126b5441c9
Add a bunch of virtio modules to detect KVM
2023-08-22 12:34:42 +02:00
995dcfd753
Be a bit more stealthy when looking at kernel modules
...
No need to run a binary if reading a file is enough
2023-08-22 12:34:42 +02:00
bee2b6b381
Add detection via /proc/cpuinfo
2023-08-22 12:34:42 +02:00
2a5595037f
Add detection via /sys/devices/virtual/dmi/id/bios_vendor
2023-08-22 12:34:42 +02:00
cd1fc1a79c
Add another Hyper-V detection
2023-08-22 12:34:42 +02:00
0af4e98eb6
Add some process-based detection
2023-08-22 12:34:42 +02:00
95b964a2f4
Add some more virtualbox kernel modules
...
Taken from https://www.virtualbox.org/wiki/Guest_resizing
and https://linuxconfig.org/install-virtualbox-guest-additions-on-linux-guest
2023-08-22 12:34:42 +02:00
f84cbab0c4
Add some Hyper-v kernel modules
...
Taken from https://learn.microsoft.com/en-us/windows-server/virtualization/hyper-v/manage/manage-hyper-v-integration-services
2023-08-22 12:34:41 +02:00
af22ca9253
Add detection of Xen via /proc/xen/capabilities
...
Xen's dom0 has `control_d` in its /proc/xen/capabilities
2023-08-22 12:34:41 +02:00
26b6ad2948
Add a comment
2023-08-22 12:34:41 +02:00
4027a6edce
Add detection via /sys/class/dmi/id/sys_vendor
2023-08-22 12:34:41 +02:00
d43bbb6655
rubocop
2023-08-21 19:57:37 -04:00
97dd22032c
Responded to comments, improved stability
2023-08-21 19:20:25 -04:00
1bd14dd8f4
error handling for apache modules
2023-08-21 18:12:26 -04:00
1bbf8194ce
Remove more unnecessary arguments
2023-08-21 14:45:09 -07:00
79fa3dea8b
Fix a variable name
2023-08-21 14:32:06 -07:00
b1c1f705be
Remove some unneeded arguments
2023-08-21 14:30:25 -07:00
6dd89a513b
Make some changes from jvoisin's suggestions in the PR
2023-08-21 14:26:34 -07:00
f5908a5818
Add a comment
2023-08-21 08:53:52 -07:00
ce50cfa11a
Add module for SonicWall vulns, which includes cve-2023-34124
2023-08-21 08:53:07 -07:00
a024e79b6b
Added change to protect groups if its unset
2023-08-21 11:36:16 -04:00
a45792877a
lib and spec updates
2023-08-20 19:37:22 -04:00
fb1a6d3d72
Invert check condition so that extra checks wont run unless version is vulnerable
2023-08-19 21:56:02 +06:30
b6cf981378
Updates based on review comments
2023-08-19 08:18:50 +00:00
1188ce1e34
Implement suggestions from code review
...
* Reduce verbosity of log messages
* Move 'check_*' methods into 'check' method
* Fix non-existent Windows PowerShell Command payload
* Clearer log message for unpausing DAG in 'check_unpaused' method
2023-08-19 09:45:39 +06:30
fd3e532b87
Change Airflow version log message to "status" instead of "good"
...
Co-authored-by: Brendan <bwatters@rapid7.com >
2023-08-19 08:33:31 +06:30
b8a2a405c8
Merge branch 'rapid7:master' into apache_airflow_dag_rce
2023-08-19 08:31:18 +06:30
11d7b368da
Land #18287 , fix stack trace in forge_ticket
...
This PR fixes a stack trace thrown by the forge_ticket
module when the SPN datastore option was left blank. The module
now fails due to bad-config and gives a detailed error message.
2023-08-18 17:38:51 -04:00
e0f545673c
Add files for cleanup, fix serve address, add retry_until_truthy
2023-08-18 23:25:49 +02:00
f3c8ca94ff
Land #18297 , fix broken mysql_authbypass_hashdump
...
This PR fixes the broken mysql_authbypass_hashdump module.
2023-08-18 17:08:31 -04:00
5fdc9924d5
Land #18123 , add exploit for Jorani unauth RCE
...
This PR adds a module that chains together a log poisoning LFI,
redirection bypass and a path traversal vulnerability to obtain unauth RCE.
2023-08-18 16:44:42 -04:00
e97183e7bd
Update modules/exploits/linux/http/vmware_vrli_rce.rb
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2023-08-18 20:21:42 +00:00
20ca3b8720
Update modules/exploits/linux/http/vmware_vrli_rce.rb
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2023-08-18 20:17:37 +00:00
d8d5049d97
Update modules/exploits/linux/http/vmware_vrli_rce.rb
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2023-08-18 20:16:32 +00:00
4fe15ee788
Update modules/exploits/linux/http/vmware_vrli_rce.rb
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2023-08-18 20:16:21 +00:00
1a97b11f09
Update modules/exploits/linux/http/vmware_vrli_rce.rb
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2023-08-18 20:16:12 +00:00
86c8f11e17
Update modules/exploits/linux/http/vmware_vrli_rce.rb
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2023-08-18 20:16:03 +00:00
0334d28553
Apply final suggestions from code review
2023-08-18 15:40:58 -04:00
b064578488
Apply suggestions from code review
2023-08-18 15:37:11 -04:00
4ddd789f51
Apply suggestions from code review
2023-08-18 15:33:59 -04:00
c3111d997f
major changes - included bindata and added more documentation
2023-08-18 13:45:48 +02:00
4a76371b01
Fix broken mysql_authbypass_hashdump module
2023-08-17 23:41:43 +01:00
d84c15cf21
lib and spec updates
2023-08-17 15:29:20 -04:00
703f535850
Land #18275 , Update java reverse http and https to be dynamic
2023-08-17 16:15:16 +01:00
89f8deb672
Land #18253 , Add CVE-2023-34634, Greenshot Fileformat exploit
2023-08-17 15:30:02 +01:00
0965233591
Remove debug print
2023-08-17 08:48:42 -05:00
4137d2df21
Merge branch 'rapid7:master' into apache_airflow_dag_rce
2023-08-17 10:19:13 +06:30
8717e66b14
Land #18280 , Add Maltrail Unauth RCE Module
...
This PR adds a module for an unauthenticated RCE vulnerability
in Maltrail, a malicious traffic detection system. This vuln
does not have a CVE associated with it.
2023-08-16 17:29:05 -04:00
cd3d053e6e
Update affected versions in the doc file
2023-08-16 16:52:48 -04:00
c3252027f2
Update modules/exploits/unix/http/maltrail_rce.rb
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2023-08-16 18:45:26 +00:00
jvoisin