38313e9962
rubocop
2023-11-21 17:11:15 -05:00
2750deedee
Update
2023-11-21 18:28:28 +01:00
218f652429
Update modules/exploits/linux/http/vinchin_backup_recovery_cmd_inject.rb
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2023-11-21 17:08:55 +01:00
7f8da5a121
Land #18558 , Support x64 in enum_chrome
2023-11-21 15:26:56 +00:00
5c09c86349
Land #18448 , corrected options confict between module and ldap mixin
2023-11-21 13:33:21 +00:00
58425df0ef
Update vinchin_backup_recovery_cmd_inject exploit and documentation
2023-11-21 02:09:24 +01:00
13ae9fcded
Refactor things in #decrypt_data
...
* Check that the initial memory was actually allocated before writing to
it
* Don't pass 16 to CryptUnprotectData as the ppszDataDescr parameter
because it is not a valid LPWSTR
* Don't leak memory in the event that CryptUnprotectData by ensuring mem
and addr are always free'ed
* Combine free calls into one for speed
* Don't assume the sessions is ARCH_X64 if it is not ARCH_X86 because
that may change some day
2023-11-20 16:40:42 -05:00
d59d5e5524
Update modules/exploits/linux/http/vinchin_backup_recovery_cmd_inject.rb
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2023-11-20 19:07:04 +01:00
4e1ec6484a
Update modules/exploits/linux/http/vinchin_backup_recovery_cmd_inject.rb
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2023-11-20 19:06:51 +01:00
8eb1f61217
Update modules/exploits/linux/http/vinchin_backup_recovery_cmd_inject.rb
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2023-11-20 19:06:41 +01:00
223cb245ba
Update modules/exploits/linux/http/vinchin_backup_recovery_cmd_inject.rb
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2023-11-20 19:06:05 +01:00
13b19ba537
Update modules/exploits/linux/http/vinchin_backup_recovery_cmd_inject.rb
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2023-11-20 19:05:54 +01:00
00cc8dcc09
Update modules/exploits/linux/http/vinchin_backup_recovery_cmd_inject.rb
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2023-11-20 19:05:45 +01:00
45a5c62308
Fix diamond tickets
2023-11-20 10:11:38 +11:00
69e5caa1a0
Refactor the ghostcat module to use the AJP defs
2023-11-17 12:58:05 -05:00
5e9ff17e59
Handle NTHASH tickets, including warning users that it's a terrible idea
2023-11-17 19:24:25 +11:00
42cdda7200
Vinchin
2023-11-16 18:10:42 +01:00
24fc989305
Merge branch 'rapid7:master' into master
2023-11-16 16:09:36 +01:00
4e6a29d0fb
Implement sapphire tickets
2023-11-15 22:31:11 +11:00
bdb13601ae
Implement diamond tickets
2023-11-15 16:13:01 +11:00
ef84759dd4
Fixed an issue in the DIR-300 rev B version check
2023-11-14 20:40:38 +00:00
3fa9416044
update addressing latest comments
2023-11-14 17:15:25 +00:00
6e1580e5f5
added target DIR-845L
2023-11-13 14:48:59 +00:00
51523e0971
release updating dlink_upnp_msearch_exec exploit module
2023-11-13 12:15:04 +00:00
1da4333611
Land #18434 , Add module for Zoneminder RCE
...
This PR adds an RCE module for the Zoneminder video
surveillance software system (CVE-2023-26035).
2023-11-10 15:15:01 -05:00
6056081de5
Change status message upon completion of exploit
2023-11-10 05:28:10 +05:30
8301e6c766
Use Rex::RandomIdentifier::Generator to generate payload variables names
2023-11-10 05:25:59 +05:30
9ce3fdc557
added empty line after guard clause
2023-11-09 22:23:27 +00:00
4919291ec8
Update modules/exploits/unix/webapp/zoneminder_snapshots.rb
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2023-11-09 23:21:39 +01:00
21340d0fd8
Update modules/exploits/unix/webapp/zoneminder_snapshots.rb
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2023-11-09 23:21:26 +01:00
87cb12731e
Update modules/exploits/unix/webapp/zoneminder_snapshots.rb
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2023-11-09 23:20:57 +01:00
e4005feb30
Update modules/exploits/unix/webapp/zoneminder_snapshots.rb
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2023-11-09 23:20:33 +01:00
110cea8cc9
Update modules/exploits/unix/webapp/zoneminder_snapshots.rb
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2023-11-09 23:20:17 +01:00
7482948ab7
Fix
2023-11-09 20:05:39 +01:00
c5cfc995c2
Add vinchin_backup_recovery_cmd_inject
2023-11-09 19:47:27 +01:00
b5aeab0c9f
Merge #18491 , Add Module for PL/SQL Developer to gather credentials
...
Merge branch 'land-18491' into upstream-master
2023-11-09 11:18:52 -06:00
893da00c6a
Modify Table DisplayName and password matching regex
2023-11-09 13:58:14 +08:00
a4750b11bc
Optimize AES key
2023-11-09 05:26:20 +08:00
9c23f86d83
Add support for v15 new encryption algorithm
2023-11-09 05:08:27 +08:00
77a93e452f
Land #18507 , Exploit & Auxiliary modules for CVE-2023-20198 and CVE-2023-20273 (Cisco IOS XE)
...
Merge branch 'land-18507' into upstream-master
2023-11-08 09:05:40 -06:00
06369281b9
Land #18503 , Apache Nifi Cred Stealer Post Module
...
This PR adds a post module to steal config and credential
information for Apache NiFi.
2023-11-07 20:05:10 -05:00
7331db43dd
Update print statement
2023-11-07 18:55:42 -05:00
d4166098a8
Update to be compatible for PL/SQL 14
2023-11-08 01:15:22 +08:00
87cd4aac5e
spelling fix
2023-11-07 05:04:31 -05:00
2a56c3f28b
remove redundant \d in check regex
2023-11-07 09:21:04 +00:00
f1317fa050
review comments
2023-11-06 18:34:36 -05:00
0ce7b03397
update nifi credentials post module
2023-11-06 14:50:02 -05:00
25ef7d1272
add the RCE exploit
2023-11-06 17:12:40 +00:00
e8d45b00ba
Land #18501 , Exploit module for CVE-2023-46604 - Apache ActiveMQ
...
Merge branch 'land-18501' into upstream-master
2023-11-06 09:30:48 -06:00
b28668790d
allow user to explicitly specify a CLI mode. Valid modes are 'user', 'privileged', and 'global'.
2023-11-06 11:40:22 +00:00
h00die