5e52f47c17
land #12279 resolve_hosts now databases results
2019-09-20 17:18:07 -04:00
47a3204e34
Land #12295 , Update to modbusclient to use modbus read functions 2 and 4
2019-09-19 14:47:52 -05:00
4af0731f8c
Land #12320 , Add correct CVE for shopware module
2019-09-18 22:04:12 -05:00
a386b2d503
Land #12176 - Add evasion module applocker_evasion_regasm_regsvcs
...
Add evasion module applocker_evasion_regasm_regsvcs
2019-09-17 10:20:56 -05:00
97fbfa3a9f
Land #12154 , Add evasion module applocker_evasion_presentationhost
2019-09-12 17:41:01 -05:00
a9a2ce2f6a
Add correct CVE for shopware module
...
In PR #11828 , the module author requested, and got, a new CVE for this
issue. The module should reflect that.
2019-09-12 16:09:32 -05:00
e21b25b20f
Land #12302 , add zip slip exploit
2019-09-12 07:45:51 -05:00
644988750e
change permission on payload
2019-09-12 07:43:54 -05:00
408d01cef4
Land #12276 , add OpenEMR auxiliary module
2019-09-11 15:58:01 -05:00
8bfdaf6ab7
change metadata indentation
2019-09-11 15:56:46 -05:00
cfeaca6de8
Land #12310 , Add CVE info for jboss_vulnscan and jboss_status
...
jboss_vulnscan and jboss_status: add CVE information
2019-09-11 11:47:05 -05:00
3ed9fb0383
Fix a bug caused by writing python code in a ruby file.
2019-09-11 15:39:15 +00:00
a63357c460
Land #12177 , Add evasion module applocker_evasion_workflow_compiler
2019-09-11 10:28:16 -05:00
b460dc113d
jboss_vulnscan & status: add CVE ref
2019-09-11 14:05:21 +02:00
262e574fe2
Add the .csv extension to the loot file.
2019-09-10 21:32:03 -04:00
7a8eb76a12
Use the same gsub pattern to create the ltype as is used by store_loot to sanitize characters.
2019-09-10 21:14:15 -04:00
8fe1f9d172
Rephrase
2019-09-10 12:12:46 -05:00
832d2e4300
Remove unneccesary comment.
2019-09-10 12:29:55 -04:00
3fc0467484
Update modules/auxiliary/sqli/openemr/openemr_sqli_dump.rb
...
Remove unused path variable.
Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com >
2019-09-10 12:27:48 -04:00
f1f9597222
Update modules/auxiliary/sqli/openemr/openemr_sqli_dump.rb
...
Use `normalize_uri` to construct the vulnerable URI.
Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com >
2019-09-10 12:27:22 -04:00
ee660d61ea
Land #12275 , Update payloads to 1.3.77
...
Merge branch 'land-12275' into upstream-master
2019-09-10 11:14:56 -05:00
2cd8125a40
Add zip skip
2019-09-09 12:00:53 -05:00
a990191f99
Update modbusclient.rb
2019-09-07 23:54:43 -05:00
054a092eb2
fix references in bypassuac modules
2019-09-08 00:42:21 -04:00
78c4bfee95
add url for fodhelper
2019-09-08 00:33:16 -04:00
f60e8a3dbd
less indents
2019-09-08 00:11:11 -04:00
ce5f8d8d2f
add datastore option
2019-09-08 00:06:49 -04:00
edcddf2736
Update modbusclient.rb
2019-09-06 22:40:31 -05:00
25b56c410d
Land #12189 , Add module for LibreNMS CVE-2019-10669
...
Merge branch 'land-12189' into upstream-master
2019-09-06 12:01:09 -05:00
c4bd91f505
Land #12272 , add October CMS file upload
2019-09-06 10:13:33 -05:00
5f7c243b48
add filedropper, fix check, add to docs
2019-09-06 09:49:09 -05:00
17acaf9720
Land #12226 , fix #11574 , add WSReset.exe UAC Bypass
...
Merge branch 'land-12226' into upstream-master
2019-09-06 09:19:24 -05:00
aaebec01a4
Update References
...
Added CVE and Blog link
2019-09-06 18:26:28 +05:30
cf4c10783a
Update modules/exploits/multi/http/october_upload_bypass_exec.rb
...
Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com >
2019-09-05 23:50:18 +05:30
4b416bf530
Update modules/exploits/multi/http/october_upload_bypass_exec.rb
...
Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com >
2019-09-05 23:48:43 +05:30
a7e205e252
Update modules/exploits/multi/http/october_upload_bypass_exec.rb
...
Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com >
2019-09-05 23:48:32 +05:30
0e4e7dd9d9
Update modules/exploits/multi/http/october_upload_bypass_exec.rb
...
Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com >
2019-09-05 23:48:22 +05:30
bc1610ec46
Update modules/exploits/multi/http/october_upload_bypass_exec.rb
...
Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com >
2019-09-05 23:48:14 +05:30
9f03db4582
Land #12280 , add WSReset.exe UAC bypass via registry
2019-09-06 02:14:54 +08:00
1a717a5624
minor fixes
2019-09-06 02:11:06 +08:00
cc9d9bb483
s/bypassuac_windows_store/bypassuac_windows_store_filesys/g
2019-09-06 00:52:13 +08:00
481c13ea0f
Rubocop changes
2019-09-05 11:44:00 -05:00
cf3f6c90f8
Renamed file to make room for the other UAC bypass targeting the same exe
2019-09-05 11:35:10 -05:00
b876afa20f
Fixed up the code before pushing it.
2019-09-05 11:33:05 -05:00
598cf35e1e
Land #12271 , Don't mangle staged x86, x64 payloads
2019-09-05 11:18:45 -05:00
56d81052e8
Save the data we just collected
...
Instead of just throwing it away after printing.
2019-09-05 09:47:04 -05:00
9281c0de12
Add some missing pieces to the UAC pypass?
2019-09-04 17:03:32 -05:00
2ee5ec97e4
Use smallest stager size
...
Since these stagers can shrink based on the expected size of the next
stage, do our best to anticipate a small size. This makes the cached
payload size consistent for now, though if the x64 mettle stager grows
past 128 bytes I think we'll see the stager start oscillating in size
again. If you run into that and are reading this, sorry :(
2019-09-04 16:06:44 -05:00
4d89dd83e3
Update payload cached size
...
For real this time?
2019-09-04 15:17:34 -05:00
de554b315a
Update cached size
2019-09-04 14:56:12 -05:00
h00die