c27412a1ac
Land #18494 , Add AjaxPro Deserialization RCE
...
This PR adds a module which leverages an insecure
deserialization of data to get remote code execution
on the target OS in the context of the user running
the website which utilized AjaxPro.
2023-11-02 13:54:17 -04:00
00104ce467
Update documentation to specify bin directory
...
Co-authored-by: Brendan <bwatters@rapid7.com >
2023-11-02 17:41:21 +00:00
8b70c3ec77
Update documentation/modules/exploit/multi/misc/apache_activemq_rce_cve_2023_46604.md
...
Co-authored-by: Brendan <bwatters@rapid7.com >
2023-11-02 17:40:54 +00:00
17f7d5c253
Land #18497 , Add Exploit For F5 CVE-2023-46747
...
This module exploits a flaw in F5s BIG-IP Traffic Management User
Interface (TMUI) that enables an external, unauthenticated
attacker to create an administrative user. The attacker can then use
the admin user to execute arbitrary code in the context of the root user.
2023-11-02 11:46:15 -04:00
d26742a266
Add check code annotations, update AJP link
2023-11-02 08:53:56 -04:00
42cf28dbbe
nifi creds stealer
2023-11-02 06:56:33 -04:00
05f0b6a70c
change the verification stesp to be for alinux target, as the testing steps above are for linux
2023-11-02 10:28:21 +00:00
58d03a3dab
add in documentation
2023-11-02 10:26:02 +00:00
9f9f18c73f
Apply suggestions from code review
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2023-11-02 10:10:26 +08:00
9c67b92a4d
Rename the other TMUI RCE module
2023-11-01 16:55:42 -04:00
7b53592b4f
Add module docs
2023-11-01 16:55:41 -04:00
ad6e4618df
third release module with minor text changes
2023-10-31 09:29:13 +00:00
bfff35eb63
second release module with php fix
2023-10-31 09:05:51 +00:00
00ccebe8ce
Upadte documentation for AjaxPro Deserializaion RCE
2023-10-31 13:31:10 +08:00
df47814029
Land #18454 , add AppleTV and Axis Login Doc files.
2023-10-30 16:38:14 -04:00
ec3cf74ff3
Land #18492 , Add module for Citrix Bleed (CVE-2023-4966)
2023-10-30 17:25:53 +01:00
40683ff591
Add document for AjaxPro Deserialization RCE Module
2023-10-28 01:37:34 +08:00
54bce7fcb5
Add module docs
2023-10-27 12:47:19 -04:00
1dc4e35134
Fix typos and log vulnerable servers
...
Log servers that are vulnerable but don't leak any cookies
2023-10-27 11:47:01 -04:00
93c13ad6a7
Apply document suggestions from code review
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2023-10-27 02:02:00 +08:00
d960aa522c
Land #18348 , Splunk account take over (CVE-2023-32707) leading to RCE
2023-10-26 11:34:02 -04:00
94ede61a99
Add module docs
2023-10-26 09:52:59 -04:00
d07ad325b2
Add document for PL/SQL Developer gather credential module
2023-10-26 19:38:52 +08:00
9e5e57390f
Land #18194 , Useradd post module
2023-10-25 19:29:59 +02:00
5c89df694c
added documentation
2023-10-24 18:34:29 +00:00
ff9639e6a6
Land #18460 , VMWare Aria Operations for Networks (vRealize Network Insight) Static SSH key RCE
2023-10-24 17:32:28 +02:00
77a8b0efa2
Land #18421 , Save Kerberos tickets in the MSF cache upon a successful login
2023-10-23 15:25:09 +02:00
97f9edb5f7
review
2023-10-23 06:35:23 -04:00
1ac0e2dc66
Update splunk_privilege_escalation_cve_2023_32707.md
2023-10-23 11:31:19 +02:00
67b0168669
Delete documentation/modules/auxiliary/scanner/nessus/nessus_ntp_login.md
2023-10-22 22:57:55 -04:00
eb43039a18
Files removed
2023-10-21 19:53:47 -04:00
99c2bb2eca
Changed to markdown
2023-10-21 19:50:39 -04:00
8e56a9761f
Nessus documentation created.
2023-10-21 19:49:10 -04:00
15aaa90379
Land #18447 , CVE-2023-22515 Confluence Auth Bypass
...
CVE-2023-22515 - Atlassian Confluence Data Center and Server Authentication Bypass
2023-10-19 17:35:17 -04:00
83e5b7a103
Update documentation/modules/auxiliary/scanner/http/appletv_login.md
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2023-10-19 17:22:18 -04:00
8192d204b7
Update documentation/modules/auxiliary/scanner/http/appletv_login.md
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2023-10-19 17:22:08 -04:00
ea4bc95e7b
Update documentation/modules/auxiliary/scanner/http/appletv_login.md
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2023-10-19 17:22:02 -04:00
d2a3e2f5f2
Update documentation/modules/auxiliary/scanner/http/appletv_login.md
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2023-10-19 17:21:55 -04:00
24c5d8197d
Update documentation/modules/auxiliary/scanner/http/axis_login.md
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2023-10-19 17:21:49 -04:00
95a9a0b2ee
Update documentation/modules/auxiliary/scanner/http/appletv_login.md
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2023-10-19 17:21:00 -04:00
ee0e5b9eda
Tidy the docs, fix the username
...
The username can not contain capital letters, or the operation will
fail.
2023-10-19 17:19:55 -04:00
258ac6421b
Fix fail_with response code compare and documentation fixes
2023-10-19 17:19:30 -04:00
da9d04d32d
Land #18461 , CVE-2023-22515 - Atlassian Confluence unauthenticated RCE
2023-10-19 10:22:57 +02:00
8ea82693a9
third release module + documentation
2023-10-18 19:55:13 +00:00
c63aaba760
add in documentation for Options
2023-10-18 10:05:05 +01:00
00b534dbed
review
2023-10-17 13:17:10 -04:00
1c027ac05c
add an RCE exploit for CVE-2023-22515
2023-10-16 20:50:18 +01:00
b94d278003
vmware aria ssh keys exploit
2023-10-16 14:47:04 -04:00
ba82b59ec2
vmware aria ssh keys exploit
2023-10-16 13:43:15 -04:00
f394b4a8ed
vmware aria ssh keys exploit
2023-10-16 13:42:58 -04:00
Jack Heysel