68fdb103fe
Add in final touch ups to documentation to fix a typo or two for formatting. Also update exploit ranking since this exploit doesn't retrieve version information before exploiting and is not 100% reliable so Excellent ranking isn't appropriate
2022-05-11 09:39:47 -05:00
e0c8108942
add docs for sslvpn module
2022-03-06 23:15:53 +00:00
bed067dda0
Land #16125 , add ARCH_CMD for GXV3140 support
2022-02-08 12:24:42 -06:00
5bbe934db9
Add QEMU Monitor HMP 'migrate' Command Execution module
2022-02-07 17:48:27 +00:00
e2c91ebf30
Land #16010 , zabbix_script_exec improvements
...
This updates the zabbix_script_exec module to work with versions 5.0 and
newer as well as adds a new item-based execution technique.
2022-02-04 15:13:13 -05:00
ae278d0568
Cleanup some minor typos
2022-02-04 15:12:57 -05:00
8838d9cb66
Added timeout system, fixed a bug with TLS_PSK, linted
2022-02-04 04:01:23 -08:00
645ef5e71f
Fixed few bugs
2022-02-02 14:30:02 -08:00
de32cc0e97
Linted with Rubocop, factorized API call, fixed some grammmar
2022-02-01 13:29:30 -08:00
837fdf7c5e
Land #16128 , add cisco rv unauth rce
2022-02-01 10:34:57 -06:00
78312fb300
Update documentation/modules/exploit/linux/http/cisco_rv_series_authbypass_and_rce.md
...
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com >
2022-02-01 06:41:26 -05:00
ccedcfefab
Added exploit for CVE-2021-1472/CVE-2021-1473
2022-01-29 18:56:53 -08:00
feebf25ad4
Add support for GXV3140 models and ARCH_CMD busybox telnetd payload
2022-01-29 19:38:57 +00:00
a4fcddca8e
Rename to grandstream_gxv31xx_settimezone_unauth_cmd_exec
2022-01-29 19:24:09 +00:00
44f040ad78
Land #16056 , Exploit Module for Grandstream UCM62xx IP PBX (CVE-2020-5722)
2022-01-24 21:03:46 -06:00
15751a0f78
Minor langauge fix and final typo
2022-01-24 21:01:34 -06:00
2c989ec714
Addressed multiple review comments (spelling, doc details, randomization, etc)
2022-01-22 14:09:58 -08:00
458d584f83
Add details to check codes and PR feedback
2022-01-21 09:40:23 -05:00
579627f5c7
Update docs, note OS X support
2022-01-20 10:47:11 -05:00
ba469a4b2c
Add version detection to the Unifi exploit
2022-01-20 09:26:48 -05:00
ef344d9d12
Add the Unifi Log4Shell RCE exploit
2022-01-19 17:51:31 -05:00
4cf3ae352c
Land #16050 , Log4Shell: vCenter RCE
...
Merge branch 'land-16050' into upstream-master
2022-01-19 16:30:33 -06:00
8bb3e39fd7
Land #16036 , Add Grandstream GXV3175 'settimezone' Unauthenticated Command Execution
2022-01-19 10:58:42 -06:00
ee2feb1207
Add Grandstream GXV3175 'settimezone' Unauthenticated Command Execution
2022-01-19 00:04:15 +00:00
4ebb702405
Added an exploit for Grandstream UCM62xx IP PBX (CVE-2020-5722)
2022-01-15 12:46:56 -08:00
3f04b80d8b
Add vCenter Log4Shell docs
2022-01-13 14:50:28 -05:00
435e79aaef
Land #16041 , add SonicWALL cmd injection
2022-01-12 13:23:57 -06:00
877bab6f2a
Land #15969 , Log4j2 HTTP Header Injection Exploit
2022-01-11 16:52:08 -05:00
7b64383040
Preemptively tweak references to ysoserial
2022-01-11 16:25:21 -05:00
d4ee9a0183
Initial commit of CVE-2021-20039 exploit
2022-01-10 12:43:50 -08:00
53c2400be9
Added cleaning procedure + fixed few mistakes/error mesage, removed unused docs
2022-01-08 10:56:31 -08:00
ccc90b0330
Linted doc+module, added support for 6.x version, aded support for TLS and item RCE, improved payload management
2022-01-07 17:40:15 -08:00
3f15c9ecc1
Writeup the module docs
2022-01-07 17:30:39 -05:00
41ebb3aa29
Land #15903 , SMB Shadow Module: Direct SMB Session Takeover
2022-01-07 16:57:17 +01:00
3051c5d9f5
Add mutex to cleanup in smb_shadow
...
The mutex will prevent multiple calls to cleanup when the module is
stopped with Ctrl-C. Add a Notes section to the documentation which
describes arpspoof usage and such.
2022-01-07 14:18:15 +09:00
3ef9afb0fc
Land #15988 , add wp catch themes file upload
2022-01-04 14:44:06 -06:00
c6372ecdf1
more wp catch themes doc and error handling
2022-01-04 04:34:42 -05:00
7843b1bb99
Add files via upload
2022-01-02 00:30:07 +01:00
d8255978ac
Wordpress Plugin Catch Themes Demo Import cve-2021-39352
2021-12-24 11:56:51 -05:00
d55af3aa00
Add module doc
2021-12-23 12:27:57 -06:00
4e0fc5a4e5
Wordpress Plugin Catch Themes Demo Import cve-2021-39352
2021-12-21 20:04:09 -05:00
2705d6ae94
Land #15948 , Wordpress wp_popular_posts rce
...
Merge branch 'land-15948' into upstream-master
2021-12-20 09:28:23 -06:00
1915b1395e
Land #15742 , Added module for CVE-2021-40444
2021-12-08 17:46:02 -05:00
2f6710e02e
Remove the Not_Hosted target
...
It's not currently working and Metasploit should just handle everything
2021-12-08 17:22:44 -05:00
75deb69eab
Reformat the CVE-2021-40444 module docs
2021-12-08 16:45:22 -05:00
22ecedf135
wp_popular_posts_rce
2021-12-08 16:45:19 -05:00
852230c739
Fix bug brought in by importing Msf::Post::File
...
Split out javascript to a file and deobfuscate it
Update documentation for new targets
Fix other small suggestions
2021-12-08 10:36:27 -06:00
609bf4be3c
Update smb_shadow module to clean unnecessary code
...
Remove the return statement after fail_with which will never be reached.
Add documentation for the module options. Reset the packet forwarding
settings during the module cleanup.
2021-12-07 08:41:52 +09:00
260ea0725c
Update smb_shadow module and docs for review
...
Add mutex to module to prevent race condition. Add sleep to after arp
query to prevent arp cache restoration. Add DefangedMode to indicate
system network changes. Change module INTERFACE option to be explicit.
Remove unnecessary module payload parameters. Add module Notes.
2021-12-03 14:33:40 +09:00
77812ae4c4
Update documentation for multiple binaries, add targeting data,
...
other bcoles improvements
2021-12-02 09:57:48 -06:00
Grant Willcox