211626e7ce
Fix the check method, add docs
2022-03-31 09:01:08 -04:00
94cf23e4cf
Finish the Spring Cloud Function exploit
2022-03-30 18:38:41 -04:00
51df37de87
Add in documentation and also update the module to handle NarratorQuickstart.exe which sometimes comes up and can lead to visual indicators
2022-03-28 17:53:53 -05:00
bd3e0c1b53
Add in support for exploiting domain joined systems
2022-03-28 16:14:19 -05:00
b408197cb7
Another round of RuboCop
2022-03-25 17:37:05 -05:00
393765a2f0
Add in UAC checks to ensure PromptOnSecureDesktop is set appropriately before attempting to exploit. Also clean up some of the extra code to prevent unneeded cmd level commands from running
2022-03-25 17:26:48 -05:00
56e21ae3a2
Update check code to now use cmd_exe as other call was hanging forever, and also update the check code to use Meterpreter functions if available vs always running shell commands.
2022-03-25 15:25:48 -05:00
f7c271aaf4
Add in fixes from Spencer's quick initial review of module to address typos and proper check code return values
2022-03-25 14:14:56 -05:00
e82c25841c
RuboCop module to pass tests
2022-03-25 12:45:00 -05:00
561c5d513e
Update module's on_new_session code
2022-03-25 12:16:44 -05:00
6bc0032c8d
Use SSH defaults
...
- Merge ssh defaults
- Remove options equals to default
2022-03-24 22:52:15 +01:00
8e73710843
Add in on_new_session method to do automatic cleanup with supported session types. Think this is only Meterpreter at the moment
2022-03-24 14:36:29 -05:00
bf88b7f618
Land #16325 - Replace IO read on binary files with File binread
2022-03-24 10:08:40 -05:00
e5c0259723
Add CREATE_BREAKAWAY_FROM_JOB flag to source files related to DLL generation, update the exploit source to denote how to clean up in case the payload can't clean up
2022-03-23 19:38:32 -05:00
b1ce05f97c
Add in updated Ruby code and also update the DLLs and prepend_migrate.rb to use the CREATE_BREAKAWAY_FROM_JOB flag with CreateProcess to break away from the job if the job has the JOB_OBJECT_LIMIT_BREAKAWAY_OK limit set to allow breakaway jobs
2022-03-23 17:47:25 -05:00
03d645016c
Land #16250 , Update service mixins for NAT options
2022-03-23 00:13:20 +00:00
86aed4928e
Add the HttpListenerBindPort to the log4shell exploit
2022-03-22 09:06:22 -04:00
6ec530a5ee
Improve some error handling
2022-03-21 15:22:00 -04:00
49aff227c5
Fix character escaping in the apisix exploit
2022-03-21 15:06:03 -04:00
715082a960
Update exploit and module with new delay timing and latest copy of DLL
2022-03-21 12:05:48 -05:00
bbf9e3163a
Fix file reads on Windows for binary files
2022-03-21 12:47:39 +00:00
1bfc0feedb
Remove default options from HttpUsername and HttpPassword as blank strings are still considered setting the option when it comes to OptString, and this leads to falsely assuming the strings are set by the user when they are not
2022-03-17 11:29:06 -05:00
6ee0ef0c8a
Add in appropriate warning message in case we hit a snag, might help people out who hit a similar issue. Issue is highly tempermental and sometimes goes away for no reason so its hard to pin down but logging in this way should help. I tried doing things manually in code but it didn't seem to help and I don't want to block the code from working on something like this.
2022-03-17 11:29:05 -05:00
ce062973cb
Make changes from review process, redo code for module to make it make less requests, and generally improve overal operations.
2022-03-17 11:29:05 -05:00
1f53e9d1c4
Rubocop and fix a mistake on commenting too much of the code out from testing
2022-03-17 11:29:00 -05:00
269cd5cfed
Add in Exchange Version mixin and module example
2022-03-17 11:28:53 -05:00
b4de9fa92a
Land #16344 , Add module for CVE-2022-21999 and More Railgun Definitions
...
Merge branch 'land-16344' into upstream-master
2022-03-16 08:37:05 -05:00
381b91de45
change wording in arch check
...
Co-authored-by: Brendan <bwatters@rapid7.com >
2022-03-15 16:45:36 -05:00
e96ec401bf
add arch check, fix logic error, add aka note
2022-03-15 12:58:39 -05:00
99664efed7
use full user name, add test output to docs
2022-03-14 09:15:36 -05:00
a62ca2259e
Land #16316 , deref services correctly
2022-03-11 12:08:42 +00:00
1349a7c486
More redundant cleanup calls
2022-03-11 12:22:27 +11:00
1576fd720e
Remove another redundant cleanup
2022-03-11 12:17:30 +11:00
d5373a7278
Removed redundant cleanup calls which exploit_driver will call anyway
2022-03-11 12:08:51 +11:00
07e6eef201
rename module, modify check
2022-03-10 17:02:58 -06:00
bc9f64f043
use default printer in case target is server
...
clean up code, add EnumPrinters definitions
2022-03-10 16:45:20 -06:00
b747e55dda
Land #16303 , add Dirty Pipe exploit
2022-03-10 11:16:28 -06:00
872b9c9a7c
modify docs to reflect changes, remove 'return'
2022-03-10 10:39:32 -06:00
2f86c78c91
remove check mode, check by kernel version only
2022-03-10 10:02:05 -06:00
472c26924a
fix kernel version check
2022-03-10 07:47:58 +00:00
c3465a8ad8
Fix whitespace EOL for msftidy
2022-03-10 11:16:01 +11:00
9761d68c19
Rename stop_service to cleanup_service for services that use reference counting
2022-03-10 10:28:25 +11:00
1494f804e7
Fix bug in java_rmi_server which would unilaterally close the HTTP server
2022-03-10 09:29:45 +11:00
9445c7824d
Fix bug in safari file policy module: don't stop the service; just dereference it, and trust the service manager
2022-03-10 09:07:11 +11:00
5cc892edad
Land #16312 , Fix arch check and cd in pwnkit
2022-03-09 13:48:35 -05:00
5505d05d04
Maybe actually fix arch check this time...
2022-03-09 11:06:26 -06:00
e67c70e422
Ensure default options gets override
2022-03-09 13:24:06 +01:00
77dc0722b4
Update modules/exploits/unix/ssh/tectia_passwd_changereq.rb
...
Ensure we're overriding the defaults
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com >
2022-03-09 13:02:15 +01:00
dd47017b5c
Added support to old key exchange algorithms
...
This commit fix the issue #16138 by adding support to old key
exchange algorithms in the net/ssh lib by defining the
`append_all_supported_algorithms` to `true`.
2022-03-09 10:25:50 +01:00
955cc9c986
fix cross compiling
2022-03-09 06:59:25 +00:00
Spencer McIntyre