b1de44d892
Fix code styling
2023-09-22 16:51:49 +02:00
4044835a64
Improve the cleanup method
...
- The cleanup methos is deleting the job and removing the app directory
- Added a change dir command as an AutoRunScript just to avoid the error when trying to access the current directory in the session
2023-09-22 15:45:40 +02:00
47d8e4de04
Remove ReturnOutput option
...
TODO: distinguish commands that return output and commands that don't
2023-09-22 11:52:14 +02:00
ffb34b05ef
Adherence to code review
2023-09-15 16:55:05 +02:00
766766be78
Apply suggestions from code review
...
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com >
2023-09-14 16:13:10 +02:00
54a7b55eb4
Fix code style
2023-09-14 15:05:41 +02:00
401c775336
Rename module
2023-09-13 17:19:42 +02:00
6a260f60e0
Initial commit
2023-09-07 13:53:42 +02:00
a037d16b66
Land #18233 , Chamilo unauthenticed RCE [CVE-2023-34960]
2023-08-24 11:49:40 +02:00
3c6f5419f2
Land #18214 , Change fetch payload default options
...
Change default command to certutil for Windows HTTP Fetch and default…
2023-08-23 17:45:10 -04:00
bf1b5ffaa3
Land #18272 , Bug fix for ColdFusion RCE module - CVE-2023-26360
2023-08-23 16:05:33 +02:00
f64b67968f
Final minor updates
2023-08-23 11:38:07 +00:00
1db284dcaa
Apply suggestions from code review
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2023-08-22 18:46:25 +02:00
b6cf981378
Updates based on review comments
2023-08-19 08:18:50 +00:00
11d7b368da
Land #18287 , fix stack trace in forge_ticket
...
This PR fixes a stack trace thrown by the forge_ticket
module when the SPN datastore option was left blank. The module
now fails due to bad-config and gives a detailed error message.
2023-08-18 17:38:51 -04:00
f3c8ca94ff
Land #18297 , fix broken mysql_authbypass_hashdump
...
This PR fixes the broken mysql_authbypass_hashdump module.
2023-08-18 17:08:31 -04:00
5fdc9924d5
Land #18123 , add exploit for Jorani unauth RCE
...
This PR adds a module that chains together a log poisoning LFI,
redirection bypass and a path traversal vulnerability to obtain unauth RCE.
2023-08-18 16:44:42 -04:00
0334d28553
Apply final suggestions from code review
2023-08-18 15:40:58 -04:00
b064578488
Apply suggestions from code review
2023-08-18 15:37:11 -04:00
4ddd789f51
Apply suggestions from code review
2023-08-18 15:33:59 -04:00
4a76371b01
Fix broken mysql_authbypass_hashdump module
2023-08-17 23:41:43 +01:00
703f535850
Land #18275 , Update java reverse http and https to be dynamic
2023-08-17 16:15:16 +01:00
89f8deb672
Land #18253 , Add CVE-2023-34634, Greenshot Fileformat exploit
2023-08-17 15:30:02 +01:00
0965233591
Remove debug print
2023-08-17 08:48:42 -05:00
8717e66b14
Land #18280 , Add Maltrail Unauth RCE Module
...
This PR adds a module for an unauthenticated RCE vulnerability
in Maltrail, a malicious traffic detection system. This vuln
does not have a CVE associated with it.
2023-08-16 17:29:05 -04:00
cd3d053e6e
Update affected versions in the doc file
2023-08-16 16:52:48 -04:00
c3252027f2
Update modules/exploits/unix/http/maltrail_rce.rb
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2023-08-16 18:45:26 +00:00
20d25e46d0
Update modules/exploits/unix/http/maltrail_rce.rb
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2023-08-16 18:45:12 +00:00
33193bdd41
Update java reverse http and https to be dynamic
2023-08-16 00:50:41 +01:00
900e418796
Land #18226 , H2 Web Interface RCE
...
This PR adds a module to exploit an RCE feature in
the H2 databases Web Interface.
2023-08-15 16:23:09 -04:00
6cf136ec3a
Land #18263 , Add RaspAP Unauth Command Injection
...
This PR adds an unauthenticated command injection
module for the RaspAP webgui application.
2023-08-14 23:25:23 -04:00
7d9abc87b1
Fix a stack trace in forge_ticket when SPN is blank
2023-08-14 10:42:32 -04:00
2edf12d303
Syntax fix
2023-08-11 18:25:36 +02:00
0d7591c2fb
Update modules/exploits/unix/http/maltrail_rce.rb
...
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com >
2023-08-11 16:24:38 +00:00
63305a8db6
Update modules/exploits/unix/http/maltrail_rce.rb
...
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com >
2023-08-11 16:24:19 +00:00
4b7d98df07
Add Maltrail Unauthenticated RCE exploit
2023-08-10 23:02:20 +02:00
e74a68b3fb
Make rubocop happy
2023-08-10 10:10:02 +02:00
634713ee56
Fix check method and integrate CmdStager
2023-08-10 00:56:44 +02:00
85f8333b15
Update modules/exploits/unix/http/raspap_rce.rb
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2023-08-09 21:27:25 +00:00
54ccfc1b8c
Update modules/exploits/unix/http/raspap_rce.rb
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2023-08-09 21:26:49 +00:00
a8a7b4eaeb
Update modules/exploits/unix/http/raspap_rce.rb
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2023-08-09 21:24:38 +00:00
fade54dc4d
Update modules/exploits/unix/http/raspap_rce.rb
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2023-08-09 21:24:24 +00:00
2c8d6b97fe
Update modules/exploits/unix/http/raspap_rce.rb
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2023-08-09 21:24:08 +00:00
214c788ce7
Land #18232 , metabase setup token rce (cve-2023-38646)
2023-08-09 09:44:53 +01:00
03c99660db
Update pam_username_bof.rb
2023-08-09 00:22:57 -05:00
e8ce0454cd
review comments
2023-08-08 17:16:57 -04:00
dca125963c
metabase review comments
2023-08-08 17:16:57 -04:00
f30c996340
remove comment
2023-08-08 17:16:56 -04:00
9516592eb6
metabase setup token rce
2023-08-08 17:16:56 -04:00
7ceeb9f8de
review comments
2023-08-08 17:15:22 -04:00
eu