dcf457f7e9
Fix a typo in Eclipse Equinox product name
...
The osgi_console_exec module docs had a few stray characters for the
product name and description. The product name confused me when
googling for this module.
2021-04-23 11:57:48 +01:00
93c7727622
Land #15058 , Cockpit CMS RCE
2021-04-21 13:21:55 +01:00
e0f13e44d1
Land #14699 , Add Nagios XI snmptrap RCE and docs (CVE-2020-5792)
2021-04-20 14:30:45 -05:00
13d3e4ae89
Add in CentOS 7 with NagiosXI 5.6.5 scenario
2021-04-20 14:12:56 -05:00
f241a050b8
Apply review comments and fixes to documentation and the module
2021-04-20 12:38:34 -05:00
51f9e1ae73
cockpit cms rce
2021-04-18 18:52:04 -04:00
4ac9304ca2
Land #14968 - Add Nagios XI Mibs.php Authenticated RCE module and docs (CVE-2020-5791)
2021-04-16 14:37:15 -05:00
496e074ec8
Add in fixes to documentation and module from review
2021-04-16 13:14:17 -05:00
97425602e9
fix typo and docs in chrome_simplifiedlowering_overflow
2021-04-16 14:59:43 +01:00
9e6f425427
Move exploit/linux/http/citrix_dir_traversal_rce
...
To exploit/freebsd/http/citrix_dir_traversal_rce. It's actually FreeBSD.
2021-04-15 19:13:25 -05:00
832ca92f42
Land #14700 , Add Nagios XI Plugins Filename Authenticate RCE module and docs (CVE-2020-35578)
2021-04-14 16:58:55 -05:00
61395f3cb1
Update scenarios in documentation and also update the module to handle cases where the version number may not be in a format that Rex::Text can immediately handle.
2021-04-14 16:32:53 -05:00
154e237edd
Add in fixes to documentation and module that were covered in the review process
2021-04-14 15:33:42 -05:00
a59e7e196d
Land #14701 , Rename Nagios XI authenticated RCE module and integrate Nagios XI mixin
2021-04-13 18:58:29 -05:00
9379f0356b
Add in 5.6.5 exploitation scenario to documentation
2021-04-13 17:42:47 -05:00
0aada27128
Update the documentation to account for the fact that the plugin name has to be check_ping and also update the module to randomize some of the fields where possible.
2021-04-13 17:15:34 -05:00
cdd589f592
Update documentation to wrap some overly long lines to meet msftidy_docs.rb requirements.
2021-04-13 16:36:38 -05:00
ead9d73dc5
Add in fixes from review to documentation and module
2021-04-13 16:34:13 -05:00
7c575cd38f
Land #15007 , add a chrome renderer exploit (CVE-2020-16040)
2021-04-08 22:18:20 +01:00
926f051377
Land #14978 , add Gitea and Gogs exploit modules
2021-04-07 13:44:43 -05:00
258b9d3e28
Land #14998 , Change CVE references from CVE Details to NVD
2021-04-07 10:10:55 +01:00
c863c324ae
Add exploit for CVE-2020-16040
2021-04-06 17:25:27 +05:30
4020813b42
Correct broken or redundant CVE references
2021-04-05 13:06:50 -05:00
cfc6b0a8ba
Land #14971 , add Apache OFBiz SOAP Deser rce
2021-04-05 11:44:40 -05:00
a803e1e932
remove spare comma
2021-04-05 09:33:20 -05:00
71914a1ddb
Land #14813 , additional dup scout bof targets
2021-04-01 13:03:57 -05:00
34a5f7906c
Rebase so we can use the latest mixin code,update the version range, update docs
2021-04-01 13:29:44 -04:00
faab100d9a
Add Nagios XI Mibs.php Authenticated RCE module and docs
2021-04-01 13:06:33 -04:00
f76f58eb51
Rebase, use latest mixin code in check, update version and docs
2021-04-01 12:43:44 -04:00
dd5c747584
Add Nagios XI snmptrap RCE and docs
2021-04-01 12:26:06 -04:00
02b9e5c939
rebase, use latest mixin code, correct vulnerable versions, update docs
2021-04-01 12:18:46 -04:00
3b7e612541
Add Nagios XI Plugins Filename Authenticate RCE module and docs
2021-04-01 11:23:52 -04:00
2df90d8d23
Rebase, rename module to nagios_xi_plugins_check_plugin_authenticated_rce, update check to take advantage of mixin, minor improvements
2021-04-01 11:07:49 -04:00
2cbd1a6be9
Land #14935 , add F5 iControl REST API SSRF RCE
2021-04-01 08:40:38 -05:00
0e7c11ada3
Rename module and modify it to use the Nagios XI mixin, add autocheck, fix syntax and linting, also update docs
2021-04-01 09:26:16 -04:00
8cdaf9791d
Land #14950 , add saltstack salt api rce
2021-03-31 14:50:30 -05:00
9eacda5552
add wait time line to test output
2021-03-31 14:47:34 -05:00
69a0c9420b
Add module doc
2021-03-31 14:02:32 -05:00
9806026ab9
Update from code review
2021-03-31 17:48:35 +02:00
73a8b7aa5f
Add Gitea and Gogs RCE modules and documentations
2021-03-31 16:47:29 +02:00
151b8f2f92
Update vmware_vcenter_uploadova_rce module doc
2021-03-30 21:08:21 -05:00
a0a4bc079a
Add the exploit module for CVE-2021-26295
2021-03-30 18:18:16 -04:00
9d85af51cb
Land #14945 , Proxylogon RCE (Praetorian update)
2021-03-29 12:04:19 -04:00
11f4946817
Tweak some ProxyLogon verbiage for clarity
2021-03-29 10:07:43 -04:00
02b240b22a
code review
2021-03-29 14:23:39 +04:00
00698d20bf
Add waiting status message and update doc
2021-03-26 14:59:27 +01:00
b069fec866
Add module and doc for Saltstack Salt API wheel_async RCE
2021-03-26 13:54:06 +01:00
006faaab9a
Land #14924 , Add auxiliary and exploit modules for CVE-2020-6207 in SAP Solution Manager
2021-03-25 17:48:56 -04:00
b066145cf1
Minor updates
...
Updated documentation auxiliary module cve_2020_6207_solman_rce.md
Updated documentation in exploit module cve_2020_6207_solman_rs.md
2021-03-25 17:07:20 +03:00
6505f9ccbd
Land #14830 , Adding FortiLogger 4.4.2.2 - Unauthenticated Arbitrary File Upload (CVE-2021-3378)
...
Merge branch 'land-14830' into upstream-master
2021-03-24 17:41:10 -05:00
Erran Carey