d49b74d164
Land #16809 , Add exploit module for Advantech iView command injection - CVE-2022-2143
2022-08-18 17:19:14 +02:00
5cf7a2de92
Fix minor typos in the doc
2022-08-18 13:32:00 +02:00
f093794864
Added Cisco ASA ASDM/HTTP brute force module
2022-08-16 06:31:25 -07:00
dc4d3ff21b
Land #16881 , fix crash in forward_pageant module
2022-08-11 17:40:33 -05:00
a68986599d
Land #16841 , add enum_powershell_env cleanup
2022-08-10 14:00:59 -05:00
c54658b035
Land #16878 , Clean up enum_logged_on_users
...
Adds support for non-Meterpreter sessions, fixes
rubo-cop and msftidy_docs violations
2022-08-10 14:17:50 -04:00
06f0fffc20
Land #16856 , Webmin package updates RCE module
...
This module exploits an arbitrary command injection
in Webmin versions prior to 1.997.
2022-08-09 16:13:19 -04:00
0be211025e
Land #16873 , Cleanup and support non-meterpreter
...
This PR cleans up and adds support for non-meterpreter
sessions as well as adds documentation and error-handling
2022-08-09 15:34:21 -04:00
a8e73d9fa9
Land #16807 , New module for 0-day Zimbra privilege escalation
...
Merge branch 'land-16807' into upstream-master
2022-08-09 11:18:21 -05:00
38b845f247
Fix from code review
...
- Documentation typos
- Adding ARM64 support
2022-08-09 15:09:25 +02:00
0ac1a9d704
forward_pageant: Cleanup and fix default UNIX socket path
2022-08-08 12:56:52 +10:00
b2683981dc
enum_logged_on_users: Cleanup
2022-08-08 01:50:36 +10:00
6380c69775
enum_artifacts: Cleanup and support non-meterpreter sessions
2022-08-07 16:01:45 +10:00
c45262cd46
Land #16800 , Add support for OpenSSL 3
2022-08-05 14:20:51 -05:00
be25e1fc77
Add documentation
2022-08-05 13:55:05 -05:00
74eff9ffac
Land #16851 , Add Cassandra Web file read auxiliary module
...
Merge branch 'land-16851' into upstream-master
2022-08-05 13:04:07 -05:00
0334beada2
Land #16758 , add ManageEngine ADAudit Plus exploit
2022-08-05 12:19:42 -05:00
4202502992
make some prints vprints, add steps
2022-08-05 11:34:46 -05:00
7c21c57564
Merge branch 'master' into manageengine-adauditplus-cve-2022-28219
2022-08-04 14:07:50 -07:00
9c6a198453
Land #16796 , Path traversal vulnerability in RARLAB UnRAR < 6.12 with Zimbra RCE module
2022-08-04 19:44:57 +02:00
c244399f1f
Land #16857 , Add auxiliary gather module for Cisco PVC2300 camera information disclosure
2022-08-04 11:46:07 -04:00
af712d4a89
add docs, fix typo in module description
2022-08-04 16:58:39 +03:00
163d4d5b11
Land #16854 , Add CVE-2022-31660 VMware Workspace ONE Access LPE
...
Merge branch 'land-16854' into upstream-master
2022-08-03 16:50:12 -05:00
fd2b325e44
Land #16788 , SCADA scanner module for BACnet protocol
2022-08-03 19:46:03 +02:00
f65119b353
Support OpenSSL3 and run Ubuntu 22.04 in test matrix
2022-08-03 15:49:53 +01:00
449a7b71d5
Add module exploit and docs for the Webmin package updates RCE
2022-08-03 12:01:41 +02:00
a54d2402dc
Land #16844 , Cleanup and support non-Meterpreter sessions
...
Merge branch 'land-16844' into upstream-master
2022-08-02 16:30:42 -05:00
82182f7815
Land #16852 , Zoho PMP XML-RPC Unauth RCE module
...
Add in exploit module for CVE-2022-35405 aka Zoho
Password Manager Pro XML-RPC Unauthenticated RCE
2022-08-02 17:18:28 -04:00
8ed4293e9c
Add module docs for CVE-2022-31660
2022-08-02 16:42:08 -04:00
ada3be8f7b
Update options section in documentation
2022-08-02 14:13:25 -05:00
f0e62de46a
Add CVE-2022-35405 docs and module
2022-08-02 11:57:56 -05:00
9a4a590b27
Add Cassandra Web file read auxiliary module
2022-08-02 23:40:40 +07:00
1f7b3319a9
Changing readme file accordingly.
2022-08-01 13:43:26 +03:00
11a00fa1f2
post/multi/gather/env: Cleanup and support non-Meterpreter sessions
2022-08-01 13:37:15 +10:00
f324b8c24e
enum_powershell_env: Cleanup and support non-Meterpreter sessions
2022-08-01 00:56:21 +10:00
b00cadfbeb
Initial commit of MobileIron Core Log4Shell exploitation (CVE-2021-44228)
2022-07-29 10:31:15 -07:00
4e4a1da4e4
Add module docs for the split-up unrar modules
2022-07-27 13:24:29 -07:00
b4b5f31c3d
Add documentation
2022-07-26 10:48:18 -07:00
860cd38bbb
Add documentation
2022-07-26 10:23:24 -07:00
74496c1a29
Add in updated scenario documentation
2022-07-25 14:14:52 -05:00
72b1dbfeee
Remove code that could cause check method to fail, fix up some documentation errors and add in scenario, and generally address some review comments
2022-07-25 13:05:04 -05:00
1094ce95c0
Update roxy_wi_exec.md
2022-07-25 17:14:02 +00:00
bdf8defe53
Apply suggestions from code review
2022-07-25 16:03:09 +00:00
a6bdc5ea29
-Validating md file with msftidy_docs.
...
-Removing global variables, and calling data stored in datastore when required.
-Calling methods or variables instead of calling terminal commands.
-Some indentations.
-Using heredocs when handling multiple strings.
-Handling the case where LHOST does not contain IP address.
2022-07-24 18:51:53 +03:00
bc0b27e1e2
Apply suggestions from code review
...
Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com >
2022-07-22 12:58:46 +00:00
fc3b08fb8b
Apply suggestions from code review
...
Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com >
2022-07-22 12:51:40 +00:00
420e67aca9
Apply suggestions from code review
...
Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com >
2022-07-22 12:24:43 +00:00
628f5970b1
Apply suggestions from code review
...
Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com >
2022-07-22 12:24:26 +00:00
e1b0e871b3
add finished module and docs
2022-07-21 18:33:56 -05:00
135a25be4d
Tested and fixed problems
2022-07-21 11:42:18 +00:00
Christophe De La Fuente