d96d980a24
Land #19846 , module for CVE-2024-47407 MySCADA MyPro Manager
...
mySCADA MyPRO Manager Command Injection (CVE-2024-47407) Module
2025-02-10 16:25:32 +01:00
853b42cfaf
Merge pull request #19851 from zeroSteiner/feat/mod/adcs-cert-template-flags
...
Parse and display the flags field
2025-02-06 08:00:02 -06:00
7e8c35257e
Update docs, fix space in module
2025-02-04 15:41:33 -06:00
3f8db70d45
Change behavior of 'AUTO' mode to attempt to get a cert based on DomainController and Machine templates
2025-02-03 17:10:31 -06:00
0caaa5d655
Parse and display the flags field
2025-02-03 17:29:33 -05:00
652fbf1a62
Merge pull request #19813 from h00die/local_version_patch
...
guard Rex::Version.new against crashes on local modules
2025-02-03 12:43:37 -08:00
ba8d5b7f5a
Land #19844 , Add Ivanti Connect Secure HTTP Login Module
...
Land #19844 , Add Ivanti Connect Secure HTTP Login Module
2025-02-03 18:17:36 +01:00
f06a2d47f8
Code refactor, merging classes into one
2025-02-03 06:34:49 +01:00
f3eefc0d7e
Merge pull request #19849 from zeroSteiner/feat/mod/ldap/esc-finder-updates
...
AD CS Workflow Related Changes
2025-01-31 15:00:14 -08:00
373ea48838
Merge pull request #19847 from TheBigStonk/argus_dvr_4_lfi_cve_2018_15745
...
Argus LFI Auxiliary Module with Associated Doc (CVE-2018-15745)
2025-01-31 13:59:27 -08:00
917196b8a1
Update modules/auxiliary/gather/argus_dvr_4_lfi_cve_2018_15745.rb
2025-01-31 12:49:35 -08:00
7259548cb9
Update modules/auxiliary/gather/argus_dvr_4_lfi_cve_2018_15745.rb
2025-01-31 11:52:00 -08:00
0013db1822
Fix a regression in the loop logic
2025-01-31 14:48:57 -05:00
f8dfaae599
Guard FQDN lookup logic a bit more
...
Use DNS first, then fail back to LDAP
2025-01-31 09:42:22 -05:00
2003ed7fd0
Fixed changes from rubocop linting
2025-01-31 22:55:32 +13:00
3170849147
Update modules/auxiliary/gather/argus_dvr_4_lfi_cve_2018_15745.rb
...
Adding in RPORT default option
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2025-01-31 11:21:48 +13:00
6f2ff5110e
Update modules/auxiliary/gather/argus_dvr_4_lfi_cve_2018_15745.rb
...
awesome cutting this one out then :)
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2025-01-31 11:20:22 +13:00
7adff997d2
Update modules/auxiliary/gather/argus_dvr_4_lfi_cve_2018_15745.rb
...
TIL, thanks
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2025-01-31 11:19:00 +13:00
cf9e80aa1e
Update modules/auxiliary/gather/argus_dvr_4_lfi_cve_2018_15745.rb
...
Good spot
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2025-01-31 11:15:53 +13:00
48921cadb6
Update modules/auxiliary/gather/argus_dvr_4_lfi_cve_2018_15745.rb
...
Apologies for that this is my first module. Yeah want to make sure John Page is given appropriate kudos.
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2025-01-31 11:14:51 +13:00
22818f07fa
Update modules/auxiliary/gather/argus_dvr_4_lfi_cve_2018_15745.rb
...
Oh cool, I'm new-ish to Ruby. Prefer this :)
Co-authored-by: cgranleese-r7 <69522014+cgranleese-r7@users.noreply.github.com >
2025-01-31 11:11:34 +13:00
37bfe9368b
Addressing comments from pull request
2025-01-30 13:01:40 +01:00
d67dcda2c6
Added Argus LFI Module and Docs
2025-01-31 00:23:34 +13:00
5c2056b2e1
Update kerberos/get_ticket to return values
2025-01-29 16:34:25 -05:00
441b671edd
Update to include return values
2025-01-29 16:34:25 -05:00
210b780f83
Refactor reporting template permissions
2025-01-29 16:34:25 -05:00
e072468042
Some adjustments for ESC4 compatibility with MSP
2025-01-29 16:34:25 -05:00
7b03844312
Consolidate the report details
2025-01-29 16:34:25 -05:00
1aa4a1f8c8
Resolve the CA address via DNS records in LDAP
2025-01-29 16:34:25 -05:00
3fb94b46c4
Update the ESC finder module's reporting
2025-01-29 16:34:25 -05:00
21b3315229
updated
...
updated
2025-01-29 20:18:05 +00:00
7ebd4f34ef
Adding Ivanti Connect Secure HTTP Login Scaner Module
2025-01-29 15:29:47 +01:00
1885b650ba
Fix ldap_login and smb_login
2025-01-29 11:10:30 +01:00
936e0dfb75
Merge pull request #19833 from cdelafuente-r7/fix/mod/petitpotam
...
Fix PetitPotam UUID when using EsfRPC with `lsarpc` named pipe
2025-01-27 13:09:14 -05:00
b3c2ae4f51
Move EfsrpcOverLsarpc module under the MetasploitModule class
2025-01-27 08:35:00 +01:00
ddf07a3d60
Link fix for exploit/multi/http/nibbleblog_file_upload
2025-01-26 19:20:12 +05:30
4a8ad46249
Merge pull request #19816 from jheysel-r7/esc_4_detection
...
Add ESC4 detection to ldap_esc_vulnerable_cert_finder module
2025-01-24 15:37:10 -05:00
bd45ae36a8
Merge pull request #19826 from zeroSteiner/fix/mod/ldap-query/run-single-base
...
Update ldap_query datastore option usage
2025-01-24 09:50:57 -08:00
105559e771
Remove typo
2025-01-24 07:35:12 -08:00
45e6daea7d
Use the correct UUID when using EsfRPC with lsarpc namedpipe
2025-01-24 11:01:15 +01:00
b8f82e0fe4
Add ESC4 detection to ldap_esc_vulnerable_cert_finder module
2025-01-23 19:13:13 -08:00
378ac00c7d
Merge pull request #19750 from dledda-r7/feat/prepend-multi-arch
...
Fix Prepends in Linux Payloads
2025-01-23 14:26:44 -06:00
34f3957aea
Land #19772 , adding module for CraftCMS FTP template exploit
2025-01-23 20:21:17 +01:00
92ebabf168
Ivanti scanner template
2025-01-23 11:38:49 +01:00
af12460274
wrap tomcat dpkg command and rex version
2025-01-22 17:06:48 -05:00
a6ec468063
Use the BASE_DN and don't require QUERY_ATTRIBUTES
2025-01-22 16:15:52 -05:00
159b2bb6dc
Land #19805 , new module for LibreNMS Authenticated RCE
2025-01-20 15:33:37 +01:00
393b2167cd
Fix after applied suggestion
2025-01-20 21:24:16 +09:00
39351486e9
Update modules/exploits/linux/http/librenms_authenticated_rce_cve_2024_51092.rb
...
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com >
2025-01-20 21:07:34 +09:00
b0d5cf1f6a
Stage the command to a file if failed to limit
2025-01-19 10:43:20 +09:00
msutovsky-r7