d750ea19eb
Fixes store_valid_credential conditional logic for unix/webapp/wp_admin_shell_upload module
2024-03-21 12:22:11 +00:00
094d6ee36b
Add additional reliability and stability notes to modules
2024-01-22 23:29:57 +00:00
1ba704b1cb
Land #18398 , Update deprecated report_auth_info in various modules
2024-01-16 19:30:56 +00:00
374d724567
Lint
2023-12-11 15:36:10 +01:00
78c57c1c5c
Update modules/exploits/unix/http/splunk_xslt_authenticated_rce.rb
...
Co-authored-by: Brendan <bwatters@rapid7.com >
2023-12-11 15:22:33 +01:00
cb0ee49f71
Update modules/exploits/unix/http/splunk_xslt_authenticated_rce.rb
...
Co-authored-by: Brendan <bwatters@rapid7.com >
2023-12-11 15:22:09 +01:00
ab9576f83d
Add changes
2023-12-01 10:55:04 +01:00
47e7453930
Enhance Splunk RCE module description for clarity and detail
2023-11-28 17:59:16 +01:00
4967d3e95d
Remove spaces
2023-11-28 17:48:07 +01:00
f2f34f64c8
Add suggested changes
2023-11-28 17:45:13 +01:00
b2fa201a7d
Implement check
2023-11-28 16:45:44 +01:00
a1f31d909a
Add splunk_xslt_authenticated_rce
2023-11-28 15:51:39 +01:00
0146527e55
Add splunk_xslt_authenticated_rce
2023-11-28 15:40:05 +01:00
9ce3fdc557
added empty line after guard clause
2023-11-09 22:23:27 +00:00
4919291ec8
Update modules/exploits/unix/webapp/zoneminder_snapshots.rb
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2023-11-09 23:21:39 +01:00
21340d0fd8
Update modules/exploits/unix/webapp/zoneminder_snapshots.rb
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2023-11-09 23:21:26 +01:00
87cb12731e
Update modules/exploits/unix/webapp/zoneminder_snapshots.rb
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2023-11-09 23:20:57 +01:00
e4005feb30
Update modules/exploits/unix/webapp/zoneminder_snapshots.rb
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2023-11-09 23:20:33 +01:00
110cea8cc9
Update modules/exploits/unix/webapp/zoneminder_snapshots.rb
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2023-11-09 23:20:17 +01:00
469d33f31c
Added some CMDStagerFlavors
2023-10-13 08:49:18 +00:00
2dae0a2398
moved token-check outside of get_csrf_magic
2023-10-12 15:09:10 +00:00
2c757bc85b
Refactoring
2023-10-12 14:37:58 +00:00
58f9a39f72
replaced custom timer with rex::stopwatch
...
updated documentation
2023-10-12 11:46:56 +00:00
e0dd5117aa
added platform=linux and changed the payload to a fetch-payload
2023-10-12 11:12:32 +00:00
f0862d4d76
Refactoring
2023-10-06 23:02:17 +00:00
2f23d53e90
Exploit module for CVE-2023-26035
...
This commit adds a exploit module for an unauthenticated remote
code execution vulnerability in Zoneminder.
This exploit allows to choose between dropper and in-memory
payloads and works reliable.
2023-10-06 16:47:30 +00:00
203470302a
Remove deprecated report_auth_info method call from vbulletic_vote_sqli_exec module
2023-09-24 22:20:35 +05:30
8717e66b14
Land #18280 , Add Maltrail Unauth RCE Module
...
This PR adds a module for an unauthenticated RCE vulnerability
in Maltrail, a malicious traffic detection system. This vuln
does not have a CVE associated with it.
2023-08-16 17:29:05 -04:00
cd3d053e6e
Update affected versions in the doc file
2023-08-16 16:52:48 -04:00
c3252027f2
Update modules/exploits/unix/http/maltrail_rce.rb
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2023-08-16 18:45:26 +00:00
20d25e46d0
Update modules/exploits/unix/http/maltrail_rce.rb
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2023-08-16 18:45:12 +00:00
2edf12d303
Syntax fix
2023-08-11 18:25:36 +02:00
0d7591c2fb
Update modules/exploits/unix/http/maltrail_rce.rb
...
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com >
2023-08-11 16:24:38 +00:00
63305a8db6
Update modules/exploits/unix/http/maltrail_rce.rb
...
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com >
2023-08-11 16:24:19 +00:00
4b7d98df07
Add Maltrail Unauthenticated RCE exploit
2023-08-10 23:02:20 +02:00
e74a68b3fb
Make rubocop happy
2023-08-10 10:10:02 +02:00
634713ee56
Fix check method and integrate CmdStager
2023-08-10 00:56:44 +02:00
85f8333b15
Update modules/exploits/unix/http/raspap_rce.rb
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2023-08-09 21:27:25 +00:00
54ccfc1b8c
Update modules/exploits/unix/http/raspap_rce.rb
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2023-08-09 21:26:49 +00:00
a8a7b4eaeb
Update modules/exploits/unix/http/raspap_rce.rb
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2023-08-09 21:24:38 +00:00
fade54dc4d
Update modules/exploits/unix/http/raspap_rce.rb
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2023-08-09 21:24:24 +00:00
2c8d6b97fe
Update modules/exploits/unix/http/raspap_rce.rb
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2023-08-09 21:24:08 +00:00
169ce82ea7
Update modules/exploits/unix/http/raspap_rce.rb
...
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com >
2023-08-08 18:37:23 +00:00
7217eda1eb
Update modules/exploits/unix/http/raspap_rce.rb
...
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com >
2023-08-08 18:37:15 +00:00
95bb5a1e09
Update modules/exploits/unix/http/raspap_rce.rb
...
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com >
2023-08-08 18:37:08 +00:00
2abd826291
Update side effects and options
2023-08-08 00:44:19 +02:00
3b7653c08e
Update modules/exploits/unix/http/raspap_rce.rb
...
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com >
2023-08-07 22:30:51 +00:00
79e009a03f
Update modules/exploits/unix/http/raspap_rce.rb
...
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com >
2023-08-07 22:30:25 +00:00
6225df80e9
Update modules/exploits/unix/http/raspap_rce.rb
...
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com >
2023-08-07 22:23:15 +00:00
41f0c30855
Add RaspAP Unauthenticated Command Injection (CVE-2022-39986) Exploit
2023-08-04 21:22:07 +02:00
cgranleese-r7