 Wei Chen
|
5fc5a47cd2
|
Update CVE references for exploit modules
These are based on cross references by EDB, OSVDB, module short
name, blog post and BID.
|
2018-07-08 18:46:04 -05:00 |
|
|
Brent Cook
|
05a0d79be7
|
Land #10219, Add HP VAN SDN Controller exploit
|
2018-07-05 14:21:44 -05:00 |
|
|
William Vu
|
53d5d82498
|
Rename module to match new vector
|
2018-07-05 13:31:16 -05:00 |
|
|
William Vu
|
762b4b5e53
|
Simplify creds auth by checking X-Auth-Token alone
It's a lot more direct than checking for the redirect.
|
2018-07-05 13:20:27 -05:00 |
|
|
William Vu
|
2b069f45ca
|
Clarify how we're using the auth token for creds
In the service token's case, the service token *is* the auth token.
|
2018-07-05 13:05:23 -05:00 |
|
|
William Vu
|
41b0adad88
|
Use uninstall action command injection
|
2018-07-03 18:07:22 -05:00 |
|
|
William Vu
|
a25a656d28
|
Add "E" to HP to make HPE for better searches
We'll stick with calling it HP everywhere else.
|
2018-07-03 10:29:09 -05:00 |
|
|
William Vu
|
1bf94ac448
|
Spruce up check method and related
|
2018-07-02 13:59:24 -05:00 |
|
|
William Vu
|
6e090acc76
|
Stop joking with timeouts
|
2018-07-02 13:18:31 -05:00 |
|
|
William Vu
|
78ca4d4217
|
Finally use Msf::Util::EXE.to_zip 8)
|
2018-07-02 13:04:59 -05:00 |
|
|
William Vu
|
78cefe0528
|
Clarify original exploit credit
It's definitely more than a PoC (exploit). It's weaponized.
|
2018-06-29 13:02:40 -05:00 |
|
|
William Vu
|
34f303187f
|
Drop privesc retval, since it's obsoleted by print
|
2018-06-29 12:53:59 -05:00 |
|
|
Jacob Robles
|
fc3199259b
|
Land #9958, Nagios xi 2 electric
|
2018-06-29 12:16:18 -05:00 |
|
|
William Vu
|
dbb502ae19
|
Refactor code and address review comments
|
2018-06-29 12:13:15 -05:00 |
|
|
Jacob Robles
|
675a736ab7
|
Update Docs
|
2018-06-29 11:08:31 -05:00 |
|
|
Jacob Robles
|
574c47cba6
|
Change Ranking
Command to change the database user
account could cause a DoS condition
if the credentials are incorrect.
|
2018-06-29 10:56:18 -05:00 |
|
|
Jacob Robles
|
57b89444f3
|
Additional style fixes
|
2018-06-29 10:53:57 -05:00 |
|
|
Jacob Robles
|
7532490a1e
|
Style/Whitespace fixes
|
2018-06-29 07:02:45 -05:00 |
|
|
William Vu
|
36a37cf6ab
|
Add HP VAN SDN Controller exploit
|
2018-06-28 02:14:04 -05:00 |
|
|
lucyoa
|
6cc1a8dcbd
|
Rubocop fixes
|
2018-05-22 10:34:05 -04:00 |
|
|
lucyoa
|
6ae55aadd4
|
Fixing documentation, improving exploits code
|
2018-05-20 12:55:46 -04:00 |
|
|
lucyoa
|
8dd7a27f7b
|
Fixes according to code review
|
2018-05-14 05:46:23 -04:00 |
|
|
lucyoa
|
f65361258b
|
Adding vulnerable firmwares to description
|
2018-05-13 15:08:32 -04:00 |
|
|
lucyoa
|
382364a3ff
|
Adding documentation, improving description
|
2018-05-13 15:04:40 -04:00 |
|
|
lucyoa
|
c3ad02121c
|
