c19fc4c18f
Land #9423 , PSH for jenkins_xstream_deserialize
2018-03-26 17:09:16 -05:00
0028e2c5ba
documentation update
2018-03-24 19:25:59 -04:00
ea3378753b
syntax error fixed on 70 line
...
improve check payload was uploaded or not condition using AND condition on line 121
2018-03-13 14:15:03 +05:30
5e30982184
check fucktion and some words fixed
...
all changes done which is bcoles suggested
2018-03-12 21:03:34 +05:30
9b0ba4a6fa
clipbucket_fileupload_exec
2018-03-12 14:17:13 +05:30
86dd382e6a
Land #9554 , Eclipse Equinoxe OSGi console RCE
2018-03-07 08:41:31 -06:00
883654f0ea
Land #9653 , fix Y2k38 issue (until Jan 1, 2038)
2018-03-01 09:13:41 -06:00
27bd2a4a9f
workaround Y2k38 issues in java certificate generation
2018-03-01 08:41:28 -06:00
325ad7256e
if multi/handler is disabled, exit
2018-02-27 04:30:09 -06:00
2939695991
Add ARCH_CMD and general fixup
2018-02-26 16:59:36 -05:00
9e3f12665e
Plaintext for console type to see what's going on.
2018-02-17 20:11:05 +01:00
e877151895
Attempt at clarifying network exchange using Telnet class IAC related constants.
2018-02-17 14:00:57 +01:00
e86169c217
Clean up Telnet IAC negotation and xplain obscure hex bytes.
2018-02-15 23:08:17 +01:00
5fbeb74f0c
Remove osx platform and fix date.
2018-02-13 23:57:53 +01:00
0259e794ba
OSGi console remote command execution.
2018-02-13 23:38:18 +01:00
1177efef89
Update tested versions
2018-02-10 16:32:20 +00:00
41dbae29a6
Add MagniComp SysInfo mcsiwrapper Privilege Escalation exploit
2018-02-05 13:47:09 +00:00
8be2b1f59e
Land # 9407, Add BMC Server Automation RSCD Agent RCE exploit module
...
Merge branch 'land-9407' into upstream-master
2018-01-31 13:35:29 -06:00
c390696ddf
Land #9379 , Oracle Weblogic RCE exploit and documentation
2018-01-25 21:47:18 -06:00
d1569f8280
Land #9413 , Expand the number of class names searched when checking for an exploitable JMX server
2018-01-22 16:49:01 -06:00
682c915a09
Land #9267 , Add targets to sshexec
2018-01-22 09:59:48 -06:00
c7d3b5dfbb
Update payload and disable check functionality
...
The check functionality is broken as MSF cannot handle HttpServer and HttpClient at this time.
The payloads were updated to ensure CVE-2017-10271 is being exploited instead of CVE-2017-3506 as explained on https://blog.nsfocusglobal.com/threats/vulnerability-analysis/technical-analysis-and-solution-of-weblogic-server-wls-component-vulnerability/
2018-01-18 13:26:44 -05:00
4c11eae774
Maybe that timeout is needed.....
2018-01-17 13:21:36 -06:00
35bec8d3cd
Fixed classes names and added RMI interfaces
2018-01-17 17:10:36 +01:00
d345008b20
Added all the classes that implement RMI server
2018-01-17 17:03:32 +01:00
f439edfa1a
Fixes by the fabled wvu
2018-01-17 08:20:52 -06:00
1c156c3d3c
Add powershell payload to module
2018-01-16 14:30:02 +00:00
dfb9941e95
Fix java_jmx_server exploit
...
Add test case when discovering RMI endpoint as the previous one was not complete
2018-01-15 12:13:09 +01:00
333ee893d3
Tidied up platform detection, check method, and minor typos.
2018-01-14 18:28:40 +00:00
6568d29b67
Add BMC Server Automation RSCD Agent RCE exploit module.
2018-01-14 01:12:55 +00:00
04e4ff6b3c
Use stop_service to avoid cleanup overload
2018-01-11 19:14:26 -05:00
40f54df129
Feedback updates
2018-01-11 18:54:58 -05:00
172ffdfea1
Use geturi instead of building it ourselves
2018-01-11 18:27:56 -05:00
d4056e72da
Lower the default timeout for CHECK
2018-01-11 17:38:30 -05:00
3617a30e34
Add URIPATH random URI
2018-01-11 17:33:14 -05:00
a28d4a4b5b
Add check and update for some style considerations
2018-01-11 17:28:09 -05:00
0d9a40d2e5
Use target['Platform'] instead of target_platform
2018-01-11 15:44:07 -05:00
c490d642e2
Was missing a comma
2018-01-11 09:42:24 -05:00
3132566d8f
Fix OptFloat error
2018-01-11 09:22:16 -05:00
c05b440f26
Fix additional feedback
...
This
* uses ternary operators
* uses an `RPORT` option shortcut
* removes the `xml_payload` variable and instead more explicitly uses the method directly
* Uses `OptFloat` for the timeout option to allow partial seconds
2018-01-11 08:17:13 -05:00
ab89e552ed
Remove accidental trailing space
2018-01-08 14:42:03 -05:00
2252490e62
Fix using arbitrary keys to instead use "URL"
2018-01-08 14:30:03 -05:00
e80ca348cf
Add Exploit-DB ID
2018-01-08 10:55:46 -05:00
6beeece708
Re-add timeout value
2018-01-07 20:21:29 -05:00
eefd432161
Make sure Platforms match our actual target list
2018-01-06 08:31:30 -05:00
4bd196f8b2
Fix missing single quotes and remove comma
2018-01-06 08:30:48 -05:00
867b32415d
Fix feedback from wvu-r7
...
Fixes feedback from wvu-r7
- Consolidates payload to single method
- Replaces gsub! with standard encode method
- Note exploit discovery and proof of concept code used in authors (still seems weird to include the discovery as an author...)
- Change link
- Use `ARCH_CMD` instead of `[ARCH_CMD]`
- Remove Linux target as it's only Windows or Unix
- Remove timeout as I don't know how to pass it to `send_request_cgi`
2018-01-06 08:12:43 -05:00
744f20304c
Remove hardcoded user-agent from the headers
...
Remove hardcoded user-agent from the headers allowing for `send_request_cgi` to control this
2018-01-05 18:22:27 -05:00
2478de934b
Add CVE-2017-10271 / Oracle WebLogic wls-wsat RCE
2018-01-05 15:05:21 -05:00
366a20a4a4
Fix #9215 , minor style nitpick
2018-01-03 23:11:51 -06:00
William Vu