395ab1d77e
Specify mode rb on file reads
2022-02-12 21:39:12 +00:00
99e2cfdab4
correct CVE number
2022-02-13 01:15:10 +07:00
3f2d6b6c22
adding authors and removing C exploit reference
2022-02-12 11:52:23 +04:00
74521c8ced
Update check for supported CentOS, Ubuntu, and Debian Targets
2022-02-11 20:30:05 -06:00
058bb33458
Merge me. More Rubocop updates
2022-02-11 17:28:16 -06:00
1a3f161ec0
Remove extra comments, randomize an additional parameter, update target section with affected versions
2022-02-11 17:26:42 -06:00
862b057277
Fix up RuboCop issues
2022-02-11 14:18:25 -06:00
4c1b2478fa
Add in exploit and documentation
2022-02-11 13:58:56 -06:00
db00991f26
Land #16150 , add nagios xi web shell upload
2022-02-11 11:45:06 -06:00
72a0732009
Update ShadowMitmDispatcher to reduce ip lookups
...
The ShadowMitmDispatcher must be initialized with an interface, mac, and
ip address as keyword arguments. This prevents dispatchers from
retrieving the same network configuration multiple times.
2022-02-11 22:35:40 +09:00
963a8e7b0d
add sploit for Cisco RV340 SSL VPN
2022-02-11 16:42:08 +07:00
e1da95243f
Always clean up the created job
2022-02-10 17:39:07 -08:00
ca62a05ce1
Clenup and check strategy
...
- Removed else statements from check in favor of implicit return
- Added comment explaining the check strategy (to be less intrusive)
2022-02-11 00:30:31 +01:00
d1764b2e75
Update option name
...
Update option name from LOGPATH to LOGFILE to become more intuitive.
2022-02-11 00:00:19 +01:00
df53a62cc9
Making reason from failures more descriptives
...
Cases
[x] User defined wrong log file
[-] Exploit aborted due to failure: unexpected-reply: Log file
/var/www/log.log seems doesn't exit
[x] module doesnt detect the log file
[-] Log file does not exist /var/www/storage/logs/laravel.log
[-] Exploit aborted due to failure: bad-config: Log file is
required, however it was defined nor it was not automatically detecte
[x] site doesnt respond with error, module unable to find the log
directoy
[-] Unable to automatically find the log file. To continue set
LOGPATH manually
[-] Exploit aborted due to failure: bad-config: Log file is
required, however it was defined nor it was not automatically detected
[x] site with debug mode false
[-] Exploit aborted due to failure: not-vulnerable: The target is
not exploitable. "set ForceExploit true" to override check result
2022-02-10 23:40:49 +01:00
719e71648c
Change Vulnerable to Appear in the check method
...
As we can't determine with certainly whether the target is vulnerable the check method should return appear instead of vulnerable.
Co-authored-by: Simon Janusz <85949464+sjanusz-r7@users.noreply.github.com >
2022-02-10 20:08:36 +01:00
9635fde12d
Add support and templates for aarch64 targets
2022-02-10 10:49:02 -06:00
5431d3d0f6
Add in initial check method code
2022-02-09 20:12:41 -06:00
e18492a88a
Update modules/exploits/linux/http/nagios_xi_autodiscovery_webshell.rb
...
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com >
2022-02-09 15:35:38 -05:00
cc52850ff0
Fix coding style offenses.
2022-02-09 21:30:17 +01:00
da1bc1f6d1
Change exploit Rank. Add AutoCheck. Remove custom timeout on request cgi.
2022-02-09 21:19:10 +01:00
0a78dd78ec
Used suggested method for defining user webshell, used suggested depth configuration, and used vars_get in a couple of places
2022-02-08 18:20:03 -08:00
d1ba43e4c8
Remove hard-coded values
2022-02-08 16:00:20 -06:00
65ebeafacc
Use the supplied directory
2022-02-08 16:00:19 -06:00
c44fb6a9d3
ugly but working no-gcc module
2022-02-08 16:00:19 -06:00
bed067dda0
Land #16125 , add ARCH_CMD for GXV3140 support
2022-02-08 12:24:42 -06:00
c7092861e0
Fix the CVE format based on failed tests
2022-02-08 14:38:54 +01:00
f1fe6b7c89
Add module to CVE-2021-3129
2022-02-08 14:21:10 +01:00
5bbe934db9
Add QEMU Monitor HMP 'migrate' Command Execution module
2022-02-07 17:48:27 +00:00
0fcc7e7733
Fixed spelling errors in descriptions
2022-02-06 02:55:17 -08:00
2e0915fbd4
Fix the Claroty team name
2022-02-06 02:47:43 -08:00
9758251278
Initial commit of CVE-2021-37343
2022-02-05 18:21:18 -08:00
e2c91ebf30
Land #16010 , zabbix_script_exec improvements
...
This updates the zabbix_script_exec module to work with versions 5.0 and
newer as well as adds a new item-based execution technique.
2022-02-04 15:13:13 -05:00
ae278d0568
Cleanup some minor typos
2022-02-04 15:12:57 -05:00
8838d9cb66
Added timeout system, fixed a bug with TLS_PSK, linted
2022-02-04 04:01:23 -08:00
965493191f
Add and use a Log4Shell mixin
2022-02-03 16:09:49 -05:00
645ef5e71f
Fixed few bugs
2022-02-02 14:30:02 -08:00
7bf08a28ea
Modified default stager
2022-02-02 12:34:07 -08:00
30b8e2196b
payload_file spaces
...
Thank you bcoles
Co-authored-by: bcoles <bcoles@gmail.com >
2022-02-02 21:30:13 +04:00
274b954c58
Land #16123 , fix reference URL in cisco_ucs_rce
2022-02-01 17:06:59 -05:00
06fb748402
Add the missing full disclosure URL reference
2022-02-01 17:06:37 -05:00
de32cc0e97
Linted with Rubocop, factorized API call, fixed some grammmar
2022-02-01 13:29:30 -08:00
837fdf7c5e
Land #16128 , add cisco rv unauth rce
2022-02-01 10:34:57 -06:00
8bf51dd1d8
Update smb_shadow and shadow_mitm_dispatcher
...
The dispatcher no longer uses an override flag, Instead the smb_shadow
module explicitly sets the attributes.
2022-01-31 14:49:18 +09:00
ccedcfefab
Added exploit for CVE-2021-1472/CVE-2021-1473
2022-01-29 18:56:53 -08:00
feebf25ad4
Add support for GXV3140 models and ARCH_CMD busybox telnetd payload
2022-01-29 19:38:57 +00:00
a4fcddca8e
Rename to grandstream_gxv31xx_settimezone_unauth_cmd_exec
2022-01-29 19:24:09 +00:00
70d4013610
fix faulty URL ref #16078 removed faulty url
...
fix faulty URL ref #16078 , i searched for FULL_DISC tool in Cisco but i cant find anything related to this so i removed it. if that is meant by the issue.
2022-01-29 22:33:33 +05:30
d46822184f
Updates for Log4Shell
2022-01-28 14:56:44 -05:00
dbc8a70b7c
Merge remote-tracking branch 'origin/master' into mitm_dispatcher
2022-01-28 10:24:50 +09:00
alanfoster