Exploit for D-Link DSL2750B OS Command Injection vulnerability
|
2018-05-13 13:58:35 -04:00 |
|
|
HD Moore
|
2a211d99af
|
Nuke base_directory after all, FileDropper does not like our path
|
2018-05-06 22:58:06 -05:00 |
|
|
HD Moore
|
a9f9d61f1e
|
Use the target_directory, not base
|
2018-05-06 22:56:59 -05:00 |
|
|
HD Moore
|
cd48507aab
|
Use FileDropper, switch to earlier target directory
|
2018-05-06 22:56:36 -05:00 |
|
|
HD Moore
|
1f7b13bea8
|
Additional module cleanup
|
2018-05-06 22:50:13 -05:00 |
|
|
HD Moore
|
3d172df0c4
|
MD5 of TID and cleanup if statement
|
2018-05-06 22:24:36 -05:00 |
|
|
HD Moore
|
68f2e08400
|
Swap to positive logic
|
2018-05-06 22:22:47 -05:00 |
|
|
HD Moore
|
9712215e66
|
Add Bugtraq ID
|
2018-05-06 22:21:13 -05:00 |
|
|
HD Moore
|
5d57e9db34
|
Remove unnecessary RHOST definition
|
2018-05-06 22:20:51 -05:00 |
|
|
HD Moore
|
8141e949fc
|
Note the runtimes
|
2018-05-05 18:34:11 -05:00 |
|
|
HD Moore
|
e775a97ae2
|
Adds panos_readsessionvars exploit module
|
2018-05-05 15:41:17 -05:00 |
|
|
BennyHusted
|
c62fc79537
|
Fixed typo in description.
|
2018-05-01 11:37:33 -04:00 |
|
|
BennyHusted
|
89d6ded805
|
Removing the Nagios enum module, adding description
|
2018-05-01 11:35:45 -04:00 |
|
|
BennyHusted
|
4c8ad3ca9c
|
Removing old exploit/docs
|
2018-04-30 22:26:37 -04:00 |
|
|
BennyHusted
|
ad8bf6d8e3
|
Renamed exploit to electric boogaloo
|
2018-04-30 22:20:35 -04:00 |
|
|
Brent Cook
|
79d8f5e86c
|
autofilter = false means skip, which is reverse of intuition
|
2018-04-26 17:20:55 -05:00 |
|
|
BennyHusted
|
1806c247f1
|
Fixing tabbed spaces, version number in documentation
|
2018-04-26 18:15:39 -04:00 |
|
|
root
|
b547e6282e
|
Adding print statement to run the corresponding post module
|
2018-04-26 17:55:31 -04:00 |
|
|
root
|
37a32c2726
|
Adding module for Nagios XI remote root exploit.
See http://blog.redactedsec.net/exploits/2018/04/26/nagios.html for
more information.
|
2018-04-26 17:42:10 -04:00 |
|
|
Brent Cook
|
4789cdc596
|
enable autofilter on tp-link camera exploit
|
2018-04-26 14:56:39 -05:00 |
|
|
bwatters-r7
|
4b8a8fa2b1
|
Land #9441, Create exploit for AsusWRT LAN RCE
Merge branch 'land-9441' into upstream-master
|
2018-02-22 10:40:45 -06:00 |
|
|
Pedro Ribeiro
|
54c6aa7629
|
Add full disclosure URL
|
2018-01-26 15:35:18 +07:00 |
|
|
bwatters-r7
|
685a950077
|
Land #9114, Add module for Kaltura <= 13.1.0 RCE (CVE-2017-14143)
Merge branch 'land-9114' into upstream-master
|
2018-01-23 12:35:59 -06:00 |
|
|
Brent Cook
|
aae77fc1a4
|
Land #9349, GoAhead LD_PRELOAD CGI Module
|
2018-01-22 23:10:36 -06:00 |
|
|
Pedro Ribeiro
|
621868b7fb
|
Add CVE numbers
|
2018-01-23 11:26:39 +07:00 |
|
|
Pedro Ribeiro
|
b734af4e79
|
Add my advisory URL
|
2018-01-22 22:00:48 +07:00 |
|