e7d2b73600
Add a DOMAIN option to CVE-2020-0688 for consistency with other modules
2020-09-28 09:24:39 -04:00
655088bb0d
Fix punctuation typo in exchange_ecp_viewstate
2020-05-20 09:47:11 -05:00
b37adbeeed
Update existing modules to use explicit parameters
2020-04-15 15:13:41 -04:00
f7d8c43722
Land #13040 , SQL Server Reporting Services ViewState deserialization RCE
2020-03-12 18:26:01 +01:00
9bd6fb9e76
Update cve-2020-0618 based on feedback
2020-03-09 09:18:44 -04:00
fe8cd52c9d
Use VHOST instead of RHOST
...
The 'vhost_uri: true' enables the successfully exploitation of this vulnerability in environments where you can't use an IP address (RHOST) to access the OWA web page.
2020-03-07 10:43:51 +01:00
4759f7d39d
Check for nil res
2020-03-03 17:17:28 -06:00
573b8302ec
Fix missing var and change default target
2020-03-03 17:15:19 -06:00
a4feaec188
Implement a check method for cve-2020-0688
2020-03-03 14:22:27 -05:00
5574eaa591
Make a new .NET serialization lib
2020-03-03 10:41:59 -05:00
167f1027c4
Address initial PR feedback
2020-03-02 12:21:24 -05:00
b3867dc200
Finish up the cve-2020-0688 module
2020-03-02 10:51:25 -05:00
203b2486ae
Commit some work on the module for a milestone
2020-03-01 11:07:32 -05:00
29608d13bf
Save some work before changing context
2020-02-28 08:30:59 -05:00
c9d9d3af29
Figured out how to generate the viewstate
2020-02-27 21:57:08 -05:00
Spencer McIntyre