052d233bd9
Land #17006 , Gather_RedisDesktopManager_Password
...
Merge branch 'land-17006' into upstream-master
2022-10-03 15:10:30 -05:00
5f92d9418d
Modules: Fix Stability/SideEffects/Reliability notes for several modules
2022-10-01 17:54:59 +10:00
1c6ed2d9b4
Land #17070 , Grafana auth bypass enhancement
...
Remove unneccessary use of len cookie
2022-09-30 14:32:44 -04:00
ae1af7f543
Merge branch 'master' into upstream-master
2022-09-30 13:21:50 -04:00
9ad513dade
Land #16933 , Thycotic Secret Server post module
...
This PR adds a post exploitation module that exports
and decrypts Thycotic Secret Server credentials
2022-09-30 13:16:05 -04:00
f4d1430656
Land #17085 , Update ranking for nft_set_elem_init
...
Merge branch 'land-17085' into upstream-master
2022-09-30 12:04:41 -05:00
89ef91c9cd
Update ranking for nft_set_elem_init
2022-09-30 09:57:54 -05:00
38b05cb802
Updates deprecated method in rlogin module
2022-09-30 14:28:42 +01:00
9e74b9887d
Land #17048 , enum_tokens: Cleanup
...
Merge branch 'land-17048' into upstream-master
2022-09-29 15:58:46 -05:00
71231ec7e1
Land #17073 , fix broken sessions in rservices modules
2022-09-29 19:55:49 +01:00
3b150ab3db
Update modules/post/windows/gather/credentials/thycotic_secretserver_dump.rb
2022-09-29 13:58:54 -04:00
30e27d832e
Update modules/post/windows/gather/credentials/thycotic_secretserver_dump.rb
2022-09-29 13:58:30 -04:00
76c6632305
Land #16673 , qdPM 9.1 - Authenticated Remote Code Execution (CVE-2020-7246)
...
Merge branch 'land-16673' into upstream-master
2022-09-29 09:46:27 -05:00
730746f873
Fixes broken sessions in rservices modules
2022-09-29 09:44:29 +01:00
b0e3e95439
Minor Refactor: Remove unneccessary len(cookie)
2022-09-29 01:46:07 +05:00
379f303ea8
Land #17061 , Mobile Mouse Server RCE
...
This PR includes a module that uses default
configuration in Unified Remote to spawn a
run prompt and return a shell.
2022-09-28 10:48:41 -04:00
e27dbd2787
Land #16794,Add exploit for CVE-2022-34918
...
Merge branch 'land-16794' into upstream-master
2022-09-27 16:37:52 -05:00
547ab00a0e
review comments
2022-09-27 14:51:03 -04:00
8cbcc2f473
Land #17064 , Fix beagent sha auth linting
2022-09-27 16:50:23 +01:00
a05606ff33
Fix beagent sha auth linting
2022-09-27 16:23:05 +01:00
3170eac829
Land #16981 , enum_domain_tokens: Cleanup and fix group member retrieval
...
Merge branch 'land-16981' into upstream-master
2022-09-27 09:47:34 -05:00
2388f7e6c4
Land #17054 , Fix Adapted Single (Unstaged) Payloads
2022-09-27 11:54:04 +01:00
c436f42c8c
Land #16994 , Fix Multiple Registry Related Issues
2022-09-27 11:43:02 +01:00
bd586962e3
add check method
2022-09-26 17:51:07 -04:00
acba21a899
mobile mouse server exploit
2022-09-26 15:56:06 -04:00
61f576d3e1
mobile mouse server exploit
2022-09-26 15:45:42 -04:00
a48c2d9e72
Land #17033 , hikvision password reset via inproper authorization logic - CVE-2017-7921
2022-09-23 15:01:04 -05:00
0908006466
Land #16985 , wifi mouse rce - CVE-2022-3218
2022-09-23 14:46:49 -05:00
828cdb8862
Fix a typo
2022-09-23 14:20:18 -05:00
b62f163696
Update documentation on module and exploit a little more to make things a bit clearer
2022-09-23 14:08:18 -05:00
2958a43a6a
Update to reflect fact that bug is an improper authentication logic bug and to randomize password for auth parameter since it is ignored
2022-09-23 12:19:29 -05:00
2b5e85cd27
Land #17012 , Veritas Backup Agent RCE
...
This module exploits a chain of the vulnerabilities CVE-2021-27876,
CVE-2021-27877 and CVE-2021-27878 in Veritas Backup Exec Agent which
leads to remote code execution with privileges of system or root user
2022-09-23 12:31:46 -04:00
edc37835e5
Add more nil checks in, update some of the check code to catch an edge case, update notes to account for indicators of compromise, and fix some extra issues noticed on second round of review
2022-09-23 09:38:35 -05:00
9abe1649ff
Sanitize XML data prior to adding it to the XML POST request and also change the ID option to an integer from a string to match expectations
2022-09-23 09:38:35 -05:00
3ca34568c2
Clean up some of the documentation and module code and descriptions
2022-09-23 09:38:12 -05:00
37caf6dae5
removed exploit information from info section
2022-09-23 09:38:11 -05:00
a4a12d06bc
improved error handling
2022-09-23 09:38:10 -05:00
5ed7ff7f52
init commit module and documentation
2022-09-23 09:38:05 -05:00
425d58dd15
fix check methos output in Veritas BE rce
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2022-09-23 09:46:52 +03:00
04c897dbeb
Fix description info Veritas BE RCE
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2022-09-23 09:45:18 +03:00
a8210bfe70
add autocheck to veritas BE RCE
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2022-09-23 09:44:39 +03:00
5e2a6c9dba
Land #17015 , improve http login result checks
2022-09-23 01:28:59 +01:00
dd11156922
add new reference to bitbucket module
2022-09-22 16:14:18 -05:00
96d291121b
use model validator instead of setup check
2022-09-22 14:49:09 -05:00
83de0924f0
Move #generate_stage to #generate for singles
2022-09-22 12:55:41 -04:00
c74f480177
Land #17049 , enum_domain_group_users module clean up
2022-09-22 17:51:12 +01:00
8b601c9b17
If ForceExploit is set, skip calling module_check
2022-09-22 17:33:24 +02:00
93cad400e8
Update error message if the kernel offsets are not supported
...
Co-authored-by: Brendan <bwatters@rapid7.com >
2022-09-22 17:28:36 +02:00
0029628db8
Land #17051 , wmic_command module cleanup
2022-09-22 16:17:33 +01:00
12f3325f3e
Land #16732 , VIDIdial Multiple SQLi
...
This PR adds a module which exploits several
authenticated sqli in VICIdial
2022-09-22 10:47:42 -04:00
bwatters