42902bb5e5
Land #17851 , fix check function which always prints vulnerable
2023-04-07 14:24:45 +01:00
9985538846
Update modules/exploits/linux/http/apache_couchdb_cmd_exec.rb
...
fix nil exception
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com >
2023-04-07 09:55:00 +09:00
f0189cc886
revert another get_once
2023-04-06 11:43:50 +01:00
656c562816
Added notes, revert to get_once
2023-04-06 11:01:32 +01:00
cc79fe039a
Merge branch 'rapid7:master' into weblogic-t3s-support
2023-04-06 10:38:29 +01:00
5d63175b56
Land #17823 , php_cgi_arg_injection: Fix check regex match to detect code html tag
2023-04-05 16:44:52 +02:00
8b3d799104
fix check function which always prints vulnerable
2023-04-04 10:07:06 +09:00
f7cee703ce
Land #17835 , cisco_dcnm_auth_bypass: Fix TARGETURI URL normalization
2023-04-03 11:47:56 +01:00
a54f3d4707
fix broken module references
...
doing these "by domain" now, piecemeal.
this PR fixes all broken references to the "insecurety" website, which is long dead.
2023-04-01 05:17:02 -07:00
2711ba4b3a
cisco_dcnm_auth_bypass: Fix TARGETURI URL normalization
2023-03-31 23:53:41 +11:00
15d267a233
Land #17826 , post module for CVE-2023-21768
...
This adds an exploit module for CVE-2023-21768 that
achieves local privilege escalation on Windows 11 2H22.
2023-03-30 12:27:28 -04:00
152ef4a86b
Update modules/exploits/windows/local/cve_2023_21768_afd_lpe.rb
2023-03-30 11:28:46 -04:00
6f400052b1
Update modules/exploits/windows/local/cve_2023_21768_afd_lpe.rb
2023-03-30 11:00:55 -04:00
ab08cd2d1c
Land #17753 , Update get_ticket to support using forged golden tickets
2023-03-30 14:15:48 +01:00
1f32004901
Land #17813 , ssh_enumusers set CHECK_FALSE to true
2023-03-29 12:31:31 -05:00
9cd024a7a2
Land #17828 , add AMQP login scanner module
2023-03-29 09:24:48 -05:00
0a559bfded
Land #17704 , Apache Solr RCE via Velocity Template: Attempt fix for NoMethodError when exploiting
2023-03-29 15:12:04 +01:00
e1ecdac2a5
Land #17724 , Add ticket checksum to kerberos ticket creation
2023-03-29 09:01:39 +01:00
72ec93d27a
Land #17827 , add AMQP version scanner module
2023-03-28 16:00:42 -05:00
aaa36e2651
Land #17831 , Fix dead reference links in rpc_cmsd_opcode21.rb
2023-03-28 19:38:46 +01:00
f626b55831
Land #17825 , Update zimbra_slapper_priv_esc.rb
2023-03-28 18:36:18 +01:00
1330913e33
Fix dead reference links in rpc_cmsd_opcode21.rb
...
Both the reference links in this one are dead, replacing with archive.org links.
Much like https://github.com/rapid7/metasploit-framework/pull/17825 , I'll be doing these ad-hoc for a little bit until I figure out a reliable way to do a load of them in one batch.
2023-03-28 18:15:26 +01:00
fcb93fef58
Land #17806 , Optergy BMS Backdoor RCE module
...
This module exploits an undocumented backdoor vulnerability
(CVE-2019-7276) in the Optergy Proton and Enterprise Building
Management System (BMS) applications.
2023-03-28 10:27:35 -04:00
f3c12ba176
Land #17808 , Update broken secunia references
...
The Secunia links in the framework were dead. They have
now been restored using the wayback machine to grab
replacement links from the earliest date possible.
2023-03-27 17:20:13 -04:00
97d67c6a79
Add an AMQP login scanner
2023-03-27 16:53:03 -04:00
95e8a1c175
Initial AMQP version scanner
2023-03-27 16:44:11 -04:00
f9c6caa804
Land #17785 , add SolarWinds (SWIS) deser RCE
2023-03-27 15:25:17 -05:00
6d4ee0c071
Add exploit for CVE-2023-21768
2023-03-27 20:08:22 +02:00
38f7cbdfc6
Update zimbra_slapper_priv_esc.rb
...
fixing reference to use an archive link as the sites down.
2023-03-27 16:46:07 +01:00
abe5570902
php_cgi_arg_injection: Fix check regex match to detect code html tag
2023-03-27 15:21:04 +11:00
8572053f0c
php_cgi_arg_injection: Add notes and resolve Rubocop violations
2023-03-27 15:16:51 +11:00
bcef7ee357
updated module and documentation with SUDO option
2023-03-26 18:31:25 +00:00
b7ac6d45d5
Land #17789 , proftpd_modcopy_exec enhancements
...
This PR add documentation, notes, a reference URL, and a few
general code improvements to the check and exploit methods.
2023-03-24 21:08:28 -04:00
d77113dad5
ssh_enumusers.rb: Change default value of 'CHECK_FALSE' to true ( closes #17810 )
...
The default action "Malformed Packet" reports all users as found even
though they don't exist.
Setting "CHECK_FALSE" to true will make the scanner bail out as it
realizes the target is patched.
2023-03-23 22:24:59 +00:00
3ca177eb1f
Add the exploit for CVE-2022-38108
2023-03-23 17:28:58 -04:00
d04c8e1bce
Update broken secunia references
2023-03-23 10:43:57 +00:00
28459c286a
init commit module and documentation
2023-03-22 18:40:50 +00:00
67ac2dc584
Land #17771 , add monitorr file upload rce
2023-03-22 13:00:38 -05:00
3fe0801d92
use target_uri.path in requests
2023-03-22 12:50:11 -05:00
d6e9e8d3bb
Land #17735 , fix some incorrect YARD parameters
2023-03-22 15:20:12 +00:00
835f397f79
Add a missing include so the payloads generate
2023-03-21 16:49:25 -04:00
1f2a889d0c
Land #17388 , Zyxel router RCE
...
This module adds a new exploit module for a buffer
overflow in roughly 45 different Zyxel router and VPN models.
2023-03-21 15:07:04 -04:00
f5d1aab01a
Changed send_request_cgi to raw
2023-03-21 14:26:05 -04:00
3b73adf05d
Land #17401 , Add encoder module x86/xor_poly
...
Merge branch 'land-17401' into upstream-master
2023-03-20 17:48:46 -05:00
e3df74ee5b
Updates addressing review points of space-r7
2023-03-20 21:04:58 +00:00
871a251c94
Apply suggestions from code review
...
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com >
2023-03-20 21:44:11 +01:00
5903addbd6
Updates adressing majority of review points
2023-03-19 15:13:09 +00:00
1b7cee4589
exploit/unix/ftp/proftpd_modcopy_exec: Add docs and resolve RuboCop violations
2023-03-19 15:35:36 +11:00
9e1be62f06
Land #17462 , add WhatsUp Gold credential extractor
2023-03-17 16:44:17 -05:00
31a32ccd9b
linting and srvhost check fix
2023-03-17 14:39:02 -04:00
adfoster-r7