 Wei Chen
|
27bb166938
|
Land #12011, Add module for cve-2018-8453
|
2019-07-15 11:31:07 -05:00 |
|
|
Jacob Robles
|
5c0bbbbaa0
|
Land #12070, Add module for CVE-2019-0841
|
2019-07-15 09:32:47 -05:00 |
|
|
William Vu
|
d1c6364d58
|
Land #12086, joomla_registration_privesc check fix
|
2019-07-12 20:31:19 -05:00 |
|
|
William Vu
|
501a9109a5
|
Fix and refactor check method
|
2019-07-12 20:29:43 -05:00 |
|
|
William Vu
|
2bc2b88ee6
|
vprint and quotes
|
2019-07-12 14:37:34 -05:00 |
|
|
William Vu
|
be5f15a245
|
Add @h00die and @bcoles changes
|
2019-07-12 12:46:13 -05:00 |
|
|
Jacob Robles
|
de40b3e1c4
|
Land #12062, Add Laravel PHP RCE CVE-2018-15133
|
2019-07-12 09:28:33 -05:00 |
|
|
Jacob Robles
|
30d7c9427f
|
Add CVE reference
|
2019-07-12 09:08:15 -05:00 |
|
|
Jacob Robles
|
73b1790472
|
Use include? method
|
2019-07-12 07:59:30 -05:00 |
|
|
Jacob Robles
|
e84379cabe
|
Refactor
|
2019-07-12 07:45:24 -05:00 |
|
|
Patrick Webster
|
f13378c503
|
Minor fix for aux joomla_registration_privesc
Module checks for version number. If disclosed, checks for vulnerable release ranges.
Missing a Safe retval for known immune numbers.
|
2019-07-12 06:37:08 +10:00 |
|
|
asoto-r7
|
f13616843c
|
Land #12041, Add Xymon useradm Command Execution module
|
2019-07-11 15:20:13 -05:00 |
|
|
Tod Beardsley
|
fbfa37916c
|
Tut tut
Edit a blue comment
|
2019-07-10 17:41:54 -05:00 |
|
|
William Vu
|
c917ec70d1
|
Fix missing split in struts2_rest_xstream
|
2019-07-10 11:15:36 -05:00 |
|
|
William Vu
|
cd3ffb92ef
|
Land #12072, cmd_psh_payload arch string fixes
|
2019-07-10 10:38:22 -05:00 |
|
|
h00die
|
9274b1d259
|
Land #12024, add gatherproof to ssh_login modules
|
2019-07-09 20:35:49 -04:00 |
|
|
William Vu
|
e6300bfd63
|
Fix cmd_psh_payload requiring an arch string
We may want to update Rex::Powershell to take the first in an array.
|
2019-07-09 17:43:23 -05:00 |
|
|
Shelby Pace
|
70d67f1dbb
|
merged write_to_disk and load_dll_with_diaghub
|
2019-07-09 11:39:38 -05:00 |
|
|
Shelby Pace
|
86d0d1d153
|
remove validate_target
|
2019-07-09 10:52:02 -05:00 |
|
|
Shelby Pace
|
f7aa6d79d7
|
Update modules/exploits/windows/local/appxsvc_hard_link_privesc.rb
Co-Authored-By: @shellfail <jrobles@rapid7.com>
|
2019-07-09 10:47:57 -05:00 |
|
|
Shelby Pace
|
c647d0ba52
|
made suggested change to write_payload
|
2019-07-09 10:46:46 -05:00 |
|
|
Shelby Pace
|
096857d1ad
|
swap check codes
|
2019-07-09 10:01:49 -05:00 |
|
|
Jacob Robles
|
a55aea33a9
|
Add cve-2018-8453 exploit module
|
2019-07-09 07:15:13 -05:00 |
|
|
Shelby Pace
|
ccdb7ba262
|
remove unused variable
|
2019-07-08 12:57:47 -05:00 |
|
|
Shelby Pace
|
f0f1a41ba5
|
add documentation and module
|
2019-07-08 12:49:22 -05:00 |
|
|
Patrick Webster
|
163e85bad9
|
fail Spaces at EOL is effing stupid unless the line is exponentiall^y long.
