3f63f9fcd1
ms02_065_msadc: Cleanup and add additional offsets
2022-07-08 00:26:02 +10:00
7d111938d5
ms03_007_ntdll_webdav: Cleanup and add additional offsets
2022-07-07 20:31:57 +10:00
debf619968
Land #16733 , add dfscoerce scanner module
2022-07-06 18:18:00 -05:00
f7209bfc75
Land #16724 , Modernize ms01_026_dbldecode
...
Use HttpClient; remove meterpreter code; fix stager
2022-07-05 09:36:58 -04:00
bbf56c7f4c
Delete jboss_remoting_unified_invoker.md
2022-07-05 00:33:30 +02:00
1ccc91d23c
Rename doc file
2022-07-05 00:25:56 +02:00
b8834e1534
Added documentation
2022-07-05 00:19:17 +02:00
066d01b7b2
Rework censys_search module to use Censys Search API v2
2022-07-04 17:19:16 +02:00
789397a445
citrix_netscaler_config_decrypt tweaks
...
Minor code tweaks and updates to documentation
2022-07-03 08:21:58 -04:00
04aa05faa2
ms01_026_dbldecode: Use HttpClient; remove meterpreter code; fix stager
2022-07-03 18:22:55 +10:00
b21abbfb18
address review
...
includes using python on target for yescrypt
support, not failing on unsupported hash types,
documentation updates, etc
2022-07-01 12:56:44 -05:00
69342f5431
add docs and mixin
2022-07-01 12:56:43 -05:00
b40dd95d4f
Land #16723 , Add FreeSwitch Login auxiliary module
2022-07-01 16:57:34 +02:00
12522d1407
fix cve in weblogic_deserialize_asyncresponseservice docs and run msftidy_docs
2022-07-01 10:34:27 -04:00
b56242c7a2
enable MeterpreterTryToFork by default for aerohive_netconfig_lfi_log_poison_rce
2022-07-01 06:15:13 -04:00
e944196c5c
Update documentation
2022-07-01 12:29:17 +07:00
c67432b20d
Add the documentation for dfscoerce
2022-06-30 17:25:32 -04:00
0d19e47b8d
Land #16677 , Add module for adding/deleting computers via MS-SAMR
2022-06-30 12:12:26 +02:00
a2949c7555
Fix documentation warning
2022-06-30 11:51:03 +07:00
1b7d8f1e74
Fix a whitespace issue, restore option naming
2022-06-29 12:24:29 -04:00
41ba2d263b
Address PR feedback
...
Simplify the application_key usage, update docs and catch another
exception.
2022-06-28 11:53:05 -04:00
da63fbbad4
Add FreeSwitch Login auxiliary module
2022-06-28 20:13:24 +07:00
e9b2fc6ecf
Merge branch 'rapid7:master' into master
2022-06-23 12:52:09 -10:00
84aa9ceeb9
Update phpmailer_arg_injection.md
...
Added options to the module docs for the new options
2022-06-23 12:50:33 -10:00
4ae74f1a67
Added handling of connection profiles
2022-06-21 13:14:01 -07:00
fe6138dea7
Initial rewrite of Cisco ASA Clientless VPN Brute-force
2022-06-21 12:28:49 -07:00
f8901a8b17
Add Kerberos LoginScanner support
2022-06-20 16:38:32 +01:00
4c17a3c342
Fixed documentation spelling and presentation. Changed to new file upload API
2022-06-16 18:59:39 +02:00
91d83e966c
Changed documentation to fit targets and added installation instructions. Added requests to delete .htaccess
2022-06-16 16:24:17 +02:00
a96bc36d9c
Update the docs with the Windows target
2022-06-15 17:24:44 -04:00
37234985e6
citrix_netscaler_config_decrypt Aux Module
...
Added an aux module that can perform offline decryption of NetScaler
config files. The module is able to decrypt secrets using well-known
static keys as well as the new Key Encryption Key (KEK) scheme.
This is the initial commit, and some functionality is lacking: there is
currently no loot storage of secrets, and the module cannot decrypt
-passcrypt entries from legacy configuration files.
2022-06-15 11:03:28 -04:00
825604dda9
Add docs and a configurable password
2022-06-15 08:51:47 -04:00
feb13174be
Fixed documentation presentation
2022-06-14 10:41:43 +02:00
cb1e72461f
Renamed username to email to better reflect the user input nature. Created module documentation under /documentation/modules/exploit/multi/http/qdpm_authenticated_rce.md
2022-06-14 10:35:43 +02:00
f6bd8fd020
Land #16571 , Vcenter offline mdb extract
...
Merge branch 'land-16571' into upstream-master
2022-06-13 10:32:07 -05:00
ba83b1bdf5
add manageengine adaudit plus and datasecurity plus xnode enum modles and manageengine_xnode lib
2022-06-10 10:32:25 -04:00
67ea2bc23c
Land #16630 Fix duplicate ntlm hash storage
...
Net-NTLM (v1 and v2) hashes were being duplicated when
stored in the database due to the unique data in the challenge
dispite being the same. This fixes that issue
2022-06-08 14:07:34 -04:00
3875db78ae
Land #16644 , Add Exploit for CVE-2022-26134 (Confluence RCE)
...
Merge branch 'land-16644' into upstream-master
2022-06-07 16:00:37 -05:00
2b99967d0c
Merge branch 'master' into fix/duplicate-netntlm
2022-06-07 11:42:51 -04:00
1a06f69f95
Works through v7.18 now too
2022-06-06 22:03:21 -04:00
2c0e034a18
Fix a couple of typos
2022-06-06 18:14:05 -04:00
c751ef46c9
Land #16635 , Add 0-day MSWord RCE #Follina CVE-2022-30190
...
Merge branch 'land-16635' into upstream-master
2022-06-06 14:41:31 -05:00
1aec2e8649
Note version in the docs
2022-06-03 18:29:28 -04:00
600fba7fa1
Add module docs
2022-06-03 17:26:15 -04:00
474116d413
Land #16611 , DotCMS File Upload to RCE Module (CVE-2022-26352)
2022-06-02 15:30:10 +02:00
3ab06461af
fix. second review
2022-06-02 00:58:20 +04:00
dd1814903c
fix. SRVHOST default value
2022-06-02 00:07:15 +04:00
8c19a02835
fix. first review
2022-06-01 20:15:08 +04:00
bea4207c62
Land PR #16607 - MyBB RCE Module (CVE-2022-24734)
...
This exploit module leverages an improper input validation
vulnerability in MyBB prior to 1.8.30 to execute arbitrary
code in the context of the user running the application.
2022-05-31 11:59:53 -04:00
dac355d9cf
Land #16492 , nfs_mount more intelligent mountability
2022-05-31 11:56:19 +02:00
bcoles