7cd1b75497
Update deprecation date and message
2023-12-05 10:51:12 +01:00
67933c3819
Deprecated module exploit/linux/upnp/dlink_dir859_exec_ssdpcgi
2023-11-27 19:35:34 +00:00
ef84759dd4
Fixed an issue in the DIR-300 rev B version check
2023-11-14 20:40:38 +00:00
3fa9416044
update addressing latest comments
2023-11-14 17:15:25 +00:00
6e1580e5f5
added target DIR-845L
2023-11-13 14:48:59 +00:00
51523e0971
release updating dlink_upnp_msearch_exec exploit module
2023-11-13 12:15:04 +00:00
c62f9a1c45
added D-Link GO-RT-AC750 target and lowered linemax to 900 bytes
2023-10-22 17:49:21 +00:00
93d38f2d53
added additional CVE reference
2023-10-20 13:58:32 +00:00
13e3d037c9
fifth release module
2023-10-19 17:42:53 +00:00
3024824cc9
fourth release module
2023-10-19 17:31:48 +00:00
8ea82693a9
third release module + documentation
2023-10-18 19:55:13 +00:00
3d405cda0a
second release module
2023-10-17 19:09:03 +00:00
7e29519c9c
initial release module
2023-10-17 16:59:45 +00:00
e004be00fe
Converted to Active Support
2023-04-05 16:53:01 +01:00
d5ba1afbec
fix URLs not resolving
...
fix URLs not resolving
add csv export to references
fix URLs not resolving
pdf not pd
missed a url change
remove extra recirectedfrom fields
remove extra file
fix ovftool url accidental replacement
2022-02-16 17:22:40 -06:00
319f15d938
Handle nil versions for rubygems 4
2021-02-25 16:47:49 +00:00
3a2932b798
Migrate old uses of manual autocheck to use the new prepend autocheck
2021-02-02 10:15:46 +00:00
30809787c4
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
e248e2ed43
Consolidate CmdStager flavors to symbols
...
As per the API. Strings are fine, but they're supposed to be symbols.
2020-04-15 15:47:51 -05:00
7dc1315dac
Update logic for ForceExploit in my modules
...
This lets the user opt out of running check completely.
2020-02-19 01:06:50 -06:00
8489bcdfd9
This fixes broken links to the community.rapid7.com blog
...
Performed mechanically with sed, spot-checked that the new blog can consume these links.
2020-02-18 09:06:11 -06:00
de25920f30
The written word "through" is modified
2020-02-05 11:53:51 -03:00
25c23073c8
Modify disclosure URL, remove printf...
...
... as stager flavor and silence msftidy error.
2020-02-04 15:20:57 -03:00
5f7004cf7c
Remove 'HttpClient', 'Payload' and 'RHOST'; ...
...
... replace 'Targets' for a new option, and format 'header', as suggested in the review.
2020-02-04 14:04:23 -03:00
8e0e21d337
Exploit for CVE-2019-20215
...
Staged, uses meterpreter
2020-01-28 16:15:24 -03:00
1429a496da
Remove _telnet from filename
...
No need to keep it, it drops meterpreter as payload now.
2020-01-13 13:18:43 -03:00
eab0bd5755
Randomize "Callback" header URL
2020-01-13 11:39:23 -03:00
0d592a3fca
Replace send_request_cgi with send_request_raw
...
msftidy complains about not using vars_get... Which won't work in this case.
2019-12-31 13:36:09 -03:00
b6731a6d1c
Remove printf as flavor
...
There is no printf in this router.
2019-12-31 13:10:59 -03:00
bedb1132b7
Convert to staged exploit
...
Works with meterpreter now :D
2019-12-31 13:08:51 -03:00
5f2c29946c
Remove the prompt variable + some EOL spaces; modify rand()
...
As suggested by @bcoles
2019-12-31 11:19:59 -03:00
2eec026a28
D-Link DIR-859 Unauthenticated RCE (CVE-2019-17621)
...
Exploits a vulnerability in the /gena.cgi UPnP endpoint in D-Link DIR-859 (and potentially other) SOHO routers. CVE ID: 2019-17621.
Code based on modules/exploits/linux/http/dlink_dir300_exec_telnet.rb
2019-12-30 19:22:04 -03:00
97545ceb9d
Clarify NOCVE reason for Wemo exploit
2019-04-24 11:39:34 -05:00
00cebda89e
Fix typo of "reliability" - wow, I suck
2019-04-24 11:14:06 -05:00
e164c2350c
Properly encode command input with XML entities
...
REXML would make this less ghetto.
2019-04-03 19:10:27 -05:00
502f63c0c4
Indent SOAP requests and prefer $() over ``
2019-03-04 19:10:33 -06:00
1dd243b8bd
Improve positive/negative prints in check method
2019-03-04 19:08:47 -06:00
225e0549c0
Revert CheckCode::Vulnerable to CheckCode::Appears
2019-03-04 18:38:44 -06:00
4100f1cfeb
Revert vprint_status to vprint_good
2019-03-04 18:22:12 -06:00
40ff708306
Refactor check method and address review comments
2019-03-04 17:49:09 -06:00
7c7a233d67
Addressing PR Comments
2019-02-23 14:41:11 -06:00
6bd1489f62
Adding version checking to wemo module
...
Addresses Github Issue 11452 by parsing out the version
information returned in /setup.xml. New code then performs
a version check, and then alerts the user to whether or not
it is likely the remote host is vulnerable given that version
check.
2019-02-23 12:06:57 -06:00
194881a8b2
Add NOCVE
2019-02-22 13:26:53 -06:00
c76714ccc6
Add Reliability REPEATABLE_SESSION to Wemo exploit
...
Notes copied from auxiliary/admin/wemo/crockpot where it didn't apply.
2019-02-22 13:11:59 -06:00
0c8b260737
Revert ARCH_CMD payload to cmd/unix/generic
...
There is no telnetd, so cmd/unix/bind_busybox_telnetd won't work.
2019-02-19 13:23:25 -06:00
bad53aeaf1
Genericize exploit (less Crock-Pot verbiage)
2019-02-19 12:13:08 -06:00
1be838d1fd
Add Belkin Wemo UPnP RCE (tested on Crock-Pot)
2019-02-14 12:45:36 -06:00
6300758c46
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
b8d80d87f1
Remove last newline after class - Make @wvu-r7 happy
2017-07-19 11:19:49 +01:00
64452de06d
Fix msf/core and self.class msftidy warnings
...
Also fixed rex requires.
2017-05-03 15:44:51 -05:00
Christophe De La Fuente