f5f61ca508
Start of MOVEit port
2023-06-14 10:04:07 -05:00
7af22bfd41
Land #18077 , add Symmetricom unauth cmd injection
2023-06-13 17:07:16 -05:00
5535401345
add exploit rank
2023-06-13 17:05:30 -05:00
38f542174d
Land #17336 , A more robust implementation for Windows version comparisons
...
Merge branch 'land-17336' into upstream-master
2023-06-13 15:38:56 -05:00
37bc9cd5a4
Update symmetricom_syncserver_rce.rb
...
Updated info to add allowed SRVPORT and LPORT, and fixed issue with srvport variable not used.
2023-06-13 16:22:08 -04:00
091ee36b44
Land #18086 , add TerraMaster cmd injection
2023-06-13 14:34:42 -05:00
cbf7109c51
add rubocop fixes and some metadata
2023-06-13 13:44:23 -05:00
fd5e4dfc39
VMWare vRealize Network Insight pre-authenticated RCE CVE-2023-20887
...
Technical details at
https://summoning.team/blog/vmware-vrealize-network-insight-rce-cve-2023-20887/
2023-06-13 15:16:11 +01:00
f97ab80224
Land #17942 , Improve AMSI bypass on new Windows
...
The script generated by the web_delivery module is blocked
by the Antimalware Scan Interface (AMSI) on newer versions
of windows. This PR allows the script to bypass AMSI.
2023-06-12 18:50:48 -04:00
ed516faa93
Update modules/exploits/linux/http/symmetricom_syncserver_rce.rb
...
Added link to CVE
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com >
2023-06-12 16:34:24 -04:00
5b73c8fea1
Update modules/exploits/linux/http/symmetricom_syncserver_rce.rb
...
Added CVE
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com >
2023-06-12 16:33:57 -04:00
4e4d09862e
Update modules/exploits/linux/http/symmetricom_syncserver_rce.rb
...
Fixed misspelling
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com >
2023-06-12 16:32:12 -04:00
bc2fb0c919
Update modules/exploits/linux/http/symmetricom_syncserver_rce.rb
...
Updated heading
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com >
2023-06-12 16:31:21 -04:00
4479d94658
Updates based on review comments from space-r7 and jvoisin
2023-06-12 19:28:08 +00:00
7cd3854208
Removed Webshell upload and updated documentation
2023-06-12 13:58:59 +00:00
417c9fa591
init commit module and documentation
2023-06-10 09:42:32 +00:00
c9af514be4
Land #18063 , add TerraMaster webshell upload
2023-06-09 17:55:32 -05:00
4c817ce1de
Land #17946 , CVE-2023-21839 - Oracle Weblogic RCE
...
CVE-2023-21839 - Oracle Weblogic PreAuth Remote Command Execution via ForeignOpaqueReference IIOP Deserialization
2023-06-09 14:55:43 -04:00
c8609d7983
Land #18070 , add TerraMaster chained exp module
2023-06-09 12:29:47 -05:00
694c1006e4
Add more IPv6 support in to the module
2023-06-09 12:24:35 -05:00
27f5a789c9
rework the exploit to use the new MIPS64 fetch payload adapters. Removed the seperate command and dropper targets in favor of a single default target which can do both thanks to fetch payloads. Removed the redundant IO select() call which was bad copy pasta on my part.
2023-06-09 09:47:57 +01:00
a1528556e0
Merge branch 'rapid7:master' into CVE-2023-28771
2023-06-09 09:42:19 +01:00
dfc366e022
Latest updates based on reviewers comments
2023-06-08 21:25:40 +00:00
229fc0c002
Added symmetricom_syncserver_rce.rb
2023-06-08 12:46:10 -04:00
a1e930397a
Land #18072 , Add CVE-2023-1133 - .NET Deserialization exploit for Delta Electronics InfraSuite Device Master
2023-06-08 08:42:07 -05:00
0bcd930f61
Updated NAS model and version check
2023-06-08 09:12:45 +00:00
b3b0cb4ccf
Updates based on space-r7 comments
2023-06-08 07:39:44 +00:00
3bc145c02c
Update modules/exploits/windows/misc/delta_electronics_infrasuite_deserialization.rb
...
Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com >
2023-06-07 16:42:01 -05:00
5b39eaafc1
Land #18074 , Fix exception handling in gitlab_github_import_rce_cve_2022_2992 module
2023-06-07 14:52:21 -05:00
8f6b421dc1
add non-capture group
2023-06-07 10:52:58 -05:00
82c8b5418e
Land #17936 , PaperCutNG Authentication Bypass with RCE
2023-06-07 15:05:51 +02:00
46fcdb76d5
Updates based on jvoisin comments
2023-06-07 08:27:55 +00:00
2fcd97f5ef
close socket
2023-06-06 14:37:58 -05:00
102a32c87b
add SCREEN_EFFECTS and akb assessment
2023-06-06 14:12:21 -05:00
451735ad15
Fix exception handler & add doc
2023-06-06 17:43:22 +02:00
18ddd72285
Update jenkins login scanner to work with newer versions
2023-06-06 11:54:55 +01:00
3e6ae74886
init commit module
2023-06-06 07:07:36 +00:00
a12b58df22
add cmdstager usage, description, and metadata
2023-06-05 17:38:27 -05:00
00e39eb540
updated CMD stager order
2023-06-05 14:54:31 +00:00
07def1c9f0
init commit module
2023-06-05 11:19:42 +00:00
1c5f8e09c8
add check method and new options
2023-06-02 17:59:04 -05:00
617aff5a43
Fix up supported payloads and remove nonused parameter
2023-06-02 09:48:03 -05:00
f7d2cdae56
Add in ability to restore settings n documentation changes.
...
Previously there was not the ability to restore the server proxy setting.
This updates the code to do so. Additionally this also updates the documentation
to note that Fetch payloads are incompatible with this module since they
use HTTP connections that will be impacted by this module changing the server's
HTTP proxy settings. There is no way around this.
2023-06-02 09:48:03 -05:00
965311d09e
Fix documentation and fix bug in creating PARMS value
2023-06-02 09:48:02 -05:00
6e89f9b275
Address review comments
2023-06-02 09:48:02 -05:00
8577f21e52
Add in documentation and updated code
2023-06-02 09:48:01 -05:00
05bb3cd182
Update again
2023-06-02 09:48:01 -05:00
c78a9bac1d
Remove dropper target and try expand potential BadChars and limit payload size???
2023-06-02 09:48:01 -05:00
6d066dc649
Add in initial copy of exploit
2023-06-02 09:47:49 -05:00
a66641da55
add delta electronics infrasuite deserialization
2023-06-01 17:57:57 -05:00
bwatters