:00
6446c1425b
Land #17283 , enum_psk: Cleanup
2022-11-22 12:28:55 +00:00
6c76fd7beb
Land #17284 , modules/post/linux/gather: Use Post::Linux::System.get_hostname method
2022-11-22 11:55:47 +00:00
7227bec259
set autocheck false
2022-11-21 15:53:37 -05:00
8c9e2c9fc7
Add check method, update hosting IP/port
2022-11-21 15:53:37 -05:00
d141efcbfe
screen effects
2022-11-21 15:53:37 -05:00
181b8e4eea
review comments
2022-11-21 15:53:37 -05:00
d4536b24a6
remote control collection rce
2022-11-21 15:53:37 -05:00
ed99f2f67f
Bypass EEMS M1
2022-11-21 11:13:16 -05:00
651dd68439
tor_hiddenservices: Check locate command exists
2022-11-21 01:07:50 +11:00
2dbd2043ec
modules/post/linux/gather: Use Post::Linux::System.get_hostname method
2022-11-21 00:46:44 +11:00
ad36f28ec1
enum_psk: Cleanup
2022-11-21 00:28:34 +11:00
8ca7550062
Land #17257 , Adding exploit for ChurchInfo 1.2.13-1.3.0 RCE (CVE-2021-43258)
2022-11-18 19:27:10 -06:00
237eb904d4
Add in fixes for documentation examples and then update the code to fix some bugs
2022-11-18 18:30:07 -06:00
85a6770973
Add additional checks, a check method, and fix up some doc errors
2022-11-18 18:22:06 -06:00
b9ecdb3bc2
Use TARGETURI, registered cleanup, implment cookie_jar, and perform response checks and documentation
2022-11-18 18:21:27 -06:00
a33a313544
Adding exploit for ChurchInfo 1.3.0
2022-11-18 18:21:08 -06:00
3d5708e3e6
Land #17271 , add f5 big-ip csrf exploit
2022-11-18 16:19:09 -06:00
8b30ff3dce
remove CmdStager inclusion
2022-11-18 16:18:25 -06:00
29d57dde66
Consolidate into ProxyMaybeShell
2022-11-18 17:01:01 -05:00
fc7594dbc8
Add exploit for CVE-2022-41082 AKA ProxyNotShell
2022-11-18 17:00:27 -05:00
20e1788d97
Land #17145 , Add hashes option and better error handling to wmiexec
...
Merge branch 'land-17145' into upstream-master
2022-11-18 10:16:33 -06:00
d1a7170020
Land #17021 , Gitea Git fetch RCE module - CVE-2022-30781
2022-11-17 12:28:29 +01:00
11541a5774
Add comment for details about the string substitutions on Windows
2022-11-17 12:25:52 +01:00
7ebf84c66b
Add URLs
2022-11-16 12:20:37 -08:00
20e6c1b55e
Add URLs
2022-11-16 12:19:16 -08:00
d0e109b842
Check in exploit module for CVE-2022-41800
2022-11-16 12:04:18 -08:00
99e661cfcf
Check in exploit script for CVE-2022-41622 (CSRF into SOAP)
2022-11-16 11:58:15 -08:00
1ddc137f1a
Update module
...
- adjust execute_command method and add logic for :win_dropper target
- move cmdstager uripath setting into target case statement
- add more cmdstagerflavour for :linux_dropper target
- fix lint msftidy
2022-11-15 22:30:45 +07:00
cbca2a5604
Update modules/exploits/multi/http/gitea_git_fetch_rce.rb
...
apply suggestion
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2022-11-15 22:17:59 +07:00
494c9601ca
Land #17222 , Pre-authenticated Remote Code Execution in VMware NSX Manager using XStream [CVE-2021-39144]
2022-11-15 14:16:14 +01:00
eff9a16e00
Use the access mask data type
...
Also switch from bit16 to uint16 so it's little endian.
2022-11-14 12:27:38 -05:00
59535b6799
remove 'is'
2022-11-12 16:19:50 -05:00
70669f3fea
addressed code improvement suggestions
2022-11-12 10:21:43 +00:00
72080910e7
Update modules/exploits/linux/http/vmware_nsxmgr_xstream_rce_cve_2021_39144.rb
...
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com >
2022-11-12 09:22:06 +01:00
85b4512292
Update modules/exploits/linux/http/vmware_nsxmgr_xstream_rce_cve_2021_39144.rb
...
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com >
2022-11-12 09:21:55 +01:00
5d314e5799
Update modules/exploits/linux/http/vmware_nsxmgr_xstream_rce_cve_2021_39144.rb
...
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com >
2022-11-12 09:21:42 +01:00
04d6a310af
Update modules/exploits/linux/http/vmware_nsxmgr_xstream_rce_cve_2021_39144.rb
...
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com >
2022-11-12 09:16:46 +01:00
bwatters