 Takahiro Yokoyama
|
3a28df6b32
|
Apply suggestions from code review
Co-authored-by: Diego Ledda <diego_ledda@rapid7.com>
|
2025-01-04 08:41:56 +09:00 |
|
|
Takah1ro
|
ec8dba87fb
|
Update failure and print about session id
|
2025-01-02 11:30:03 +09:00 |
|
|
Takah1ro
|
3b947cf1c5
|
Update vulnerable version
|
2025-01-02 09:57:00 +09:00 |
|
|
jheysel-r7
|
e70b6c777f
|
Merge pull request #19663 from sfewer-r7/CVE-2024-0012
Exploit module for PAN-OS management interface unauth RCE (CVE-2024-0012 + CVE-2024-9474)
|
2024-12-30 10:29:10 -08:00 |
|
|
Takah1ro
|
bbc282e90c
|
Improve check
|
2024-12-30 13:36:15 +09:00 |
|
|
Takah1ro
|
6e0c945a42
|
Improve check for version 4
|
2024-12-30 13:00:25 +09:00 |
|
|
h00die-gr3y
|
862f2ee6c6
|
Added documentation and some small module updates
|
2024-12-29 20:05:05 +00:00 |
|
|
h00die-gr3y
|
8a1dd2b1ff
|
fourth release module
|
2024-12-29 11:33:52 +00:00 |
|
|
h00die-gr3y
|
0d823fc9a2
|
third release module
|
2024-12-29 10:41:36 +00:00 |
|
|
Takah1ro
|
68ae0d40ea
|
Add timeout option
|
2024-12-29 13:02:32 +09:00 |
|
|
Takah1ro
|
e4111cdc97
|
Update to use FETCH_DELETE
|
2024-12-29 12:33:39 +09:00 |
|
|
Takah1ro
|
86bd1c2938
|
Minor improve
* enable fetch_delete
* avoid using single quotes
* update doc
|
2024-12-29 12:19:19 +09:00 |
|
|
Takah1ro
|
af432a3b72
|
Improve stability
|
2024-12-29 12:00:09 +09:00 |
|
|
Jack Heysel
|
94507655ae
|
WIP CraftCMS FTP Template exploit
|
2024-12-28 18:56:47 -08:00 |
|
|
Takah1ro
|
cb34508321
|
Avoid using single quote in payload
|
2024-12-28 20:09:18 +09:00 |
|
|
Takah1ro
|
02ad81066d
|
Add cleanup
|
2024-12-28 18:04:56 +09:00 |
|
|
Takahiro Yokoyama
|
c7d7407179
|
Update modules/exploits/linux/http/selenium_greed_firefox_rce_cve_2022_28108.rb
Co-authored-by: bcoles <bcoles@gmail.com>
|
2024-12-28 18:04:09 +09:00 |
|
|
Takah1ro
|
90d9bb769d
|
Update vulnerable version
|
2024-12-28 15:53:31 +09:00 |
|
|
Takah1ro
|
43230b02a5
|
Review fix
* use send_request_cgi
* add check if sudo without password possible
* base64 encode payload
|
2024-12-28 15:42:15 +09:00 |
|
|
Takah1ro
|
6577a18abb
|
Add response check
|
2024-12-28 15:04:35 +09:00 |
|
|
Takahiro Yokoyama
|
9f20c575e5
|
Update modules/exploits/linux/http/selenium_greed_chrome_rce_cve_2022_28108.rb
Improve version detection messaging
Co-authored-by: bcoles <bcoles@gmail.com>
|
2024-12-28 14:40:44 +09:00 |
|
|
Takah1ro
|
7ecc1cb87b
|
Update vulnerable version
|
2024-12-28 14:39:24 +09:00 |
|
|
Takah1ro
|
9bfccc4293
|
Review fix
* add check if sudo without password possible
* base64 encode payload
|
2024-12-28 14:02:59 +09:00 |
|
|
Takah1ro
|
6c5952d3b6
|
Use send_request_cgi
|
2024-12-28 13:34:10 +09:00 |
|
|
