97f6cac240
Update fortilogger_arbitrary_fileupload.rb
2021-03-01 20:42:28 +03:00
d3338e7380
fortilogger_arbitrary_fileupload
2021-03-01 19:30:39 +03:00
648489cfe5
fortilogger_arbitrary_fileupdate
2021-03-01 17:55:55 +03:00
6d939c16ce
Land #14783 , Update KarjaSoft Sami FTP Server v2.0.2 USER Overflow module
2021-02-26 11:17:05 -06:00
743248d993
Update KarjaSoft Sami FTP Server v2.0.2 USER Overflow module
2021-02-25 20:53:30 +00:00
f89d67df19
dup_scout_enterprise_login_bof: Add v9.9.14 target and auto targeting
2021-02-25 17:14:25 +00:00
1f00ad011c
dupscts_bof: Add additional targets and auto targeting
2021-02-25 17:12:27 +00:00
319f15d938
Handle nil versions for rubygems 4
2021-02-25 16:47:49 +00:00
b06c5c12aa
Rubocop recently landed modules continued
2021-02-25 14:13:40 +00:00
f65b4155e5
Fix up modules to use more explicit reference to ARCH_X64 and to correctly check sysinfo['Architecture'] as per #14599
2021-02-22 18:47:46 -06:00
8a339f54c1
Land #14734 , updates and runs rubocop against recent modules
...
Rubocop recently landed modules
2021-02-19 13:48:47 +00:00
275e9c5454
Land #14696 , Further Zeitwerk lands to improve boot speed
...
Zeitwerk rex folder
2021-02-19 10:33:37 +00:00
68d4b197fa
Add SrClient DLL Hijacking local exploit module and docs
2021-02-18 13:50:28 -05:00
158dd89e53
guard when spawn is used with TcpServer mixin
...
added locations where the `super` from TcpServer could cause
deadlock waiting for a timeout when a thread is spawned
and fails to trigger the target make a request.
2021-02-18 10:42:56 -06:00
2e1dba1af1
guard thread in ftp module
2021-02-17 15:27:44 -06:00
5b3fde7735
Rubocop recently landed modules
2021-02-16 15:08:08 +00:00
f227e82600
Land #14730 , OBM Local PrivEsc to SYSTEM
2021-02-15 10:24:34 +00:00
a1c316c679
msftidy: Fix exploit module checks for author and stack buffer overflow
2021-02-13 04:10:13 +00:00
f6c3de5732
Land #14733 , Add latest Rubocop rules
2021-02-12 16:18:13 +00:00
bed7ae2c78
Add latest rubocop rules
2021-02-12 13:31:51 +00:00
88eaf97e79
Land #14607 , Updates for Exchange ECP DLP Policy Exploit
2021-02-11 15:15:34 +01:00
1f5f086c5e
Updates for the Exchange ECP DLP Policy RCE module to randomize data
2021-02-10 15:00:39 -05:00
b95be3ed10
Zeitwerk rex folder
2021-02-08 12:24:12 +00:00
3a2932b798
Migrate old uses of manual autocheck to use the new prepend autocheck
2021-02-02 10:15:46 +00:00
90f8c1f7b9
add tested for 2019.11 too
2021-01-30 21:54:48 +07:00
137664818d
add obm windows privesc sploit
2021-01-29 18:45:33 +07:00
89f4d3e2d7
Fix for issue #14678
...
Stops the printing of a rogue nil when exploit completes.
See https://github.com/rapid7/metasploit-framework/issues/14678
2021-01-29 11:17:38 +00:00
9174958489
Land #14627 , Add PRTG Network Monitor RCE (CVE-2018-9276)
...
Merge branch 'land-14627' into upstream-master
2021-01-27 15:48:27 -06:00
b9800b087f
Change notification name
...
From "Exploit" to a random alphanumeric String in order to make it less fingerprintable.
Co-authored-by: acammack-r7 <adam_cammack@rapid7.com >
2021-01-21 18:32:05 +01:00
d6896dadc0
remove msf folder requires
2021-01-18 14:21:54 +00:00
d437a32374
remove msf/util requires
2021-01-18 14:21:54 +00:00
14f24b258d
Add PRTG Network Monitor RCE (CVE-2018-9276)
2021-01-18 12:01:44 +01:00
c8819259ae
Land #14414 , CVE-2020-1337 - patch bypass for CVE-2020-1048
2021-01-15 19:13:14 +01:00
9beb570ca3
Remove unnecessary require that broke things
2021-01-15 08:32:05 -06:00
ea154717aa
Use an absolute assembly path for the CVE-2020-17136 exploit
2021-01-14 08:53:11 -05:00
f5b5624b81
Update Exchange DLP check method, add authors and a source
2021-01-12 18:00:27 -05:00
652e4eaf60
Update the exchange ECP DLP Policy exploit for the latest bypass
2021-01-12 17:45:09 -05:00
6fc4518625
Land #14600 , Refactor and document some of the FileSystem mixin methods
2021-01-12 16:10:23 -06:00
d8e68e6487
Specify you must be SYSTEM for dll removal in docs and removed unused variable in the module
2021-01-12 11:45:53 -06:00
33bd712e0a
Land #14585 , Create module for CVE-2020-17136: Cloud Filter Arbitrary File Creation EoP
2021-01-11 17:16:40 -05:00
50e115b414
Cleanup and edits per review from Christophe
...
Removed unused method from ps script
Cleaned up some code in the module
Added removal instructions to the documentation
2021-01-11 16:02:58 -06:00
829bacbef6
Refactor and document some of the FileSystem mixin methods
2021-01-08 16:10:36 -05:00
3072391d00
Make second round of review edits to fix Spencer's comments
2021-01-08 12:50:52 -06:00
d5bb36c530
Fix up code to use built in cd() and mkdir() commands, and adjust code to not overwrite datastore hash. Also use service_hash over manually starting the service.
2021-01-07 17:39:30 -06:00
7d81b4826d
Update credits
2021-01-07 16:30:19 -06:00
5e5d7b1abb
Update to execute_string to avoid the issue where an arbitrary
...
length comment is required for the exploit to work.
2021-01-06 17:08:22 -06:00
3e52debd8b
Update the exploit a bit more to remove excess options and also update the documentation accordingly.
2021-01-06 12:16:06 -06:00
5262e16694
Make adjustments since the exploit can currently only target x64 systems
2021-01-06 11:40:02 -06:00
17c393f101
Land #14046 , Adding juicypotato-like privilege escalation exploit for windows
2021-01-06 16:02:05 +01:00
863417fca7
Second round of updates and some rubocop changes to conform to standards.
2021-01-06 01:30:40 -06:00
Berkan