891387885b
Fixed typos
...
Co-authored-by: Brendan <bwatters@rapid7.com >
2022-02-15 08:47:50 +01:00
bbb66eba55
Fixed typos
...
Co-authored-by: Brendan <bwatters@rapid7.com >
2022-02-15 08:47:26 +01:00
acfc7348c3
Fixed typos
...
Co-authored-by: Brendan <bwatters@rapid7.com >
2022-02-15 08:47:10 +01:00
c935bc6388
Update modules/exploits/multi/php/ignition_laravel_debug_rce.rb
...
Fix typos
Co-authored-by: Brendan <bwatters@rapid7.com >
2022-02-15 08:46:25 +01:00
2e73469b6b
Update modules/exploits/multi/php/ignition_laravel_debug_rce.rb
...
Fix typos
Co-authored-by: Brendan <bwatters@rapid7.com >
2022-02-15 08:46:02 +01:00
ca62a05ce1
Clenup and check strategy
...
- Removed else statements from check in favor of implicit return
- Added comment explaining the check strategy (to be less intrusive)
2022-02-11 00:30:31 +01:00
d1764b2e75
Update option name
...
Update option name from LOGPATH to LOGFILE to become more intuitive.
2022-02-11 00:00:19 +01:00
df53a62cc9
Making reason from failures more descriptives
...
Cases
[x] User defined wrong log file
[-] Exploit aborted due to failure: unexpected-reply: Log file
/var/www/log.log seems doesn't exit
[x] module doesnt detect the log file
[-] Log file does not exist /var/www/storage/logs/laravel.log
[-] Exploit aborted due to failure: bad-config: Log file is
required, however it was defined nor it was not automatically detecte
[x] site doesnt respond with error, module unable to find the log
directoy
[-] Unable to automatically find the log file. To continue set
LOGPATH manually
[-] Exploit aborted due to failure: bad-config: Log file is
required, however it was defined nor it was not automatically detected
[x] site with debug mode false
[-] Exploit aborted due to failure: not-vulnerable: The target is
not exploitable. "set ForceExploit true" to override check result
2022-02-10 23:40:49 +01:00
719e71648c
Change Vulnerable to Appear in the check method
...
As we can't determine with certainly whether the target is vulnerable the check method should return appear instead of vulnerable.
Co-authored-by: Simon Janusz <85949464+sjanusz-r7@users.noreply.github.com >
2022-02-10 20:08:36 +01:00
cc52850ff0
Fix coding style offenses.
2022-02-09 21:30:17 +01:00
da1bc1f6d1
Change exploit Rank. Add AutoCheck. Remove custom timeout on request cgi.
2022-02-09 21:19:10 +01:00
c7092861e0
Fix the CVE format based on failed tests
2022-02-08 14:38:54 +01:00
f1fe6b7c89
Add module to CVE-2021-3129
2022-02-08 14:21:10 +01:00
5bbe934db9
Add QEMU Monitor HMP 'migrate' Command Execution module
2022-02-07 17:48:27 +00:00
e2c91ebf30
Land #16010 , zabbix_script_exec improvements
...
This updates the zabbix_script_exec module to work with versions 5.0 and
newer as well as adds a new item-based execution technique.
2022-02-04 15:13:13 -05:00
ae278d0568
Cleanup some minor typos
2022-02-04 15:12:57 -05:00
8838d9cb66
Added timeout system, fixed a bug with TLS_PSK, linted
2022-02-04 04:01:23 -08:00
965493191f
Add and use a Log4Shell mixin
2022-02-03 16:09:49 -05:00
645ef5e71f
Fixed few bugs
2022-02-02 14:30:02 -08:00
7bf08a28ea
Modified default stager
2022-02-02 12:34:07 -08:00
de32cc0e97
Linted with Rubocop, factorized API call, fixed some grammmar
2022-02-01 13:29:30 -08:00
d46822184f
Updates for Log4Shell
2022-01-28 14:56:44 -05:00
458d584f83
Add details to check codes and PR feedback
2022-01-21 09:40:23 -05:00
579627f5c7
Update docs, note OS X support
2022-01-20 10:47:11 -05:00
ba469a4b2c
Add version detection to the Unifi exploit
2022-01-20 09:26:48 -05:00
3d80a46e67
Check the HTTP response from the trigger
2022-01-19 17:51:31 -05:00
ef344d9d12
Add the Unifi Log4Shell RCE exploit
2022-01-19 17:51:31 -05:00
4cf3ae352c
Land #16050 , Log4Shell: vCenter RCE
...
Merge branch 'land-16050' into upstream-master
2022-01-19 16:30:33 -06:00
96a5d656bd
Final cleanups and reference updates
2022-01-14 08:41:37 -05:00
3f04b80d8b
Add vCenter Log4Shell docs
2022-01-13 14:50:28 -05:00
053fbe2a28
fix cisco advisory links
2022-01-13 18:55:39 +00:00
d5c83b41f9
Cleanup the vCenter Log4Shell exploit
2022-01-13 11:57:00 -05:00
7b1398f0ae
Allow overriding check module datastore options
2022-01-13 11:51:39 -05:00
62a814fa59
Refactor Log4shell exploit code into reusable bits
2022-01-13 09:45:02 -05:00
e093154865
Refactor the BeanFactory gadget code
2022-01-12 16:58:31 -05:00
e873907d13
Initial vCenter exploit via Log4Shell
2022-01-12 15:34:45 -05:00
877bab6f2a
Land #15969 , Log4j2 HTTP Header Injection Exploit
2022-01-11 16:52:08 -05:00
7b64383040
Preemptively tweak references to ysoserial
2022-01-11 16:25:21 -05:00
cb616b94c7
Removed some useless parameter + fixed a few bugs
2022-01-09 13:08:25 -08:00
6a7c81e1ba
Update authors
2022-01-08 21:56:15 -05:00
53c2400be9
Added cleaning procedure + fixed few mistakes/error mesage, removed unused docs
2022-01-08 10:56:31 -08:00
ccc90b0330
Linted doc+module, added support for 6.x version, aded support for TLS and item RCE, improved payload management
2022-01-07 17:40:15 -08:00
3f15c9ecc1
Writeup the module docs
2022-01-07 17:30:39 -05:00
9b03d0272a
Add check and auto-HTTP_HEADER capabilities
2022-01-07 17:30:39 -05:00
6198d9653d
Remove the REMOTE_LOAD datastore option
...
The necessary value can be inferred by the target and it's payload
compatibility so just set it intelligently.
2022-01-07 17:30:39 -05:00
f56f328c8d
Use an enum for the YSoSerial payload option
2022-01-07 17:30:39 -05:00
3cb70c01bf
Cleanup typos, make module aggressive
2022-01-07 17:30:39 -05:00
c9cc6d85ac
Refactored code by using Zabbix HTTP API, should work with 2.x, 3.x, 4.x, 5.x
2022-01-05 13:35:40 -08:00
e26eb2b193
display full path in print_status()
2022-01-04 14:43:04 -06:00
c6372ecdf1
more wp catch themes doc and error handling
2022-01-04 04:34:42 -05:00
Heyder Andrade