|
2019-07-08 11:36:49 +10:00 |
|
|
Patrick Webster
|
a9ecef74fd
|
Guessing build fail must be this.
|
2019-07-08 09:30:52 +10:00 |
|
|
Patrick Webster
|
5a035aaf7c
|
Owch fix syntax.
|
2019-07-08 09:18:39 +10:00 |
|
|
Patrick Webster
|
691c606c53
|
Also some bare POSTs work.
|
2019-07-08 05:13:38 +10:00 |
|
|
Patrick Webster
|
a9791fad74
|
Added Lavarel PHP exploit module with fixes.
|
2019-07-08 00:50:13 +10:00 |
|
|
William Vu
|
ef20123c34
|
Land #12044, snmp_enum SNMP::NoSuchInstance fix
|
2019-07-02 16:26:33 -05:00 |
|
|
Matthew Kienow
|
260c369aff
|
Fix network interface processing
The SNMP walk operation can return an SNMP::NoSuchInstance class.
The error class must be handled rather than attempting to use it as a
valid value.
|
2019-07-02 15:14:55 -04:00 |
|
|
William Vu
|
5e04ab2e66
|
Add lokiuox to bypassuac_silentcleanup authors
Looks like they were removed by accident.
|
2019-07-02 12:36:07 -05:00 |
|
|
Brendan Coles
|
a0538a9613
|
Add Xymon useradm Command Execution module
|
2019-07-02 14:04:07 +00:00 |
|
|
h00die
|
a42c7ea736
|
land #11990 windows tomcat cmdlinearguments
|
2019-07-01 17:29:02 -04:00 |
|
|
asoto-r7
|
d3056723e1
|
Land #12030, CVE-2019-12181: Serv-U FTP Server prepareinstallation privesc
|
2019-07-01 16:01:04 -05:00 |
|
|
Brent Cook
|
e50ab5cd13
|
Land #11726, add exploit for CVE-2019-8513, macOS TimeMachine cmd injection
|
2019-06-29 05:36:12 -05:00 |
|
|
Brent Cook
|
4e544fe733
|
Land #11968, only enable UDP stagers for compatible payloads
|
2019-06-29 03:34:15 -05:00 |
|
|
Brent Cook
|
83e2c71b44
|
Land #11923, Set sockaddr_len with x64 shell_find_port payload
|
2019-06-29 03:26:52 -05:00 |
|
|
bcoles
|
c7ff78c277
|
Remove spaces at EOL
|
2019-06-29 14:01:18 +10:00 |
|
|
Brendan Coles
|
203e3b74db
|
Add Serv-U FTP Server prepareinstallation Privilege Escalation
|
2019-06-29 03:52:53 +00:00 |
|
|
William Vu
|
0a00f3851a
|
Land #12007, true 0s timeout in send_request_*
|
2019-06-28 12:32:32 -05:00 |
|
|
William Vu
|
49176a3606
|
Land #11952, Supra Smart Cloud TV RFI module
|
2019-06-28 12:12:15 -05:00 |
|
|
William Vu
|
baa17290e4
|
Adjust name :)
|
2019-06-28 12:08:27 -05:00 |
|
|
Dhiraj Mishra
|
09d6ae3458
|
Removing comments
Thanks wvu-r7 for your support.
|
2019-06-28 16:17:08 +05:30 |
|
|
William Vu
|
d7a5eae146
|
Fix bug, adjust prints, and check body for "OK"
|
2019-06-28 04:12:57 -05:00 |
|
|
William Vu
|
7a26e1c257
|
Fix sshexec hanging on exec! and blocking close
|
2019-06-27 22:07:37 -05:00 |
|
|
William Vu
|
dc81adb417
|
Add GatherProof advanced option to ssh_login*
|
2019-06-27 21:04:20 -05:00 |
|
|
James Barnett
|
2ed8e6db97
|
Deregister PASSWORD_SPRAY option for LoginScanner modules
|
2019-06-27 17:06:32 -05:00 |
|
|
William Vu
|
1503dcd168
|
Land #11997, SilentCleanup UAC bypass
|
2019-06-27 11:52:56 -05:00 |
|