4e61596e7a
Check Build ID before running exploit
2023-12-19 12:15:35 -05:00
549ee43df9
Update docs description minor comments
2023-12-19 00:32:21 -05:00
d9aa7f914e
Added newline to PoC and removed empty file
2023-12-14 18:42:09 -05:00
df111afb06
Glibc Tunables Exploit
2023-12-14 18:28:43 -05:00
77a8b0efa2
Land #18421 , Save Kerberos tickets in the MSF cache upon a successful login
2023-10-23 15:25:09 +02:00
15aaa90379
Land #18447 , CVE-2023-22515 Confluence Auth Bypass
...
CVE-2023-22515 - Atlassian Confluence Data Center and Server Authentication Bypass
2023-10-19 17:35:17 -04:00
ee0e5b9eda
Tidy the docs, fix the username
...
The username can not contain capital letters, or the operation will
fail.
2023-10-19 17:19:55 -04:00
258ac6421b
Fix fail_with response code compare and documentation fixes
2023-10-19 17:19:30 -04:00
da9d04d32d
Land #18461 , CVE-2023-22515 - Atlassian Confluence unauthenticated RCE
2023-10-19 10:22:57 +02:00
c63aaba760
add in documentation for Options
2023-10-18 10:05:05 +01:00
1c027ac05c
add an RCE exploit for CVE-2023-22515
2023-10-16 20:50:18 +01:00
718cdd9a6b
Land #18428 , Add mssql_login docs
...
This PR adds a documentation file for the mssql_login scanner.
2023-10-13 10:56:58 -04:00
05dd2e1473
Land #18351 , Apache Superset RCE (CVE-2023-37941)
2023-10-12 17:10:10 -04:00
82a1dfa9ff
Added new line at EOF
2023-10-12 16:17:20 -04:00
820f806a5e
Apply suggestions from code review
2023-10-12 15:56:08 -04:00
77694db215
Apply suggestions from code review
2023-10-12 15:53:48 -04:00
6c035dada0
Apply suggestions from msftidy_docs
2023-10-12 15:53:26 -04:00
86b7ec4518
Address comments from the review
2023-10-12 09:50:19 -04:00
4f734379d3
Add module docs and print some messages
2023-10-12 09:27:26 -04:00
b8dcafc0f6
Revert "CVE-2023-27253 - PfSense 2.6.0 'Backup & Restore' OS Command Injection Module"
...
This reverts commit c65685deae
2023-10-11 12:15:22 -07:00
9ef1d1746a
CVE-2023-22515 - Atlassian Confluence Data Center and Server Broken Access Control Leads to Authentication Bypass
2023-10-11 12:09:22 -07:00
7ffc1ca491
undo some spelling fixes when upstream has those issues
2023-10-11 06:30:11 -04:00
557a15a115
spelling fixes on docs
2023-10-10 14:46:18 -04:00
fb834b235a
Land #18417 , Add Kibana Upgrade Assistant RCE
...
Kibana before version 7.6.3 suffers from a prototype
pollution bug within the Upgrade Assistant. This PR adds
an exploit module to exploit the bug. There is no CVE
for this issue at the moment.
2023-10-06 17:29:02 -04:00
fe9afc94c7
Update documentation/modules/exploit/linux/http/kibana_upgrade_assistant_telemetry_rce.md
2023-10-06 16:45:52 -04:00
931a67d290
kibana telemetry rce rewritten to use fetch payloads
2023-10-06 09:55:10 -04:00
1bd7d25088
mssql_login documentation added.
2023-10-05 17:06:11 -04:00
a1304fe1a8
Land #18394 , Add documentation for auxiliary/scanner/http/http_traversal module
...
Merge branch 'land-18394' into upstream-master
2023-10-05 15:18:20 -05:00
5e0538a239
review comments round 1
2023-10-05 13:12:33 -04:00
623b589fb5
When I removed the PowerShell target I forgot to update the documentation, this commit updates the documentation to reflect the changes made to the exploit module.
2023-10-04 17:03:28 +01:00
4d87d4e114
Save Kerberos tickets in the MSF cache upon a successful login
2023-10-03 13:45:41 +11:00
88eb44be64
kibana telemetry rce
2023-10-02 16:53:20 -04:00
1695a12c9c
Explicitly state both the release name (e.g. 2022.0.2) and the version number (e.g. 8.8.2) in a more consistent way.
2023-10-02 17:40:11 +01:00
53ed4a632b
add in exploit module for CVE-2023-40044 - WS_FTP unauthenticated RCE via .NET deserialization.
2023-10-02 11:42:19 +01:00
50155e3d94
Land #18389 , Juniper Junos OS PHPRC Manipulation RCE (CVE-2023-36845)
2023-09-29 18:05:28 +02:00
2928d47312
Merge branch 'junos_phprc_auto_prepend_file' of github.com:jheysel-r7/metasploit-framework into junos_phprc_auto_prepend_file
2023-09-28 14:43:46 -04:00
58642c16c9
Changed WebSocket to SSH
2023-09-28 14:41:03 -04:00
4fecb4d2e2
Update documentation/modules/exploit/freebsd/http/junos_phprc_auto_prepend_file.md
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2023-09-28 14:37:36 -04:00
3f15de3995
Responded to Christophes suggestions
2023-09-28 14:26:37 -04:00
e7ab983279
Minor code changes
...
Changes include:
* Remove the PAYLOAD key which didn't do anything
* Add the missing payload size constraint
* Use #retry_until_truthy
2023-09-28 13:19:26 -04:00
89940e8b08
use the correct naming convention for normal options.
2023-09-28 16:36:18 +01:00
ad7ff705c7
add in a Linux target
2023-09-28 14:57:02 +01:00
fbd5e60cfc
add in coverage for CVE-2023-42793. Currently only a Windows target.
2023-09-28 12:31:59 +01:00
5060bb13a8
Fix docs format in modules/auxiliary/scanner/http/http_traversal
2023-09-27 20:47:31 +05:30
1058291af9
Land #18314 , Windows Error Reporting RCE (CVE-2023-36874)
2023-09-27 15:25:06 +02:00
2c9932b242
Update documentation - Options section
2023-09-27 15:17:04 +02:00
9a1881cbcf
jvoisin suggestions
2023-09-26 18:42:14 -04:00
09f3a98d13
Finished JAIL_BREAK addition
2023-09-26 16:45:28 -04:00
0b84feaf60
updates from code review
2023-09-26 14:03:31 -05:00
e6f55d06ec
Add documentation for auxiliary/scanner/http_traversal module
2023-09-21 22:59:10 +05:30
Jack Heysel