Takah1ro
|
340d4bcd58
|
Add selenium firefox rce module
|
2024-12-28 12:27:18 +09:00 |
|
|
Takah1ro
|
e3d68d4164
|
Update author and fix version detection
|
2024-12-28 11:18:41 +09:00 |
|
|
h00die-gr3y
|
677e8ec9dd
|
updated vulnerable firmware versions in description
|
2024-12-27 22:12:51 +00:00 |
|
|
h00die-gr3y
|
7ca7d71ab4
|
second release module
|
2024-12-27 21:55:44 +00:00 |
|
|
h00die-gr3y
|
d3b4c5becb
|
initial release module
|
2024-12-27 20:36:31 +00:00 |
|
|
Takah1ro
|
38e886f4b6
|
Update payload string formatting
|
2024-12-27 21:58:42 +09:00 |
|
|
Takah1ro
|
e17d7cd161
|
Minor fix
|
2024-12-27 21:50:26 +09:00 |
|
|
Takah1ro
|
64b1832567
|
Update not to use selenium-webdriver
|
2024-12-27 13:00:20 +09:00 |
|
|
Takah1ro
|
390f551df7
|
Fix EDB
|
2024-12-27 00:10:01 +09:00 |
|
|
Takah1ro
|
3defb63763
|
Fix CVE format
|
2024-12-26 23:57:41 +09:00 |
|
|
Takah1ro
|
06af9b0b3d
|
Add selenium chrome rce module
|
2024-12-26 23:44:11 +09:00 |
|
|
h00die-gr3y
|
58c979dc08
|
updated with correct privileged setting
|
2024-12-23 19:45:29 +00:00 |
|
|
h00die-gr3y
|
7c8116a2cb
|
Third release of module + Documentation
|
2024-12-22 11:41:05 +00:00 |
|
|
h00die-gr3y
|
cf5b26dd61
|
Second release after testing multiple Pandora FMS versions
|
2024-12-20 20:40:04 +00:00 |
|
|
h00die-gr3y
|
2fe0b35384
|
update2 based on comments
|
2024-12-18 08:34:10 +00:00 |
|
|
h00die-gr3y
|
2abde4c923
|
update based on comments
|
2024-12-18 08:32:06 +00:00 |
|
|
sfewer-r7
|
edf8d186f7
|
use the HttpClient cookie jar. Thank you @jheysel-r7 for this improvement.
|
2024-12-17 17:47:00 +00:00 |
|
|
Stephen Fewer
|
c25b3ceb03
|
typo 4
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
|
2024-12-17 17:26:46 +00:00 |
|
|
Stephen Fewer
|
51908d6621
|
typo 3
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
|
2024-12-17 17:26:31 +00:00 |
|
|
h00die-gr3y
|
09ceb48705
|
init commit module
|
2024-12-16 16:22:53 +00:00 |
|
|
jheysel-r7
|
c7f7cfd848
|
Land #19656 Close ssh session on error
|
2024-12-11 17:00:17 -08:00 |
|
|
adfoster-r7
|
136599a29a
|
Merge pull request #19714 from bwatters-r7/update/projectsend-cveinfo
Add CVE info to projectsend module
|
2024-12-11 13:54:06 +00:00 |
|
|
bwatters-r7
|
5311b7014e
|
Add CVE info to projectsend module
|
2024-12-11 07:37:43 -06:00 |
|
|
adfoster-r7
|
2421ca768f
|
Merge pull request #19705 from ostrichgolf/projectsend_rce
Add CVE to ProjectSend module
|
2024-12-07 14:24:20 +00:00 |
|
|
ostrichgolf
|
2952dbb0b8
|
Add CVE to module
|
2024-12-07 14:23:30 +01:00 |
|
|
Diego Ledda
|
be30a06af4
|
Land #19430, Moodle RCE (CVE-2024-43425) Module
Land #19430, Moodle RCE (CVE-2024-43425) Module
|
2024-12-06 12:15:35 +01:00 |
|