1915b1395e
Land #15742 , Added module for CVE-2021-40444
2021-12-08 17:46:02 -05:00
2f6710e02e
Remove the Not_Hosted target
...
It's not currently working and Metasploit should just handle everything
2021-12-08 17:22:44 -05:00
852230c739
Fix bug brought in by importing Msf::Post::File
...
Split out javascript to a file and deobfuscate it
Update documentation for new targets
Fix other small suggestions
2021-12-08 10:36:27 -06:00
22d2ba599f
Land #15929 , add new targets for ms08-067 netapi
2021-12-07 13:16:23 -06:00
a60c59c3af
ms08_067_netapi: Add nine Windows 2003 SP2 targets for various locales
...
* Windows 2003 SP2 Portuguese (NX)
* Windows 2003 SP2 Chinese - Simplified (NX)
* Windows 2003 SP2 Czech (NX)
* Windows 2003 SP2 Dutch (NX)
* Windows 2003 SP2 Hungarian (NX)
* Windows 2003 SP2 Italian (NX)
* Windows 2003 SP2 Russian (NX)
* Windows 2003 SP2 Swedish (NX)
* Windows 2003 SP2 Turkish (NX)
2021-12-02 16:33:02 +00:00
6c3a29077f
Update rm -rf string to be less fragile
2021-12-02 10:31:47 -06:00
77812ae4c4
Update documentation for multiple binaries, add targeting data,
...
other bcoles improvements
2021-12-02 09:57:48 -06:00
620b2d2b12
Update targeting selection and payloads, fix python cmd_exec
2021-12-02 08:03:03 -06:00
47aacbdf32
Fix cmd_exec to be friendly with binary and python meterpreters
...
Add arch checks for payload/target
2021-12-01 16:18:49 -06:00
a3f2d5468a
Add some quick debugging output
2021-12-01 14:54:48 -06:00
18cc2ef516
Add support for aarch64 Ubuntu versions
2021-12-01 14:54:48 -06:00
c6e2be2cd7
Ensure deletion of exploit and payload even if the exploit fails.
2021-12-01 14:54:48 -06:00
b1f6937542
Updated exploit to compile on target, added control over directory creation
...
Added a method to get source code for the write and compile method
2021-12-01 14:54:47 -06:00
eba7803e1a
Add check method
2021-12-01 14:54:47 -06:00
bf1b3b377c
Add cve-2021-3493 module
2021-12-01 14:54:47 -06:00
51d85fada5
Land #15914 , ms03_026_dcom cleanup
2021-11-30 11:37:43 -06:00
abb11cf896
Land #15918 , add more targets for ms07_029_msdns_zonename
2021-11-30 08:24:03 +00:00
28bc460bac
ms07_029_msdns_zonename: Add additional Windows 2000/2003 target offsets
2021-11-30 07:38:08 +00:00
14064ff3f9
Update module description and remove extra module.
2021-11-29 15:23:02 -06:00
8fa73f9e90
ms05_039_pnp: Rename 'Windows 2000 SP4 English/French/German/Dutch' target to 'Windows 2000 SP4 Universal'
2021-11-28 13:39:05 +00:00
5fab1da09b
ms03_026_dcom: cleanup
2021-11-28 08:25:31 +00:00
344bdacae4
Remove preferred payload
...
We'll add it back to Framework later.
2021-11-24 10:44:59 -06:00
e8e5467b70
Credit mr_me for keytool classloading technique
...
Confirmed. :)
2021-11-23 20:12:05 -06:00
3702615003
Improve check precision by matching more stuff
2021-11-23 19:05:09 -06:00
e2cf3e6706
Clarify working directory for FileDropper
2021-11-23 19:05:09 -06:00
2f1bfa738a
Add ManageEngine ADSelfService Plus CVE-2021-40539
2021-11-23 19:05:09 -06:00
d802a9ee0b
remove rubocop exemption no longer required
2021-11-23 07:58:07 -06:00
21a6a18d92
trade URI.encode & URI.escape for Ruby 3
...
Ruby 3 removed the `URI.escape` methods however access to
the a parse for the same RFC is stil available at `URI::DEFAULT_PARSER.escape`.
Per the Ruby forum [comment](https://bugs.ruby-lang.org/issues/17309#note-1 ) this should equal.
2021-11-22 14:11:03 -06:00
7f6d661ff7
Land #15866 , Add Exploit For CVE-2021-38294 (Apache Storm Nimbus getTopologyHistory RCE)
2021-11-18 17:02:50 -06:00
d7cb7804e6
Implement some changes from PR feedback
2021-11-18 16:35:13 -05:00
a915c3ce5c
Add fixes for some of the issues raised during the review process on both the documentation and module side of things
2021-11-17 17:25:50 -06:00
9023c61ac8
Land #15851 , User Agent Refresh
2021-11-17 15:08:52 -06:00
2a68b9ae9f
Add targets to track http server status
2021-11-17 07:54:49 -06:00
9fa65092d1
Switch to the new Rex stopwatch function
2021-11-16 10:12:57 -05:00
d7047cdb6f
Land #15867 , Update example modules
2021-11-15 15:32:45 -06:00
a620b425dd
Fix a few capitalization errors
2021-11-15 14:56:25 -06:00
fc05f53688
Reword comments a bit to make it cleare to end users how to use some of the libraries we provide
2021-11-15 14:54:13 -06:00
e2ec4438a4
further update examples
2021-11-15 15:16:08 -05:00
a100cd77ae
Land #15858 , Add exploit for CVE-2021-42237
2021-11-15 14:24:47 -05:00
b428863d9e
Land #15875 , Bash payload works outside of bash
2021-11-15 10:46:05 -05:00
7549aaaf61
Remove warning now that bash payloads should work in this situation
2021-11-15 15:56:59 +11:00
93a1473e49
fix return add http timeout
2021-11-13 04:46:38 -05:00
69c0c367fe
rubocop and example updates
2021-11-13 04:33:24 -05:00
0b3f95abca
Writeup the module docs and move the protocol code
2021-11-12 15:15:51 -05:00
1f1e0fc2cc
Write and use a check method
2021-11-12 14:08:19 -05:00
7284f14fd8
Define custom Thrift types, improve syncing
2021-11-12 10:30:48 -05:00
21ff65994c
Initial commit of the Storm Nimbus cmd exec
2021-11-12 10:30:15 -05:00
7e01e33e51
Make the XML generation into a function that accepts an argument and do further cleanup to simplify the code around this
2021-11-11 23:56:11 -06:00
4505d7e834
Land #15700 , Add Aerohive NetConfig <= 10.0r8a RCE (CVE-2020-16152) module
...
Merge branch 'land-15700' into upstream-master
2021-11-11 17:03:54 -06:00
8d55b16ade
Fix one more mistake and rename document and module to a more easy to find name
2021-11-11 16:42:58 -06:00
Spencer McIntyre