30713 Commits

Author	SHA1	Message	Date
Pedro Ribeiro	30c333b30d	fix typo in shrboadmin	2021-04-23 15:03:34 +07:00
Pedro Ribeiro	71f5955b42	add OBR SSH module	2021-04-23 15:00:06 +07:00
Grant Willcox	7dc1c19814	Land #15078, Update reverse_http.rb to fix a typo.	2021-04-21 15:25:30 -05:00
Nils Putnins	faae3ff40e	Update reverse_http.rb ... Fixing a typo	2021-04-21 19:47:18 +03:00
Nils Putnins	b6ed3f2752	Update reverse_https.rb ... Fixing a typo	2021-04-21 19:46:44 +03:00
Grant Willcox	634e88339d	Land #15072, Remove is_root? check from linux_hashdump module and replace it with a check to see if the /etc/shadow file is readable by the current user.	2021-04-21 08:55:18 -05:00
agalway-r7	93c7727622	Land #15058, Cockpit CMS RCE	2021-04-21 13:21:55 +01:00
pingport80	f6cb88b642	remove is_root check from linux_hashdump	2021-04-21 10:19:30 +05:30
Grant Willcox	7b7e521d6c	Fix up a wrong type field value and set it back to 1 from 2 in the send_exploit() function, since this was causing the exploit to fail	2021-04-20 17:45:51 -05:00
Grant Willcox	e0f13e44d1	Land #14699, Add Nagios XI snmptrap RCE and docs (CVE-2020-5792)	2021-04-20 14:30:45 -05:00
h00die	e39b065e06	vprint to print	2021-04-20 15:26:47 -04:00
Grant Willcox	f241a050b8	Apply review comments and fixes to documentation and the module	2021-04-20 12:38:34 -05:00
Tim W	deaa241ca5	Land #15065, fix post/linux/gather/checkvm	2021-04-20 17:02:45 +01:00
pingport80	a4cfc3684e	remove ls_pci_data initialization	2021-04-20 21:26:21 +05:30
pingport80	32bfa887da	rubocop fixes	2021-04-20 21:23:24 +05:30
pingport80	43f4ec921d	update docs and remove lscpu check	2021-04-20 21:12:27 +05:30
Grant Willcox	fcdd47e8f5	Land #15064 - Fix Rex::Socket::SSHFactory NameError in exploit/linux/ssh/f5_bigip_known_privkey	2021-04-20 10:41:42 -05:00
pingport80	490e49acdb	fix msftidy warning	2021-04-20 20:58:04 +05:30
pingport80	673084b65c	remove sys/bus/xen check and add /sys/class/dmi/id/product_name check	2021-04-20 20:51:04 +05:30
pingport80	cde5c83517	add nil check and remove readable?	2021-04-20 18:44:38 +05:30
pingport80	61d4ab4e26	fix linux checkvm bug	2021-04-20 09:40:11 +05:30
William Vu	8d71cfc024	Fix SSHFactory NameError in f5_bigip_known_privkey ... This could probably be refactored to use Msf::Exploit::Remote::SSH.	2021-04-19 17:07:26 -05:00
Grant Willcox	d60cdbebb3	Add in Regex fix to ensure that really old versions of NagiosXI will still be detected as vulnerable despite unusual version naming convention	2021-04-19 14:17:05 -05:00
h00die	51f9e1ae73	cockpit cms rce	2021-04-18 18:52:04 -04:00
Grant Willcox	4ac9304ca2	Land #14968 - Add Nagios XI Mibs.php Authenticated RCE module and docs (CVE-2020-5791)	2021-04-16 14:37:15 -05:00
Grant Willcox	496e074ec8	Add in fixes to documentation and module from review	2021-04-16 13:14:17 -05:00
Grant Willcox	d155702356	Add in Notes section to chrome_simplifiedlowering_overflow.rb	2021-04-16 11:02:52 -05:00
Tim	c6464313d4	Update modules/exploits/multi/browser/chrome_simplifiedlowering_overflow.rb ... Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com>	2021-04-16 16:46:43 +01:00
Tim W	97425602e9	fix typo and docs in chrome_simplifiedlowering_overflow	2021-04-16 14:59:43 +01:00
William Vu	9e6f425427	Move exploit/linux/http/citrix_dir_traversal_rce ... To exploit/freebsd/http/citrix_dir_traversal_rce. It's actually FreeBSD.	2021-04-15 19:13:25 -05:00
Grant Willcox	832ca92f42	Land #14700, Add Nagios XI Plugins Filename Authenticate RCE module and docs (CVE-2020-35578)	2021-04-14 16:58:55 -05:00
Grant Willcox	61395f3cb1	Update scenarios in documentation and also update the module to handle cases where the version number may not be in a format that Rex::Text can immediately handle.	2021-04-14 16:32:53 -05:00
Grant Willcox	76353efada	Fix minor RuboCop error	2021-04-14 15:38:06 -05:00
Grant Willcox	154e237edd	Add in fixes to documentation and module that were covered in the review process	2021-04-14 15:33:42 -05:00
adfoster-r7	4c37e35d82	Land #14770, guard when spawn is used with TcpServer mixin	2021-04-14 11:34:25 +01:00
adfoster-r7	ddde7ebb71	Land #15037, Update redis_login to check that authentication is required	2021-04-14 11:11:00 +01:00
Grant Willcox	a59e7e196d	Land #14701, Rename Nagios XI authenticated RCE module and integrate Nagios XI mixin	2021-04-13 18:58:29 -05:00
Grant Willcox	d766cf9b96	Change module title to be more descriptive and remove bad characters	2021-04-13 17:33:34 -05:00
Grant Willcox	0aada27128	Update the documentation to account for the fact that the plugin name has to be check_ping and also update the module to randomize some of the fields where possible.	2021-04-13 17:15:34 -05:00
Grant Willcox	ead9d73dc5	Add in fixes from review to documentation and module	2021-04-13 16:34:13 -05:00
Grant Willcox	552c0e7cea	Land #15028, payloads/singles/linux/x64/exec.rb refactoring, metasm, and new NullFreeVersion option	2021-04-13 10:21:11 -05:00
Spencer McIntyre	20f4050e5b	Update redis_login to check that authentication is required	2021-04-12 19:53:01 -04:00
William Vu	e842c3ecab	Fix Gem::Package NameError with Rex::Tar::Writer	2021-04-12 18:50:31 -05:00
Grant Willcox	fb9aa68b7a	Comment out several additional parts of the shellcode for better clarity	2021-04-12 17:26:46 -05:00
Grant Willcox	e2532ab01b	Land #14994, Update session_spy.rb to have a PID option for session migration.	2021-04-12 16:18:26 -05:00
Spencer McIntyre	c4f88e35ba	Land #14622, add the sp_oacreate technique to the mssql_exec module	2021-04-12 15:00:15 -04:00
Spencer McIntyre	ef82219235	Update the mssql_exec docs and some verbiage	2021-04-12 14:52:13 -04:00
Grant Willcox	045367cff7	Apply RuboCop formatting to documentation and module	2021-04-12 13:52:00 -05:00
Grant Willcox	54aa9d42e9	Add one additional guard clause in to prevent outputting a message if the database isn't properly connected	2021-04-12 13:41:17 -05:00
Grant Willcox	0b06904dd0	Update module with more checks and replace the Process migration strategy with a PID migration strategy. Also update documentation accordingly	2021-04-12 13:05:26 -05:00