2718c078d2
removed WfsDelay
2023-12-01 10:15:55 +01:00
d26db0b1dd
changed datastore['TARGETURI'] to target_uri.path
2023-12-01 10:15:13 +01:00
26e7807154
updated URI to TARGETURI
2023-12-01 10:09:06 +01:00
9105966b20
Fixed debug string
2023-12-01 10:07:28 +01:00
7dbd938e3b
fixed linting with rubocop and msftidy.rb
2023-11-27 18:44:10 +01:00
3ffeef36f6
Update modules/exploits/windows/http/prtg_authenticated_rce_cve_2023_32781.rb
...
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com >
2023-11-27 11:48:50 +01:00
ebc18db0ac
Update modules/exploits/windows/http/prtg_authenticated_rce_cve_2023_32781.rb
...
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com >
2023-11-27 11:48:12 +01:00
4906ea228d
updated fields to have random values
2023-11-27 09:39:18 +01:00
27b2cdf5b1
Update modules/exploits/windows/http/prtg_authenticated_rce_cve_2023_32781.rb
...
Remove obsolete slash in normalize_uri parameters
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com >
2023-11-25 13:09:15 +01:00
32380d8a26
Update modules/exploits/windows/http/prtg_authenticated_rce_cve_2023_32781.rb
...
Remove obsolete slash in normalize_uri parameters
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com >
2023-11-25 13:09:03 +01:00
a04943063e
Update modules/exploits/windows/http/prtg_authenticated_rce_cve_2023_32781.rb
...
Removes quotes from normalize_uri parameters.
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com >
2023-11-25 13:07:08 +01:00
8c007c0ef7
added exploit for CVE-2023-32781 - PRTG authenticated RCE
2023-11-23 19:28:02 +01:00
1da4333611
Land #18434 , Add module for Zoneminder RCE
...
This PR adds an RCE module for the Zoneminder video
surveillance software system (CVE-2023-26035).
2023-11-10 15:15:01 -05:00
9ce3fdc557
added empty line after guard clause
2023-11-09 22:23:27 +00:00
4919291ec8
Update modules/exploits/unix/webapp/zoneminder_snapshots.rb
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2023-11-09 23:21:39 +01:00
21340d0fd8
Update modules/exploits/unix/webapp/zoneminder_snapshots.rb
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2023-11-09 23:21:26 +01:00
87cb12731e
Update modules/exploits/unix/webapp/zoneminder_snapshots.rb
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2023-11-09 23:20:57 +01:00
e4005feb30
Update modules/exploits/unix/webapp/zoneminder_snapshots.rb
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2023-11-09 23:20:33 +01:00
110cea8cc9
Update modules/exploits/unix/webapp/zoneminder_snapshots.rb
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2023-11-09 23:20:17 +01:00
77a93e452f
Land #18507 , Exploit & Auxiliary modules for CVE-2023-20198 and CVE-2023-20273 (Cisco IOS XE)
...
Merge branch 'land-18507' into upstream-master
2023-11-08 09:05:40 -06:00
2a56c3f28b
remove redundant \d in check regex
2023-11-07 09:21:04 +00:00
25ef7d1272
add the RCE exploit
2023-11-06 17:12:40 +00:00
e8d45b00ba
Land #18501 , Exploit module for CVE-2023-46604 - Apache ActiveMQ
...
Merge branch 'land-18501' into upstream-master
2023-11-06 09:30:48 -06:00
ea21036995
reduce nesting in the check routine
2023-11-06 09:42:59 +00:00
4272678938
reduce the indentation in on_request_uri
2023-11-06 09:36:20 +00:00
fa8c40072c
ensure the payload doesnt contain a CDATA closing tag, if found then fail before we attempt exploitation
2023-11-06 09:36:20 +00:00
1cde6198b5
Land #18481 , MagnusBilling unauthenticated RCE [CVE-2023-30258]
2023-11-03 20:42:27 +01:00
8bb7b98ce9
Land #18506 , Fix stability issue for f5 2023-46747
...
This PR fixes a statbility issue with the
f5_bigip_tmui_rce_cve_2023_46747 module. Prior to this fix
occasionally the module would fail on login as things were
running too quickly, the module now retrys loging in.
2023-11-03 10:51:04 -04:00
e5790f8d6e
Fix a stability issue with the module
...
Occassionally the module will fail on login if things are running too
quickly. Fix it by retrying like update_user_password does.
2023-11-02 17:10:20 -04:00
c27412a1ac
Land #18494 , Add AjaxPro Deserialization RCE
...
This PR adds a module which leverages an insecure
deserialization of data to get remote code execution
on the target OS in the context of the user running
the website which utilized AjaxPro.
2023-11-02 13:54:17 -04:00
f83f183fe2
Apply Code Suggestions from review
2023-11-03 00:04:20 +08:00
27d86be456
Remove the REPEATABLE_SESSION tag
...
The module is generally reliable, but may fail after it's been run multiple
times.
2023-11-02 11:11:36 -04:00
cea4c1f326
Feedback from module review
2023-11-02 10:17:45 -04:00
d26742a266
Add check code annotations, update AJP link
2023-11-02 08:53:56 -04:00
24810183ca
add in a unix target as ActiveMQ can run on OSX
2023-11-02 10:25:45 +00:00
94b5211525
set exploit Stance to Agressive
2023-11-02 09:32:36 +00:00
a7e8be4860
Fix code styling to pass msftidy
2023-11-02 10:35:49 +08:00
9f9f18c73f
Apply suggestions from code review
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2023-11-02 10:10:26 +08:00
9c67b92a4d
Rename the other TMUI RCE module
2023-11-01 16:55:42 -04:00
7b53592b4f
Add module docs
2023-11-01 16:55:41 -04:00
03252913a1
Add the check method
2023-11-01 16:55:41 -04:00
714eeaaa3a
Finish cleaning the exploit up
2023-11-01 16:55:36 -04:00
df040b30aa
typos and improve comments
2023-11-01 17:59:00 +00:00
a408181def
Add initial work on exploit module for CVE-2023-46604
2023-11-01 17:34:30 +00:00
c803d6ef7e
Fetch the admin hash as a bonus
2023-10-31 15:27:31 -04:00
04388d9e25
Initial commit of CVE-2023-46747
2023-10-31 09:55:18 -04:00
ad6e4618df
third release module with minor text changes
2023-10-31 09:29:13 +00:00
bfff35eb63
second release module with php fix
2023-10-31 09:05:51 +00:00
00ccebe8ce
Upadte documentation for AjaxPro Deserializaion RCE
2023-10-31 13:31:10 +08:00
62f3dafd91
Apply CheckCode message suggestions from code review
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2023-10-31 10:45:58 +08:00
Kevin Joensen