4c004d51a7
Add an exploit for CVE-2020-0618
2020-03-06 16:21:37 -05:00
eb90bee4a7
Land #12863 , add exploit for PHP-FPM Underflow RCE
2020-03-05 11:43:43 -05:00
4fe7678b01
Land #12910 , Add exploit module for apache activemq traversal
2020-03-05 15:05:13 +00:00
5698f6e51f
Land #13003 , add OpenSMTPD LPE module
2020-03-04 13:32:25 -06:00
83132dd733
Land #13008 , module for Chrome 80 JScreate exploit
2020-03-04 14:49:59 +00:00
9f55e4163f
add documentation
2020-03-04 21:31:14 +08:00
865d15975b
Add automatic grammar selection by version number
2020-03-03 18:44:48 -06:00
975eb742cb
Add old grammar target and refactor check
2020-03-03 17:41:04 -06:00
260aa0533a
Add check method and reorder mixins for super
...
Also fix copypasta'd vulnerable commit.
2020-03-03 17:41:04 -06:00
9be6b0a81e
Add module doc
2020-03-03 17:41:04 -06:00
ba924b3047
Land #13014 , Exchange ECP ViewState exploit
2020-03-03 17:23:17 -06:00
cd6c01ae9d
Add suggestions from code review.
2020-03-03 20:17:13 +02:00
12faf3fad5
Land #12959 , add eyes of network rce module
2020-03-02 15:22:51 -06:00
b3867dc200
Finish up the cve-2020-0688 module
2020-03-02 10:51:25 -05:00
e92b9ef97c
Use AutoCheck mixin in OpenSMTPD CVE-2020-7247
...
Also updates the check to be more precise. I had originally copied the
check method from the Morris worm Sendmail exploit:
220 simh Sendmail 5.51/5.17 ready at Wed, 18 Dec 85 11:14:07 PST
Note that there was no "ESMTP" string in 1985's Sendmail.
2020-02-28 10:42:02 -06:00
5ee7fcaf4a
Add simple changes suggested in code review.
2020-02-28 12:14:38 +02:00
8820944696
Fix exploit/unix/smtp/opensmtpd_mail_from_rce
2020-02-27 02:11:08 -06:00
f59ec03c42
Land #12465 , add Android Binder UAF (CVE-2019-2215)
2020-02-23 01:06:33 -08:00
ef8ec13c88
added module docs and testing notes
2020-02-23 01:04:30 -08:00
f9077bcd8d
Land #12704 , OpenNetAdmin 18.1.1 Remote Code Execution exploit
2020-02-21 15:49:26 +01:00
c9e4ca34c3
Land #12921 , Updating regex in ms16_075_reflection_juicy exploit windows version check
...
Merge branch 'land-12921' into upstream-master
2020-02-20 21:10:37 -06:00
e4456c9006
Update opennetadmin_ping_cmd_injection.md
2020-02-21 04:14:21 +03:00
1fe1506b42
Update documentation/modules/exploit/unix/webapp/opennetadmin_ping_cmd_injection.md
...
Co-Authored-By: cdelafuente-r7 <56716719+cdelafuente-r7@users.noreply.github.com >
2020-02-21 03:06:56 +03:00
de6306fa35
Fix message, once more with feeling
2020-02-20 11:26:21 -06:00
9c69059a24
Fix DisablePayloadHandler warning once and for all
2020-02-20 10:35:47 -06:00
f484e6c83c
Land #12862 , Apache James 2.3.2 arbitrary file write exploit module
2020-02-20 10:41:13 +01:00
739928b56a
Added line break to docs
2020-02-19 17:56:13 -08:00
db8555e007
Land #12942 , add Diamorphine privilege escalation
2020-02-19 10:36:39 -06:00
9980a96917
Move documentation to correct directory
2020-02-19 16:57:38 +02:00
0264802756
Reformat module doc
2020-02-18 23:28:08 -06:00
a34ffb3694
Fix typos in module doc
2020-02-18 23:27:15 -06:00
6ad9956af8
Correct module doc filename
2020-02-18 23:24:46 -06:00
8489bcdfd9
This fixes broken links to the community.rapid7.com blog
...
Performed mechanically with sed, spot-checked that the new blog can consume these links.
2020-02-18 09:06:11 -06:00
828d974db5
Update code and documentation
...
- Add `OperationMaxRetries` option documentation
- Add default value to `TARGETURI` and update the documentation
- Remove `PosOffset` advanced option and hardcode the value
- Update `Description`
- Move URI encoding logic to `send_crafted_request`
- Refactor `send_crafted_request` to handle the HTTP parameter and final & (%26)
2020-02-17 18:25:10 +01:00
226f4b0a53
Line wrap to 80 columns and small fix
...
- Line wrap documentation to 80 columns
- Line wrap `Description` field to 80 columns
- Remove unnecessary unless statement
2020-02-17 13:06:32 +01:00
ac6d0e4391
Add Diamorphine Rootkit Signal Privilege Escalation module
2020-02-16 14:53:16 +00:00
9193ace50b
Add documentation
2020-02-14 17:17:45 -06:00
0e55e20c9c
Land #12902 , Add exploit module for crosschex buffer overflow
2020-02-13 15:43:38 +00:00
9e46926a0f
Update documentation/modules/exploit/windows/local/ms16_075_reflection_juicy.md
...
Co-Authored-By: bcoles <bcoles@gmail.com >
2020-02-12 08:18:49 +09:00
785dbb6ba3
Update documentation/modules/exploit/windows/local/ms16_075_reflection_juicy.md
...
Co-Authored-By: bcoles <bcoles@gmail.com >
2020-02-12 08:18:27 +09:00
946e244c8c
Updates docs and adds basic options
2020-02-11 13:40:51 +00:00
a7a80e08a8
Updated docs with platform info
2020-02-11 12:55:07 +00:00
65521270ea
Land #12853 , InfiniteWP exploit & mixin upgrades
2020-02-10 11:33:49 +00:00
9c30250161
Updating documentation for juicy potato exploit.
...
Added a link to information on the expiry of the bug, and explicitly
listing which versions of Microsoft Windows were and were not
vulnerable.
2020-02-10 16:33:45 +09:00
90503b2c61
Documentation cosmetic updates
2020-02-07 18:28:24 -08:00
a05611d756
Improve cleanup functionality
2020-02-07 16:13:25 -08:00
eab1245eef
Update module doc
2020-02-07 12:30:00 -06:00
4dcb2fbd96
Land #12889 , Add OpenSMTPD MAIL FROM RCE
2020-02-07 11:43:18 +00:00
763dbf5d5d
Check WordPress version
2020-02-07 03:14:17 -06:00
6c59d7c37c
Refactor module
2020-02-07 01:38:11 -06:00
Spencer McIntyre