4b1762081f
Renane module to redis_extension_cmd_exec.
...
Fix #12143
2020-03-28 11:37:18 +08:00
a4e11fd311
spaces EOL SMH
2020-03-27 18:01:44 -04:00
e9e142b573
shoutout
2020-03-27 18:01:43 -04:00
7bc30ecf39
add version check
2020-03-27 18:01:43 -04:00
eda3653a51
tidy
2020-03-27 18:01:43 -04:00
4f6e2fe84e
vmware fusion osx lpe
2020-03-27 18:01:43 -04:00
5f0c9942d2
Land #12756 , add dlink dwl2600 exploit
2020-03-27 12:38:35 -05:00
8aa4d7a944
remove mixins, add CVE
2020-03-27 12:37:40 -05:00
c4f05fb566
Update modules/exploits/multi/misc/ibm_tm1_unauth_rce.rb
...
Co-Authored-By: bcoles <bcoles@gmail.com >
2020-03-27 16:29:34 +07:00
8139d0a1f1
change if to positive
2020-03-27 16:18:43 +07:00
79abacd186
Fix null response
2020-03-27 16:17:01 +07:00
7400720130
Update modules/exploits/multi/misc/ibm_tm1_unauth_rce.rb
...
Co-Authored-By: bcoles <bcoles@gmail.com >
2020-03-27 16:15:56 +07:00
75a0a2ae8a
change module name
2020-03-27 16:15:43 +07:00
3429e86f40
Update modules/exploits/multi/misc/ibm_tm1_unauth_rce.rb
...
Co-Authored-By: bcoles <bcoles@gmail.com >
2020-03-27 16:14:44 +07:00
f69d9e0b0d
Update modules/exploits/multi/misc/ibm_tm1_unauth_rce.rb
...
Co-Authored-By: bcoles <bcoles@gmail.com >
2020-03-27 16:14:33 +07:00
f81099709d
Update modules/exploits/multi/misc/ibm_tm1_unauth_rce.rb
...
Co-Authored-By: bcoles <bcoles@gmail.com >
2020-03-27 16:14:22 +07:00
cb5fbdf0c0
explain a bit better
2020-03-27 15:23:46 +07:00
d566fdefae
add link to advisory
2020-03-27 14:52:28 +07:00
38df0e3a58
Add exploit for IBM TM1
2020-03-27 14:40:56 +07:00
bb21c8f6d8
Finishing Touches on DLINK DWL 2600 Module
...
These last finishing touches complete the DLINK DWL 2600 Module. The
fixes include making renaming token to @token and adding the noconcat
CmdStager option.
2020-03-26 20:13:55 -05:00
dc9e215318
remove unused code / add option
2020-03-26 16:05:56 -05:00
f191eb00c9
add command stager
2020-03-26 16:05:56 -05:00
077d7af6a9
Land #13143 , fix broken redis_unauth_exec check in msfconsole
2020-03-26 12:21:26 +00:00
beb53254c7
Land #13122 , Add Exploit Module For CVE-2020-0646 (SharePoint Workflows XOML RCE)
...
Merge branch 'land-13122' into upstream-master
2020-03-25 11:24:15 -05:00
5ce4929834
Fix has_check? conflict in redis_unauth_exec
...
Importing `Msf::Auxiliary::Scanner` at all will override the default
`has_check?` check and add a its own `check` method. This redefines
`has_check?` to allow usage of the Redis mixin while using an
exploit-style `check` method.
Fixes #13095
2020-03-25 10:07:08 -05:00
54edd201e4
Cleanup cmdstager options
2020-03-24 17:14:47 -04:00
a69f3eb946
Use the correct its instead of it's
2020-03-24 16:44:18 -04:00
d32640d179
Land #13133 clean up module documentation
...
Land #13133 clean up module documentation
2020-03-24 12:29:27 -05:00
a0cd00dac7
Cleanup module doc and comments for CVE-2020-0646
2020-03-24 10:15:58 -04:00
0b4c047411
doc cleanup
2020-03-24 08:47:21 -04:00
0832604131
Finish up the CVE-2020-0646 SharePoint RCE
2020-03-23 18:14:28 -04:00
9954fae7ff
Update pandora_ping_cmd_exec.rb
2020-03-23 21:44:33 +03:00
005601f76e
Changing from Remote to Local
...
Using https://github.com/rapid7/metasploit-framework/issues/13116 as the reference
2020-03-23 20:40:25 +03:00
b1fb946533
Update modules/exploits/linux/http/pandora_ping_cmd_exec.rb
...
Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com >
2020-03-23 17:29:23 +03:00
8ba7b05eb7
Update modules/exploits/linux/http/pandora_ping_cmd_exec.rb
...
Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com >
2020-03-23 17:27:00 +03:00
98fdcedf40
Apply suggestions from space-r7 code review
...
Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com >
2020-03-23 14:08:12 +01:00
fd8ceb0db2
Land #13082 , add Horde Groupware Webmail RCE
2020-03-23 07:32:53 -05:00
475c24361d
randomize file name
2020-03-23 07:28:04 -05:00
88ea6b527a
Apply suggestions from code review
...
Co-Authored-By: bcoles <bcoles@gmail.com >
2020-03-23 09:48:00 +01:00
4e81b7b969
Fix indent
2020-03-21 16:12:23 +01:00
58780c6db9
Update Unraid 6.8.0 exploit module
...
- Changed exploit name
- Set Privileged to true
- Better error handling
- Typo fixes
2020-03-21 11:44:35 +01:00
c6eebe4ca3
replace equality with include?
2020-03-20 21:19:29 -05:00
6c24ed4c96
Initial SharePoint WorkFlows XOML RCE module
2020-03-20 17:57:54 -04:00
401e000892
Add Unraid auth bypass to RCE exploit
...
Unraid is an operating system for personal and small business use that
brings enterprise-class features letting you configure your computer
systems to maximize performance and capacity using any combination of
applications, VMs, storage devices, and hardware.
This module exploits an authentication bypass vulnerability that leads
to remote code execution as root.
2020-03-20 15:13:54 +01:00
5ccda4b567
Added Pandora FMS 7.0NG exploit
...
Pandora FMS (for Pandora Flexible Monitoring System) is software for
monitoring computer networks. Pandora FMS allows monitoring in a visual
way the status and performance of several parameters from different
operating systems, servers, applications and hardware systems such
as firewalls, proxies, databases, web servers or routers.
This module exploits a vulnerability found in Pandora FMS 7.0 NG and lower.
The vulnerability exists on the `net_tools.php` component, due to the insecure
usage of the `system()` PHP function.
2020-03-19 22:50:00 +03:00
5b2f744cd8
Land #13070 , fix Cisco DCNM directory search regex
2020-03-19 13:17:27 -04:00
40d6dd14c4
Remove the check method
2020-03-18 20:29:49 +01:00
19e9848592
Remove trailing spaces
2020-03-17 19:06:57 +01:00
bbb152a6d8
Update modules/exploits/multi/http/horde_csv_rce.rb
...
Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com >
2020-03-17 19:02:34 +01:00
eccee07e8b
Update modules/exploits/multi/http/horde_csv_rce.rb
...
Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com >
2020-03-17 19:02:07 +01:00
Green-m