9160573d0c
Better cleanup for Linux
2022-06-16 23:08:32 +02:00
7963b22fa5
Added Windows support
2022-06-16 22:37:56 +02:00
aef69d1c43
Further changes as suggested
2022-06-16 21:04:57 +02:00
4c17a3c342
Fixed documentation spelling and presentation. Changed to new file upload API
2022-06-16 18:59:39 +02:00
b23e2207c2
Removed a rogue require statement
2022-06-16 16:42:03 +02:00
91d83e966c
Changed documentation to fit targets and added installation instructions. Added requests to delete .htaccess
2022-06-16 16:24:17 +02:00
339114e3c0
Check the target platform for compatibility
2022-06-15 17:11:56 -04:00
bcac5a1274
add missing payload tests
2022-06-15 14:34:08 -05:00
dc3596525e
Add Windows targets
2022-06-15 15:23:34 -04:00
d20fa45f7a
Add in guard clause to check that page isn't nil before trying to use it for processing pages
2022-06-15 11:35:30 -05:00
37234985e6
citrix_netscaler_config_decrypt Aux Module
...
Added an aux module that can perform offline decryption of NetScaler
config files. The module is able to decrypt secrets using well-known
static keys as well as the new Key Encryption Key (KEK) scheme.
This is the initial commit, and some functionality is lacking: there is
currently no loot storage of secrets, and the module cannot decrypt
-passcrypt entries from legacy configuration files.
2022-06-15 11:03:28 -04:00
825604dda9
Add docs and a configurable password
2022-06-15 08:51:47 -04:00
78f2ea39e9
Use some pretty libral error handling
2022-06-15 08:51:28 -04:00
ba76c5702d
Code changes, included metasploit version comparison utilities, removed Linux targets
2022-06-14 20:45:35 +02:00
35e535415a
getsytem module: use ACTION instead of TECHNIQUE datastore option
2022-06-14 15:31:33 +02:00
f804a58970
Add getsystem technique 6 Named Pipe Impersonation (Efs variant - AKA EfsPotato)
2022-06-14 15:31:15 +02:00
cb1e72461f
Renamed username to email to better reflect the user input nature. Created module documentation under /documentation/modules/exploit/multi/http/qdpm_authenticated_rce.md
2022-06-14 10:35:43 +02:00
41567b1eb4
Add the DELETE_COMPUTER action
2022-06-13 17:46:34 -04:00
084fc194ea
Add the LOOKUP_COMPUTER action
2022-06-13 17:20:34 -04:00
74936f69a3
Add the ADD_COMPUTER action
2022-06-13 17:03:51 -04:00
c906cf8fa2
Fixed EDB reference
2022-06-13 17:41:34 +02:00
f6bd8fd020
Land #16571 , Vcenter offline mdb extract
...
Merge branch 'land-16571' into upstream-master
2022-06-13 10:32:07 -05:00
ba83b1bdf5
add manageengine adaudit plus and datasecurity plus xnode enum modles and manageengine_xnode lib
2022-06-10 10:32:25 -04:00
a075c676a6
Fix spacing issue
2022-06-10 08:47:41 -05:00
3f06e237b7
Correctly format the notes sections
2022-06-10 14:01:57 +01:00
67ea2bc23c
Land #16630 Fix duplicate ntlm hash storage
...
Net-NTLM (v1 and v2) hashes were being duplicated when
stored in the database due to the unique data in the challenge
dispite being the same. This fixes that issue
2022-06-08 14:07:34 -04:00
ab322d9318
Add minor review improvements for code readability and future travelers
2022-06-08 11:53:42 -05:00
a55aa8492c
Add SAN support to impersonate_ssl module
2022-06-08 11:22:06 -04:00
3875db78ae
Land #16644 , Add Exploit for CVE-2022-26134 (Confluence RCE)
...
Merge branch 'land-16644' into upstream-master
2022-06-07 16:00:37 -05:00
2b99967d0c
Merge branch 'master' into fix/duplicate-netntlm
2022-06-07 11:42:51 -04:00
8584014af2
Land #16583 , Bump payloads version to 2.0.93
2022-06-07 08:58:56 -05:00
1a06f69f95
Works through v7.18 now too
2022-06-06 22:03:21 -04:00
45c646afea
Refactor #encode_ognl
2022-06-06 18:15:44 -04:00
2c0e034a18
Fix a couple of typos
2022-06-06 18:14:05 -04:00
c751ef46c9
Land #16635 , Add 0-day MSWord RCE #Follina CVE-2022-30190
...
Merge branch 'land-16635' into upstream-master
2022-06-06 14:41:31 -05:00
f55334f0fe
Add version detection
2022-06-03 18:26:04 -04:00
76ec36a091
Remove the Windows targets for now
2022-06-03 16:50:13 -04:00
29a9ef686a
Finish up a draft of the module
2022-06-03 16:47:02 -04:00
cd6bbeb0ba
WIP module
2022-06-03 15:27:13 -04:00
1dc61d02eb
Update php_fpm_rce.rb
2022-06-03 11:23:53 +03:00
45674fbcc2
Add the initial samr module
2022-06-02 14:12:47 -04:00
474116d413
Land #16611 , DotCMS File Upload to RCE Module (CVE-2022-26352)
2022-06-02 15:30:10 +02:00
3ab06461af
fix. second review
2022-06-02 00:58:20 +04:00
dd1814903c
fix. SRVHOST default value
2022-06-02 00:07:15 +04:00
8c19a02835
fix. first review
2022-06-01 20:15:08 +04:00
6d3ccab1be
Land #16435 , add Microsoft SQL Server sqli support
2022-06-01 10:27:48 -05:00
97caca4f6e
Update modules/exploits/multi/http/dotcms_file_upload_rce.rb
...
Co-authored-by: cdelafuente-r7 <56716719+cdelafuente-r7@users.noreply.github.com >
2022-06-01 10:54:02 -04:00
bea4207c62
Land PR #16607 - MyBB RCE Module (CVE-2022-24734)
...
This exploit module leverages an improper input validation
vulnerability in MyBB prior to 1.8.30 to execute arbitrary
code in the context of the user running the application.
2022-05-31 11:59:53 -04:00
dac355d9cf
Land #16492 , nfs_mount more intelligent mountability
2022-05-31 11:56:19 +02:00
7f89e92da3
add more informations about
2022-05-31 00:12:30 +04:00
giacomo270197