 kalba-security
|
8b778bffc0
|
Incorporate suggestions from code review
|
2020-03-06 15:50:34 +02:00 |
|
|
Alan Foster
|
3a046f01da
|
Run rubocop -a on subset of files
|
2020-03-06 10:41:45 +00:00 |
|
|
Shelby Pace
|
12faf3fad5
|
Land #12959, add eyes of network rce module
|
2020-03-02 15:22:51 -06:00 |
|
|
Shelby Pace
|
c16edad4e6
|
add verify_api method, checks on data
|
2020-03-02 15:10:46 -06:00 |
|
|
kalba-security
|
f60f60db7f
|
Set stance to aggressive to prevent the HTTPServer mixing from trying to make this a job
|
2020-02-28 13:01:51 +02:00 |
|
|
kalba-security
|
5ee7fcaf4a
|
Add simple changes suggested in code review.
|
2020-02-28 12:14:38 +02:00 |
|
|
kalba-security
|
99ed3afab3
|
Change filenames for consistency with existing modules
|
2020-02-27 17:08:23 +02:00 |
|
|
kalba-security
|
280d1767b4
|
Add Nagios XI < 5.6.6. exploit module and documentation
|
2020-02-27 16:58:15 +02:00 |
|
|
Alan Foster
|
af9d2a28de
|
Fix msftidy warnings
|
2020-02-26 14:56:08 +00:00 |
|
|
Alan Foster
|
6bac1ec2aa
|
Remove executable flags from exploit files
|
2020-02-26 10:39:50 +00:00 |
|
|
Jeffrey Martin
|
578bf9999f
|
Land #12955, Update logic for ForceExploit in modules
|
2020-02-21 15:45:12 -06:00 |
|
|
Christophe De La Fuente
|
f484e6c83c
|
Land #12862, Apache James 2.3.2 arbitrary file write exploit module
|
2020-02-20 10:41:13 +01:00 |
|
|
kalba-security
|
c2f13d906b
|
fix sqli get request syntax
|
2020-02-20 11:38:43 +02:00 |
|
|
mattaberegg
|
a861ad3f21
|
Payload handler/cleanup improvement
|
2020-02-19 18:57:08 -08:00 |
|
|
Shelby Pace
|
db8555e007
|
Land #12942, add Diamorphine privilege escalation
|
2020-02-19 10:36:39 -06:00 |
|
|
kalba-security
|
9980a96917
|
Move documentation to correct directory
|
2020-02-19 16:57:38 +02:00 |
|
|
kalba-security
|
0d0bd865c8
|
add eyesofnetwork module and docs
|
2020-02-19 16:33:04 +02:00 |
|
|
William Vu
|
7dc1315dac
|
Update logic for ForceExploit in my modules
This lets the user opt out of running check completely.
|
2020-02-19 01:06:50 -06:00 |
|
|
Brent Cook
|
8489bcdfd9
|
This fixes broken links to the community.rapid7.com blog
Performed mechanically with sed, spot-checked that the new blog can consume these links.
|
2020-02-18 09:06:11 -06:00 |
|
|
Brendan Coles
|
ac6d0e4391
|
Add Diamorphine Rootkit Signal Privilege Escalation module
|
2020-02-16 14:53:16 +00:00 |
|
|
RAMELLA Sébastien
|
27effc1b56
|
typo. cmdstager command
|
2020-02-14 12:25:56 +04:00 |
|
|
mattaberegg
|
a0b6584d19
|
Added password randomization
|
2020-02-07 19:14:56 -08:00 |
|
|
mattaberegg
|
e2f2d55ecc
|
Updated check message
|
2020-02-07 18:34:27 -08:00 |
|
|
mattaberegg
|
cb372a54f4
|
Added info to cleanup message
|
2020-02-07 16:41:27 -08:00 |
|
|
mattaberegg
|
a05611d756
|
Improve cleanup functionality
|
2020-02-07 16:13:25 -08:00 |
|
|
Alan Foster
|
4dcb2fbd96
|
Land #12889, Add OpenSMTPD MAIL FROM RCE
|
2020-02-07 11:43:18 +00:00 |
|
|
William Vu
|
e053ed7a1e
|
Add Msf::Exploit::Expect mixin and refactor again
|
2020-02-05 21:16:24 -06:00 |
|
|
William Vu
|
95fa8602bc
|
Refactor modules that use Expect
|
2020-02-05 21:16:21 -06:00 |
|
|
mattaberegg
|
edb3aa30f8
|
Minor style and performance edits
|
2020-02-05 15:19:06 -08:00 |
|
|
s1kr10s
|
de25920f30
|
The written word "through" is modified
|
2020-02-05 11:53:51 -03:00 |
|
|
s1kr10s
|
25c23073c8
|
Modify disclosure URL, remove printf...
