1a8671311d
Move the offsets into a field separate from 'targets'
2023-04-07 10:26:56 -07:00
02072418f0
Expand the comment about why we're checking for \xff (since it can't appear in the payload)
2023-04-07 10:10:13 -07:00
056b0a0e8b
LPE and doc updates
2023-04-07 10:41:10 -04:00
42902bb5e5
Land #17851 , fix check function which always prints vulnerable
2023-04-07 14:24:45 +01:00
665ba4aece
Add additional target
2023-04-06 23:41:36 -04:00
9985538846
Update modules/exploits/linux/http/apache_couchdb_cmd_exec.rb
...
fix nil exception
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com >
2023-04-07 09:55:00 +09:00
79d4021f31
Replaced janky XML building
2023-04-06 14:58:05 -04:00
544fb8ead6
Removed unecessary start_service proc
2023-04-06 14:26:02 -04:00
ce111f158a
Better error handling
2023-04-06 10:35:33 -07:00
d92fc41d29
Print out what command fails when attempting RCE
2023-04-06 13:31:17 -04:00
4984a3e2d3
Edit check method to raise errors instead of returning boolean
2023-04-06 13:25:20 -04:00
b05c9c6303
add a generic java target
2023-04-06 17:29:50 +01:00
67b98b5120
merge tested exploits
2023-04-06 15:42:39 +01:00
43fe41bea5
RCE exploit for CVE-2023-26359 and an auxiliary module for arbitrary file read via the same vuln.
2023-04-06 14:02:01 +01:00
f0189cc886
revert another get_once
2023-04-06 11:43:50 +01:00
656c562816
Added notes, revert to get_once
2023-04-06 11:01:32 +01:00
cc79fe039a
Merge branch 'rapid7:master' into weblogic-t3s-support
2023-04-06 10:38:29 +01:00
b7456e20d5
VMware Workspace One Access mr_me Hekate exploit
2023-04-05 23:10:34 -04:00
523931aa4c
Change target options for stack overflow exploit
2023-04-05 15:24:49 -07:00
c345fe78b8
Fix up error handling and other comments from the PR
2023-04-05 15:13:35 -07:00
c07ca83d6c
Fix the metadata and add an in-memory target
2023-04-05 14:07:12 -07:00
04a9ae7335
Add check methods
2023-04-05 10:55:28 -07:00
e004be00fe
Converted to Active Support
2023-04-05 16:53:01 +01:00
5d63175b56
Land #17823 , php_cgi_arg_injection: Fix check regex match to detect code html tag
2023-04-05 16:44:52 +02:00
c3a7da54d5
reduces code duplication
2023-04-04 10:27:11 +01:00
40e6917b7f
tests passing
2023-04-04 10:24:09 +01:00
8b3d799104
fix check function which always prints vulnerable
2023-04-04 10:07:06 +09:00
a54f3d4707
fix broken module references
...
doing these "by domain" now, piecemeal.
this PR fixes all broken references to the "insecurety" website, which is long dead.
2023-04-01 05:17:02 -07:00
812d3c7f35
PR Review Changes for optimizing the nagiosxi modules
2023-04-01 14:28:37 +05:30
15d267a233
Land #17826 , post module for CVE-2023-21768
...
This adds an exploit module for CVE-2023-21768 that
achieves local privilege escalation on Windows 11 2H22.
2023-03-30 12:27:28 -04:00
152ef4a86b
Update modules/exploits/windows/local/cve_2023_21768_afd_lpe.rb
2023-03-30 11:28:46 -04:00
6f400052b1
Update modules/exploits/windows/local/cve_2023_21768_afd_lpe.rb
2023-03-30 11:00:55 -04:00
7cb6213334
Fix an msftidy error
2023-03-29 09:56:04 -07:00
54ed192401
Add URLs
2023-03-29 08:10:52 -07:00
41fe44ef1a
Merge branch 'master' into unirpc-auth-bypass
2023-03-29 08:03:05 -07:00
6897be4b01
Add two Metasploit modules for UniData vulnerabilities
2023-03-29 08:01:50 -07:00
0a559bfded
Land #17704 , Apache Solr RCE via Velocity Template: Attempt fix for NoMethodError when exploiting
2023-03-29 15:12:04 +01:00
aaa36e2651
Land #17831 , Fix dead reference links in rpc_cmsd_opcode21.rb
2023-03-28 19:38:46 +01:00
f626b55831
Land #17825 , Update zimbra_slapper_priv_esc.rb
2023-03-28 18:36:18 +01:00
1330913e33
Fix dead reference links in rpc_cmsd_opcode21.rb
...
Both the reference links in this one are dead, replacing with archive.org links.
Much like https://github.com/rapid7/metasploit-framework/pull/17825 , I'll be doing these ad-hoc for a little bit until I figure out a reliable way to do a load of them in one batch.
2023-03-28 18:15:26 +01:00
fcb93fef58
Land #17806 , Optergy BMS Backdoor RCE module
...
This module exploits an undocumented backdoor vulnerability
(CVE-2019-7276) in the Optergy Proton and Enterprise Building
Management System (BMS) applications.
2023-03-28 10:27:35 -04:00
f3c12ba176
Land #17808 , Update broken secunia references
...
The Secunia links in the framework were dead. They have
now been restored using the wayback machine to grab
replacement links from the earliest date possible.
2023-03-27 17:20:13 -04:00
f9c6caa804
Land #17785 , add SolarWinds (SWIS) deser RCE
2023-03-27 15:25:17 -05:00
6d4ee0c071
Add exploit for CVE-2023-21768
2023-03-27 20:08:22 +02:00
38f7cbdfc6
Update zimbra_slapper_priv_esc.rb
...
fixing reference to use an archive link as the sites down.
2023-03-27 16:46:07 +01:00
abe5570902
php_cgi_arg_injection: Fix check regex match to detect code html tag
2023-03-27 15:21:04 +11:00
8572053f0c
php_cgi_arg_injection: Add notes and resolve Rubocop violations
2023-03-27 15:16:51 +11:00
bcef7ee357
updated module and documentation with SUDO option
2023-03-26 18:31:25 +00:00
a67e894609
optimising the nagiosxi modules and also fixing the bug when autocheck is disabled
2023-03-26 15:58:45 +05:30
b7ac6d45d5
Land #17789 , proftpd_modcopy_exec enhancements
...
This PR add documentation, notes, a reference URL, and a few
general code improvements to the check and exploit methods.
2023-03-24 21:08:28 -04:00
Ron Bowes