ccf5c36c44
combine both verseions of eb into a single module
2021-07-08 17:42:35 +01:00
88e64fcfae
eternalblue_win8 ported from python to ruby
2021-07-08 17:42:30 +01:00
38cdad47c0
initial commit
2021-07-08 16:53:37 +02:00
dc9c0035ab
Land #15371 , check if apport-cli is in $PATH
...
Fixes #15370
2021-07-08 09:28:35 -04:00
636b790acb
Update to using the AutoCheck mixin
2021-07-08 09:03:42 -04:00
fc1a34d7b1
Improve here doc formatting
2021-07-08 01:19:21 -05:00
e9c748cccc
Land #15385 , Add Module For CVE-2021-1675 / CVE-2021-34527 AKA PrintNightmare
2021-07-07 17:05:40 -05:00
70fd9376e3
Final documentation improvements to explain SMB setup and improvements to module to fix one minor error output
2021-07-07 17:05:22 -05:00
f42aa3742c
Automatically reconnect to the named pipe
2021-07-07 13:25:51 -04:00
af986380d3
Fix CheckCode
...
It's closer to CheckCode::Appears than CheckCode::Vulnerable.
2021-07-06 22:22:27 -05:00
f74903178e
Add a check method that detects the service
2021-07-06 17:29:08 -04:00
d5d48949b2
Update PrintNightmare module docs
2021-07-06 16:30:51 -04:00
a0bd903b50
Update module docs and the TARGETURI option
2021-07-06 15:52:50 -04:00
bfc45359ff
More documentation updates and address PR feedback
2021-07-06 11:27:06 -04:00
410493f729
Land #15318 , NSClient priv esc post module
2021-07-06 16:07:30 +01:00
0f9b913b0f
Remove the RPORT redefinition
2021-07-06 09:29:01 -04:00
8b0c4a1042
Update modules/exploits/windows/local/nscp_pe.rb
...
Co-authored-by: agalway-r7 <agalway@rapid7.com >
2021-07-06 11:18:56 +02:00
1a057d321b
rhost is working
2021-07-05 10:24:49 +02:00
0a43ec7e4a
Add module for CVE-2021-35464; pre-auth RCE in ForgeRock OpenAM server
2021-07-02 16:05:39 -05:00
9c6b023b0d
Add PrintNightmare module docs
2021-07-02 16:00:39 -04:00
dfa91961f7
Use enumeration to find target directories
2021-07-02 15:39:00 -04:00
d9ecfb823f
Add DCERPC plumbing for EnumPrinterDrivers
2021-07-02 12:10:00 -04:00
b9830487de
Add targets for older versions of Windows
2021-07-01 17:48:21 -04:00
9dea8b5f99
Define necessary flags and print target info
2021-07-01 16:01:07 -04:00
f6279ee9bc
Randomize the name and catch some errors
2021-07-01 14:00:51 -04:00
e44eb0005e
Initial PrintNightmare PoC
2021-07-01 12:32:43 -04:00
2085c2db13
Update modules/exploits/windows/local/nscp_pe.rb
...
Co-authored-by: agalway-r7 <agalway@rapid7.com >
2021-06-30 20:28:35 +02:00
daa5b32393
Update from review
...
- Remove `MeterpreterTryToFork` option logic
- Add `Prepend` code directly under `Payload` info
- Rebase to use the updated `PrependFork`
- Add logic to verify that shells specified in the options really exist
on the remote host
2021-06-30 18:13:35 +02:00
f66a64d2fb
Update the ssh_login_pubkey module
2021-06-30 09:51:52 -04:00
eca20bec92
Update from code review
...
- Fix documentation typos
- Rename `MeterpreterBackground` Mettle option to `MeterpreterTryToFork`
2021-06-30 11:02:11 +02:00
ccaedd6c9a
Last additions and improvements
...
- add binaries
- add documentation
- backup `runc` binary in the exploit C file
- add `MeterpreterBackground` options to set Mettle `background` option
- add `WsfDelay` logic
- refactor code
- add cleanup logic
- add restore `runc` binary logic
2021-06-30 11:02:11 +02:00
1b59b8c83e
Rebase and fix conflicts in lib/msf/core/post/common.rb
2021-06-30 11:02:11 +02:00
51f8808bed
Fix the representation of IPv6 addresses
2021-06-29 14:21:36 -04:00
2067e1177e
Land #15363 , Fix ipmi_dumphashes - session refused after few failed attempts
2021-06-28 10:50:41 +01:00
50a24bf198
handle raw-sha256, ignore *LK*, *NP*
2021-06-28 10:41:45 +02:00
059189d4a4
fix ipmi disconnects after few failed attemts
2021-06-27 22:53:27 +02:00
348c5e2e30
remove null character from base_dn
2021-06-27 22:51:39 +02:00
10ad84434c
Initial support for pivoting over SSH
2021-06-25 21:19:05 -04:00
a2a1b91a69
Land #15341 , add wpdiscuz exploit
2021-06-25 16:22:02 -05:00
f24a01945c
fix rubocop error
2021-06-25 15:33:45 -05:00
167e33dac0
safe navigation operator on res
2021-06-25 17:09:20 +02:00
6d13f0627e
formatting changes
2021-06-25 16:20:42 +02:00
1194e7d0f3
add guards, adjust formatting, add docs
2021-06-25 16:20:42 +02:00
d40656b852
apport_abrt_chroot_priv_esc: check if apport-cli is in $PATH
2021-06-25 11:48:16 +00:00
6cacc9d686
Update modules/auxiliary/gather/http/cve_2021_27850_apache_tapestry_hmac_key.rb
...
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com >
2021-06-25 10:40:34 +02:00
719cbc175a
Update modules/auxiliary/gather/http/cve_2021_27850_apache_tapestry_hmac_key.rb
...
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com >
2021-06-25 10:38:24 +02:00
5aaaf1e1f1
Update modules/auxiliary/gather/http/cve_2021_27850_apache_tapestry_hmac_key.rb
...
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com >
2021-06-25 10:33:11 +02:00
d5f0bf8425
Update modules/auxiliary/gather/http/cve_2021_27850_apache_tapestry_hmac_key.rb
...
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com >
2021-06-25 10:33:03 +02:00
f961b534b0
Update modules/auxiliary/gather/http/cve_2021_27850_apache_tapestry_hmac_key.rb
...
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com >
2021-06-25 10:32:46 +02:00
79e83f1010
Update modules/auxiliary/gather/http/cve_2021_27850_apache_tapestry_hmac_key.rb
...
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com >
2021-06-25 10:31:06 +02:00
A Galway