... as stager flavor and silence msftidy error.
|
2020-02-04 15:20:57 -03:00 |
|
|
s1kr10s
|
5f7004cf7c
|
Remove 'HttpClient', 'Payload' and 'RHOST'; ...
... replace 'Targets' for a new option, and format 'header', as suggested in the review.
|
2020-02-04 14:04:23 -03:00 |
|
|
RAMELLA Sébastien
|
c8e5fcf389
|
add. cmdstager for drop meterpreter
|
2020-02-03 16:46:15 +04:00 |
|
|
RAMELLA Sébastien
|
355b9c135f
|
add initial source code.
|
2020-02-03 13:52:56 +04:00 |
|
|
mattaberegg
|
6f453a0f83
|
Module rewrite to include Cron exploitation
|
2020-02-02 17:29:39 -08:00 |
|
|
s1kr10s
|
8e0e21d337
|
Exploit for CVE-2019-20215
Staged, uses meterpreter
|
2020-01-28 16:15:24 -03:00 |
|
|
Tim W
|
cfffb65a21
|
Land #12859, update AF_PACKET chocobo_root linux LPE
|
2020-01-24 17:30:13 +08:00 |
|
|
Brent Cook
|
6f6cc00871
|
Land #12751, add Linux RDS socket NP deref privesc
|
2020-01-22 07:08:47 -06:00 |
|
|
Shelby Pace
|
e7e42b7a59
|
Land #12768, add dlink command injection module
|
2020-01-21 07:37:43 -06:00 |
|
|
mattaberegg
|
c1b66aac77
|
Updated check function and description
|
2020-01-20 17:16:45 -08:00 |
|
|
mattaberegg
|
4af14109f5
|
Grammar change in exploit name
|
2020-01-19 14:15:11 -08:00 |
|
|
mattaberegg
|
d91a166034
|
Made changes from comments on PR #12858
|
2020-01-19 13:46:47 -08:00 |
|
|
Brendan Coles
|
19b1f567b2
|
Update AF_PACKET chocobo_root Privilege Escalation module
|
2020-01-19 11:51:01 +00:00 |
|
|
mattaberegg
|
fc1b337c58
|
Add Apache James 2.3.2 Insecure User Creation Command Injection exploit module.
|
2020-01-18 19:05:27 -08:00 |
|
|
Brendan Coles
|
36b6ceb56f
|
Add rds_atomic_free_op_null_pointer_deref_priv_esc (CVE-2018-5333)
|
2020-01-18 08:34:52 +00:00 |
|
|
Brent Cook
|
7f74d28245
|
Land #12845, check for SSL when SSL is not enabled
|
2020-01-16 16:12:53 -06:00 |
|
|
William Vu
|
60b787bde1
|
Use new immutable? method in modules
|
2020-01-16 15:05:11 -06:00 |
|
|
William Vu
|
a31e4034c8
|
Check SSL in exploit/linux/http/webmin_backdoor
|
2020-01-16 14:49:13 -06:00 |
|
|
William Vu
|
6712458dbd
|
Land #12758, attributes and immutable? methods
|
2020-01-16 14:01:29 -06:00 |
|
|
Dave York
|
7b14442ab0
|
replace strings with bools
|
2020-01-14 20:47:27 -05:00 |
|