979d7e6be3
improve module
2015-08-12 15:37:37 +02:00
2b225b2e7e
Added changes per feedback
...
Updated to include and use seh mixin
changed offset and space for reliability
got rand_text buffer junk working
removed double spaces and stupid fillers in file data
2015-08-12 01:34:45 -04:00
80f415074b
Land #5823 , mv local_exploit_{suggestor,suggester}
2015-08-11 13:52:55 -05:00
7f0d992914
Fixed name typo
2015-08-11 11:51:52 -05:00
4c28cae5d1
updated to include recommendation from @zerosteiner
2015-08-10 18:38:23 -04:00
203c231b74
Fix #5659 : Update CMD exploits payload compatibility options
2015-08-10 17:12:59 -05:00
76f6312fab
Fix #3916 Support 64 bits targets on enum_cred_store
2015-08-10 15:16:12 -05:00
5ff61ca5f3
Added modules to jailbreak and control remotely BusyBox based devices. It was added to a word list with default credentials typically used by commercial routers.
2015-08-10 18:29:41 +02:00
a611fff7bf
Use Rex::ThreadSafe.select on CVE-2015-1793
2015-08-08 07:43:39 -07:00
c8ba5bb90c
Land #5513 , @rcvalle's exploit for incomplete internal state distinction in JSSE
2015-08-08 07:41:53 -07:00
2707b3b402
Use Rex::ThreadSafe.select
2015-08-08 07:40:19 -07:00
a0eef3880a
Initialize version local variable
2015-08-08 07:35:37 -07:00
bb74b6fecb
Fix data reading
2015-08-08 07:18:01 -07:00
23f51bf265
specify junk data
2015-08-07 18:04:11 -04:00
28ad0fccbd
Added VideoCharge Studio File Format Exploit
2015-08-07 15:54:32 -04:00
6fe7672732
Improve Rex sockets usage
2015-08-07 00:11:58 -07:00
e96717950c
refactored
2015-08-06 08:18:26 -04:00
67f661823a
Land #5614 , @cldrn's module to collect lansweeper credentials
2015-08-04 16:55:49 -05:00
ed3f993b75
Do some style fixes
2015-08-04 16:41:15 -05:00
0e3434ebad
Fix metadata
2015-08-04 16:28:50 -05:00
7bb4f9479f
Added new reference and removed empty line.
2015-08-04 03:58:57 -03:00
d9b6e9cc58
Changed res condition and some words.
2015-08-04 03:44:25 -03:00
19ceccd93a
Added JSON parse output.
2015-08-04 03:13:11 -03:00
f4679f5341
Added WP Mobile Pack Info Disclosure Vuln - Functional Module.
2015-08-04 02:21:26 -03:00
d221e9d961
Added more references.
2015-08-03 02:46:54 -03:00
e59e4828e4
Removed unnecessary DEPTH option.
2015-08-02 22:56:17 -03:00
514849bcdc
Added WP Subscribe Comments File Read Vuln - Functional.
2015-08-02 21:24:52 -03:00
74ed8cf0c9
actually that didn't work
2015-08-02 18:57:13 -05:00
06754c36a4
unless, not if not
2015-08-02 18:51:23 -05:00
527eaea6ec
single quotes and some error handling
2015-08-02 18:25:17 -05:00
a33724667c
small code cleanup
2015-08-02 16:36:41 -05:00
830aee8aa5
check if cookie is actually returned, and if not, fail
2015-08-02 15:22:40 -05:00
a534008ba6
add some status lines
2015-08-02 15:03:59 -05:00
fe20bc88ad
remove badchars
2015-08-02 11:37:06 -05:00
f7ceec36d0
set default RPORT and SSL
2015-08-02 08:59:36 -05:00
a33dff637d
exploit cve 2015-1489 to get SYSTEM
2015-08-02 08:31:03 -05:00
12ac6d81fa
add markus as the discoverer specifically
2015-08-02 08:17:12 -05:00
e70ec8c07b
no need to store res for the later requests
2015-08-01 18:00:35 -05:00
272d75e437
check res before calling get_cookies
2015-08-01 17:58:41 -05:00
6f31183904
Fix VSS Persistance to check integrity level
2015-08-01 23:13:05 +01:00
47e86000ee
randomize the file names
2015-08-01 16:50:06 -05:00
2bfc8e59be
remove printline
2015-08-01 16:43:31 -05:00
0067d25180
add the sepm auth bypass rce module
2015-08-01 16:40:03 -05:00
a6a8117e46
Revert "Land #5777 , fix #4558 vss_persistence"
...
This reverts commit ba4b2fbbeaaffc86bfd9
2015-08-01 22:35:24 +01:00
c197e5224d
Store loot
2015-08-01 20:52:25 +01:00
deb6f5638e
Update WinSCP Gather
...
* Refactor parsing to common library to support command line tool
* Look in APPDATA not just ProgramFiles
* Iterate over user APPDATA
2015-08-01 20:44:14 +01:00
eab9b3bf5b
interpolation fix on secret
2015-08-01 14:39:12 -04:00
cebcf72a99
Add discoverer credit, blog ref, longer desc
2015-08-01 10:31:41 -05:00
ceb49a51a6
thanks @espreto for help
2015-08-01 11:11:37 -04:00
fcb7981199
Add BIND TKEY DoS
2015-08-01 06:01:35 -05:00
Christian Mehlmauer