6350daf2d8
Land #17273 , F5 exploit module CVE-2022-41800
...
F5 exploit module CVE-2022-41800 (authenticated RCE in RPM code)
2022-11-23 17:57:18 -05:00
cbb50ed902
Remove non-functioning Arch'es
2022-11-23 10:42:07 -08:00
8b30ff3dce
remove CmdStager inclusion
2022-11-18 16:18:25 -06:00
7ebf84c66b
Add URLs
2022-11-16 12:20:37 -08:00
20e6c1b55e
Add URLs
2022-11-16 12:19:16 -08:00
d0e109b842
Check in exploit module for CVE-2022-41800
2022-11-16 12:04:18 -08:00
99e661cfcf
Check in exploit script for CVE-2022-41622 (CSRF into SOAP)
2022-11-16 11:58:15 -08:00
70669f3fea
addressed code improvement suggestions
2022-11-12 10:21:43 +00:00
72080910e7
Update modules/exploits/linux/http/vmware_nsxmgr_xstream_rce_cve_2021_39144.rb
...
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com >
2022-11-12 09:22:06 +01:00
85b4512292
Update modules/exploits/linux/http/vmware_nsxmgr_xstream_rce_cve_2021_39144.rb
...
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com >
2022-11-12 09:21:55 +01:00
5d314e5799
Update modules/exploits/linux/http/vmware_nsxmgr_xstream_rce_cve_2021_39144.rb
...
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com >
2022-11-12 09:21:42 +01:00
04d6a310af
Update modules/exploits/linux/http/vmware_nsxmgr_xstream_rce_cve_2021_39144.rb
...
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com >
2022-11-12 09:16:46 +01:00
1ce8695401
Update modules/exploits/linux/http/vmware_nsxmgr_xstream_rce_cve_2021_39144.rb
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2022-11-12 09:16:30 +01:00
e38138d69e
Update modules/exploits/linux/http/vmware_nsxmgr_xstream_rce_cve_2021_39144.rb
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2022-11-12 09:16:17 +01:00
967388eba7
Update modules/exploits/linux/http/vmware_nsxmgr_xstream_rce_cve_2021_39144.rb
...
Agreed !
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2022-11-12 09:15:42 +01:00
da189041b4
randomized endpoint url
2022-11-07 08:16:54 +00:00
bf0ed5b513
fixed some typos in documentation
2022-11-05 15:36:42 +00:00
642a83bd0d
Updated module and added documentation
2022-11-05 15:14:31 +00:00
71d1c971a7
init commit module
2022-11-04 13:31:27 +00:00
197b37751b
Land #17174 , add FLIR AX8 command injection module
2022-11-01 12:41:01 -05:00
45ddcf02c9
Remove unused mix in, add low bound to check
2022-11-01 10:42:43 -05:00
2ed8dbc08d
Rubocop
2022-11-01 10:42:43 -05:00
4587691d64
Fixed module to work over SSL
2022-11-01 10:42:42 -05:00
3b645ad9f4
Moved get variables from uri to vars_get
2022-11-01 10:42:42 -05:00
c810a1f5aa
Update modules/exploits/linux/http/webmin_file_manager_rce.rb
...
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com >
2022-11-01 10:42:42 -05:00
ebf7496ee2
Update modules/exploits/linux/http/webmin_file_manager_rce.rb
...
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com >
2022-11-01 10:42:41 -05:00
0ede1ca94f
Update modules/exploits/linux/http/webmin_file_manager_rce.rb
...
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com >
2022-11-01 10:40:01 -05:00
d79515c3fe
Fix file cleanup
2022-11-01 10:40:00 -05:00
d1e1350ef9
Updated author
2022-11-01 10:40:00 -05:00
ad5b03ed96
Finished TODOs and added docs
2022-11-01 10:40:00 -05:00
9af689e130
draft module no docs
2022-11-01 10:40:00 -05:00
c400a97b63
beta commit
2022-11-01 10:39:59 -05:00
3d8e18c1cb
updated module with code suggestions space-r7
2022-10-25 16:38:15 +00:00
3e78229fc0
updated module and documentation
2022-10-25 13:33:52 +00:00
3bf4bd7d7d
Land #17162 , add RCE module for CVE-2022-35914
...
This PR adds an RCE module for the php code injection
present in GLPI versions 10.0.2 and below
2022-10-24 12:18:34 -04:00
3bbd05a11a
Update modules/exploits/linux/http/glpi_htmlawed_php_injection.rb
...
Co-authored-by: Brendan <bwatters@rapid7.com >
2022-10-24 11:48:33 -04:00
1c393dc596
init commit module and documentation
2022-10-21 12:50:46 +00:00
4cfbae63ac
Land #17114 , Add exploit for CVE-2022-41352 (zimbra cpio)
2022-10-20 15:10:42 +02:00
6039e54b75
For real, this time
2022-10-19 17:23:16 -05:00
78e8de826b
Sure; I can spell
2022-10-19 17:22:29 -05:00
238aa9058f
Fix Cmdstager flavor, complete info hash
2022-10-19 17:18:20 -05:00
56b8bf6302
Working draft for CVE-2022-35914
2022-10-19 14:33:33 -05:00
56d6f7747b
Remove some old code and update documentation with version info
2022-10-19 10:02:29 -07:00
9a35a5c8dd
Post patch info
2022-10-18 10:12:54 -07:00
6bdf0da994
Add a sanity check before generating the payload - prevents a confusing error if the server is down
2022-10-18 10:09:51 -07:00
1804e5ab60
Update modules/exploits/linux/http/fortinet_authentication_bypass_cve_2022_40684.rb
...
Co-authored-by: Brendan <bwatters@rapid7.com >
2022-10-18 00:51:28 +02:00
67bd118dd5
Update modules/exploits/linux/http/fortinet_authentication_bypass_cve_2022_40684.rb
...
Co-authored-by: Brendan <bwatters@rapid7.com >
2022-10-17 22:49:48 +02:00
7cdf8e181f
Update modules/exploits/linux/http/fortinet_authentication_bypass_cve_2022_40684.rb
...
Co-authored-by: Brendan <bwatters@rapid7.com >
2022-10-17 22:49:34 +02:00
b3a0d70688
Added prefer admin
...
- One can now say whether the auto-detect user method should prefer to return the admin or other random one.
2022-10-17 15:16:16 +02:00
5d99428c1d
Changed SSH key algorithm and fix bug on cleanup
...
- Prefer to use EC over RSA, only because it is smaller
- When there was no previous ssh key for such user the cleanup method was trying to overwrite the one on the index 0
2022-10-17 14:40:51 +02:00
Spencer McIntyre