1174344b76
Land #18918 , Add CrushFTP Module CVE-2023-43177
...
This exploit module leverages an Improperly Controlled Modification of
Dynamically-Determined Object Attributes vulnerability (CVE-2023-43177)
to achieve unauthenticated remote code execution. This affects CrushFTP
versions prior to 10.5.1.
2024-04-12 12:26:16 -07:00
d36e22fdc6
Land #18936 , mongodb ops manager diagnostic archive info disclosure (cve-2023-0342)
2024-04-12 15:22:18 +02:00
aa739cd92d
Land #18962 , rancher audit logs information leak
...
new post module: rancher audit logs sensitive information leak (CVE-2023-22649)
2024-04-10 11:51:54 -04:00
f579ec7a1a
Clean table printing, document tested version
2024-04-10 11:31:55 -04:00
76145c3091
Land #19064 , SNMP TCP support
2024-04-10 07:38:35 -04:00
53efed1606
Land #19022 , Add MySQL Arch & Platform detection by query
2024-04-10 12:24:08 +01:00
b8176e13a6
Land #19069 , Update create session default values
2024-04-09 15:24:02 -04:00
8f5052f2e7
Land #19051 , Add the Shadow Credentials module
2024-04-09 10:13:08 -04:00
a862b16286
Add MySQL Arch & Platform detection by query
2024-04-09 13:38:07 +01:00
8a2b092321
Update create session default values
2024-04-09 12:41:27 +01:00
29c6e0a1e5
Removed unused function
2024-04-09 07:53:26 +10:00
bf489f0b0d
Allow selection of "TCP" for SNMP packets
2024-04-08 17:41:59 +03:00
951da5b00c
Land #19056 , Don't close sockets that we're using for sessions
2024-04-08 11:51:31 +01:00
4557de9a72
Changes from code review
2024-04-08 11:47:09 +10:00
5852fcbb78
Error handling and unit tests
2024-04-08 11:32:53 +10:00
9f5444680f
Some error handling
2024-04-08 11:32:52 +10:00
209d9dfab0
Help user when they've made a typical mistake
2024-04-08 11:32:52 +10:00
1b92d3b110
Working writing of certs over ldap
2024-04-08 11:32:51 +10:00
b6acf708f3
Alias get_ticket to pkinit, since many people will search for that
2024-04-08 11:32:50 +10:00
c55f8f20a8
Add shadow credentials module
2024-04-08 11:32:50 +10:00
b83a91a468
review for mongodb ops manager
2024-04-07 05:39:51 -04:00
34f0afa298
Land #19044 , Gibbon Online School Platform Authenticated RCE [CVE-2024-24725]
2024-04-05 16:20:11 +02:00
87b84b00fb
Don't close sockets that we're using for sessions
2024-04-05 14:33:30 +01:00
434e85261b
Add postgres client specs
2024-04-05 13:10:15 +01:00
25a65c0ed7
Consolidate and simplify session tests
2024-04-05 13:10:15 +01:00
8afbbc1553
third release module based on smcintyre-r7 comments
2024-04-04 17:14:32 +00:00
926e2fa204
Land #19033 , lint modules/exploits/linux/smtp/haraka.py
2024-04-03 14:19:18 +01:00
8aa6d19e7d
second release module
2024-04-01 20:21:37 +00:00
3af68ef51a
Land #19032 , Fix bad module indentation
...
The wp_downloadmanager_upload module has bad indentation
2024-04-01 11:30:59 -04:00
7e132758d6
Land #19031 , Extra ',' is causing ruby issues
2024-04-01 10:52:14 -04:00
d8942b27a2
first release module
2024-04-01 14:49:10 +00:00
9cc294dbaf
1. Remove unused modules
...
2. Prettify code
2024-03-30 17:56:49 +03:00
c8c7e74cba
Bad indentation
2024-03-30 17:06:25 +03:00
609d356083
Extra ',' is causing ruby issues
2024-03-30 17:02:13 +03:00
e75043f00e
Module indentation was wrong
2024-03-30 16:50:48 +03:00
3dc638909f
Land #18906 , Add template data files for ESC2 and ESC3
...
Merge branch 'land-18906' into upstream-master
2024-03-29 15:29:52 -05:00
e6e13e7b45
Fixes from code review
2024-03-29 12:18:16 +01:00
31cf0e2633
Land #18764 , Add unauth Jenkins file read module
...
This PR adds a new module to exploit CVE-2024-23897, an unauth arbitrary
(first 2 lines) file read on Jenkins.
2024-03-28 13:29:39 -07:00
155181fd92
Apply suggestions to fix the last code review
2024-03-28 15:54:58 -04:00
14938a2d77
Apply suggestions from code review
2024-03-28 14:41:25 -04:00
d7f3fd8cc0
Land #18915 , Add Watchguard RCE CVE-2022-26318
...
This PR adds a module for a buffer overflow at the administration
interface of WatchGuard Firebox and XTM appliances. The appliances are
built from a cherrypy python backend sending XML-RPC requests to a C
binary called wgagent using pre-authentication endpoint /agent/login.
This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before
12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2. Successful
exploitation results in remote code execution as user nobody.
2024-03-28 10:24:32 -07:00
d6ecd9db70
Land #19021 , update admin/mysql/mysql_enum for newer versions of mysql
2024-03-28 16:34:49 +00:00
69660c329d
Land #19017 , add better logging for failed mssql logins
2024-03-28 12:21:28 +00:00
c5e98d954b
Updates to work with newer versions of MySQL
2024-03-28 12:11:35 +00:00
6e6f1beb92
update addressing jheysel-r7 comments
2024-03-28 08:43:08 +00:00
b5d96de192
add better logging for failed logins
2024-03-27 09:54:38 -05:00
abb2eb7ffd
Land #18891 , Add RCE module for wp bricks builder
...
This PR adds the wp_bricks_builder_rce exploit module that targets a
known vulnerability in the WordPress Bricks Builder Theme, versions
prior to 1.9.6.
2024-03-26 14:46:35 -07:00
b9b4a624d9
Fix typos
2024-03-26 21:05:35 +01:00
abc39e86f9
Update modules/exploits/multi/http/wp_bricks_builder_rce.rb
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2024-03-26 20:40:04 +01:00
672036f53a
Update modules/exploits/multi/http/wp_bricks_builder_rce.rb
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2024-03-26 20:39:33 +01:00
Jack Heysel