9c3cfd8bdb
Added documentation, cleaned up functions, rubocop fixes
2023-02-13 15:19:45 -06:00
c3fa924cfa
Remove the NGROK_URL option
2023-02-13 14:31:44 -05:00
210b7a3254
Use #get_json_document instead of JSON.parse
...
Also fix typos
2023-02-13 14:00:13 -05:00
d6419ee4fb
add check method, login, main logic
2023-02-13 11:31:06 -06:00
2a386981bd
Updated Module & Payloads + Rubocop Fixes
2023-02-13 09:03:57 -06:00
f4c5e34a1b
Added improved functionality on both Windows and Unix installs
2023-02-12 14:42:22 -06:00
fcfc39296f
Added improved functionality on both Windows and Unix installs
2023-02-12 14:39:11 -06:00
d5b7ad30a1
Created module
2023-02-10 17:01:57 -06:00
e963582e18
Update fortra_goanywhere_rce_cve_2023_0669.rb
...
Name typo
2023-02-09 23:06:59 +01:00
c7279e9a0a
Add credit for CVE-2023-0669; fix path in docs
2023-02-09 13:02:40 -05:00
de8a6e1445
Move fortra_goanywhere_rce_cve_2023_0669 module documentation to documentation directory
2023-02-09 23:12:45 +11:00
508f5c7e52
Land #17619 , Run rubocop on exploit modules
2023-02-09 10:11:53 +00:00
c997952d83
Land #17607 , Fortra RCE CVE-2023-0669
...
Fortra deserialization RCE CVE-2023-0669 (ETR)
2023-02-08 12:56:09 -05:00
2b008af097
Move the module to reflect it targets Windows too
2023-02-08 10:24:27 -05:00
25ee41df68
Run rubocop on exploit modules
2023-02-08 15:20:32 +00:00
10144a9f13
Land #17615 , Add missing module notes for stability reliability and side effects
2023-02-08 12:28:47 +00:00
433bafdccf
Add missing module notes for stability reliability and side effects
2023-02-08 11:45:17 +00:00
8ee67085c8
Land #17556 , ManageEngine ADSelfService Plus RCE (CVE-2022-47966)
...
Merge branch 'land-17556' into upstream-master
2023-02-07 16:57:22 -06:00
53c67653f5
Land #17527 , ManageEngine ServiceDesk Plus RCE (CVE-2022-47966)
...
Merge branch 'land-17527' into upstream-master
2023-02-06 17:37:31 -06:00
f676568d89
Fix CVE
2023-01-30 12:18:08 +01:00
a5ba1245c2
Fix CVE
2023-01-30 12:15:14 +01:00
85d5b041aa
Add minimum build number check
2023-01-27 18:03:19 +01:00
6043d0ffba
Update all links from Wiki site to new docs site.
2023-01-27 09:58:53 -06:00
e01239cf7b
Add exploit module and documentation
2023-01-26 21:53:14 +01:00
ed2dd2fc0c
Add randomization in the XML when possible & fix BadChars issue
2023-01-26 18:42:09 +01:00
2be22752be
Add Linuc specifics and documentation
2023-01-26 16:16:00 +01:00
38f0d33d6b
Add exploit module
2023-01-24 00:55:45 +01:00
3c219c8a77
prevent .keys call on nil in log4shell_header_injection
2022-12-15 12:51:30 +02:00
cf6d5d3a14
It made the gadgets being used more readable
2022-12-06 17:47:49 +01:00
8aca86b816
Apply suggestions from code review
2022-12-04 17:29:05 +01:00
704cee436b
Apply suggestions from code review
2022-11-29 15:25:14 +01:00
c1236500f1
Apply suggestions from code review
...
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com >
2022-11-29 14:12:39 +01:00
ff63f0aa32
Added reference
2022-11-28 14:11:07 +01:00
27f8f4fc47
Cleanup
2022-11-23 01:55:06 +01:00
7880530989
The check method should report when finding a vulnerable product.
...
I think all exploit modules should "report" in the check method when finding a vulnerable
product. By doing that we can take advantage of all check methods in the exploit module
and use them as a "scanner". That would give the chance for the user to check multiple
simultaneously targets and save the result for further actions.
2022-11-23 01:29:38 +01:00
0e5f8d49f9
Code cleanup and payload generation improvements
2022-11-23 00:29:10 +01:00
7983c14166
Removed a bunch of hard-coded stuff and cleaned out fake smart server
2022-11-22 12:07:55 +01:00
3d73f574d4
Impreve error handling
2022-11-20 12:10:04 +01:00
c9eaa9af37
Added module for #CVE-2022-2992
2022-11-19 15:21:31 +01:00
8ca7550062
Land #17257 , Adding exploit for ChurchInfo 1.2.13-1.3.0 RCE (CVE-2021-43258)
2022-11-18 19:27:10 -06:00
237eb904d4
Add in fixes for documentation examples and then update the code to fix some bugs
2022-11-18 18:30:07 -06:00
85a6770973
Add additional checks, a check method, and fix up some doc errors
2022-11-18 18:22:06 -06:00
b9ecdb3bc2
Use TARGETURI, registered cleanup, implment cookie_jar, and perform response checks and documentation
2022-11-18 18:21:27 -06:00
a33a313544
Adding exploit for ChurchInfo 1.3.0
2022-11-18 18:21:08 -06:00
d1a7170020
Land #17021 , Gitea Git fetch RCE module - CVE-2022-30781
2022-11-17 12:28:29 +01:00
11541a5774
Add comment for details about the string substitutions on Windows
2022-11-17 12:25:52 +01:00
1ddc137f1a
Update module
...
- adjust execute_command method and add logic for :win_dropper target
- move cmdstager uripath setting into target case statement
- add more cmdstagerflavour for :linux_dropper target
- fix lint msftidy
2022-11-15 22:30:45 +07:00
cbca2a5604
Update modules/exploits/multi/http/gitea_git_fetch_rce.rb
...
apply suggestion
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2022-11-15 22:17:59 +07:00
639afebe1e
Update module
...
- handle cleanup method on manual `check`
- adjust targets flavour option
- add :win_dropper target and handle the payload delivery
NOTE: the Windows dropper target is still unsuccessfull but keep this for further review
2022-11-09 16:12:20 +07:00
13bb31feeb
Update module
...
- move repository migration to execute_command.
NOTE: the stageless payload is still unsuccessfull but keep this anyway for christophe to review.
2022-11-09 04:52:18 +07:00
JBince