b8d80d87f1
Remove last newline after class - Make @wvu-r7 happy
2017-07-19 11:19:49 +01:00
3d4feffc62
OCD - Spaces & headings
2017-07-19 11:04:15 +01:00
f3f96babb9
Orientdb 2.2.x RCE - Changed the java_craft_runtime_exec function; Tested the module against Win7-Pro-x64 with OrientDB v2.2.20 with StagerCmd flavors vbs and certutil with success
2017-07-19 10:46:10 +01:00
219987726f
Orientdb 2.2.x RCE - Changed the CmdStager flavor to VBS script
2017-07-18 17:18:14 +01:00
5ca523e2ce
Orientdb 2.2.x RCE - Add warning about windows
2017-07-18 17:11:54 +01:00
af0a9c2f86
Orientdb 2.2.x RCE tidy stuff
2017-07-18 17:07:29 +01:00
99ba645034
Orientdb 2.2.x RCE
2017-07-18 16:53:44 +01:00
034736019b
Update struts2_code_exec_showcase.rb
...
Add additional references
2017-07-17 14:20:11 -04:00
b0a95c8455
Update struts2_code_exec_showcase.rb
...
Update method check with new OGNL expression
2017-07-16 21:30:07 -04:00
0be6ce30e8
Update struts2_code_exec_showcase.rb
...
Add datastore option POSTPARAM
2017-07-16 12:28:24 -04:00
ffbc12d404
Update struts2_code_exec_showcase.rb
...
Update to ARCH_CMD module
2017-07-15 23:33:01 -04:00
c7fcdceb56
Update struts2_code_exec_showcase.rb
...
Remote trailing whitespaces
2017-07-15 21:37:38 -04:00
27d2d7e31f
Update struts2_code_exec_showcase.rb
...
Update Authors
2017-07-15 21:27:50 -04:00
d5ba6ea157
Update struts2_code_exec_showcase.rb
...
Remove trailing whitespace
2017-07-15 19:52:29 -04:00
60af2c8a7b
Update struts2_code_exec_showcase.rb
...
Remove trailing whitespace
2017-07-15 19:34:44 -04:00
6af2192f39
Update struts2_code_exec_showcase.rb
...
Add Author credit
2017-07-15 19:25:07 -04:00
0c52f0cb55
Update struts2_code_exec_showcase.rb
...
Remove trailing spaces
2017-07-15 17:48:34 -04:00
3d9d1e49fa
Update struts2_code_exec_showcase.rb
...
Add vuln check
2017-07-15 17:18:11 -04:00
c3e07e0770
Create struts2_code_exec_showcase.rb
...
Add module for CVE-2017-9791
2017-07-15 16:55:47 -04:00
4720d1a31e
OCD fixes - Spaces
2017-07-14 08:46:59 +01:00
fd843f364b
Removed extra lines
2017-07-14 08:17:16 +01:00
424522147e
OCD fixes - Start of *.rb files
2017-07-13 23:53:59 +01:00
df024bb594
Remove duplicate setting of suhosin.simulation
2017-07-10 00:46:05 +03:00
7e1b50ab3b
Land #8629 , AKA (also known as) module reference
2017-06-28 19:15:45 -05:00
d20036e0fb
revise spelling, add heartbleed and tidy checks
2017-06-28 18:50:20 -04:00
43d8c4c5e7
Land #8519 , Apache ActiveMQ file upload exploit
2017-06-28 17:19:39 -05:00
461ab4501d
add 'Also known as', AKA 'AKA', to module references
2017-06-28 15:53:00 -04:00
b51fc0a34e
Land #8489 , more httpClient modules use store_valid_credential
2017-06-21 17:18:34 -05:00
58cd432120
Added docs, minor code tweak to remove duplication.
2017-06-19 17:35:41 -05:00
49d998f7d9
catch invalid tokens
2017-06-15 21:45:29 -04:00
f4ffade406
add ability to specify API token instead of password
2017-06-15 21:05:53 -04:00
0766f92013
Add option for workspace
2017-06-13 12:46:36 +00:00
6a4c61456d
Add ProcessMaker Plugin Upload exploit module
2017-06-10 08:59:20 +00:00
d641058f75
Added module to exploit ActiveMQ CVE-2016-3088
2017-06-06 11:33:42 -07:00
218ec96009
Add IBM OpenAdmin Tool SOAP welcomeServer PHP Code Execution module
2017-05-31 13:00:35 +00:00
0e145573fc
more httpClient modules use store_valid_credential
2017-05-30 14:56:05 -05:00
3360171977
Land #8319 , Add exploit module for Mediawiki SyntaxHighlight extension
2017-05-17 23:23:50 -05:00
631267480d
Update module description
2017-05-16 14:48:46 -05:00
2ed8ae11b4
Add doc and make minor changes
2017-05-16 14:47:19 -05:00
27e1de14b0
BuilderEngine 3.5 Arbitrary file upload and execution exploit
2017-05-12 18:37:08 +02:00
b794bfe5db
Land #8335 , rank fixes for the msftidy god
2017-05-07 21:20:33 -05:00
88bef00f61
Add more ranks, remove module warnings
...
../vmware_mount.rb
Rank = Excellent
Exploit uses check code for target availability,
the vulnerability does not require user action,
and the exploit uses privilege escalation to run
arbitrary executables
../movabletype_upgrade_exec.rb
Rank = ExcellentRanking
Exploit utilizes code injection,
has a check for availability
../uptime_file_upload_2.rb
Rank = ExcellentRanking
Exploit allows execution of arbitrary commands,
has a check for availability
../zpanel_information_disclosure_rce.rb
Rank = ExcellentRanking
Exploit allows remote code execution,
implements version check for pChart
../spip_connect_exec.rb
Rank = ExcellentRanking
Exploit utilizes code injection,
has a check for availability
../wp_optimizepress_upload.rb
Rank = ExcellentRanking
Exploit allows execution of arbitrary code,
has a check for availability
../wing_ftp_admin_exec.rb
Rank = ExcellentRanking
Exploit allows execution of arbitrary commands,
has a check for availability
../novell_mdm_lfi.rb
Rank = ExcellentRanking
Exploit allows execution of arbitrary code,
has a check for availability
../run_as.rb
Rank = ExcellentRanking
Exploit utilizes command injection,
checks system type, and does not require user action
2017-05-07 15:41:26 -04:00
64452de06d
Fix msf/core and self.class msftidy warnings
...
Also fixed rex requires.
2017-05-03 15:44:51 -05:00
6870a48c48
Code suggestion from @jvoisin
2017-05-02 16:41:06 +02:00
006ed42248
Added fix information
...
https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/0002
09.html
2017-05-01 09:01:14 +02:00
673dbdc4b9
Code review feedback from h00die
2017-04-29 20:37:39 +02:00
fcf14212b4
Fixed disclosure date
2017-04-29 16:25:25 +02:00
f9e7715adb
Fixed formatting
2017-04-29 16:07:45 +02:00
1569d2cf8e
MediaWiki SyntaxHighlight extension exploit module
...
This module exploits an option injection vulnerability in the SyntaxHighlight extension of MediaWiki. It tries to create & execute a PHP file in the document root. The USERNAME & PASSWORD options are only needed if the Wiki is configured as private.
2017-04-29 14:29:56 +02:00
3c2dc68e9c
improved description, no point repeating the same thing\!
2017-04-11 09:55:11 -05:00
g0tmi1k