e7d65fe60a
Update based on bwatters-r7 comments
2024-05-27 17:45:07 +00:00
92b259981f
Added WRITEABLE_DIR datastore option plus minor improvements
2024-05-27 12:48:17 -04:00
f274c46bd2
Land #19103 , jasmin ransomware sqli and dir travers (CVE-2024-30851)
2024-05-27 11:23:42 +02:00
2c6fc11639
Responded to comments, clean up /etc/sudoers file
2024-05-23 16:56:35 -04:00
a0597007e4
Minor fixes, respond to comments
2024-05-23 14:02:28 -04:00
06cb6aa713
Update cacti_pollers_sqli_rce to use the new library
...
- Update the CSRF token logic in the library
- Update cacti_package_import_rce and cacti_pollers_sqli_rce modules
- Update the FETCH_DELETE logic in cacti_package_import_rce to only
regenerate the payload when necessary
2024-05-23 11:30:48 +02:00
1b55b6512f
Rubocop fixes
2024-05-22 12:43:27 -07:00
c6c5f2bf7a
Add module, lib and documentation
2024-05-22 17:38:53 +02:00
b3bc4a6c68
Update progress_flowmon_sudo_privesc_2024.rb
2024-05-21 13:48:20 -07:00
de99a74540
Update modules/exploits/linux/local/progress_flowmon_sudo_privesc_2024.rb
...
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com >
2024-05-21 13:45:36 -07:00
5a60a9a3d9
Update modules/exploits/linux/local/progress_flowmon_sudo_privesc_2024.rb
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2024-05-21 13:42:43 -07:00
a517a218ab
Update modules/exploits/linux/local/progress_flowmon_sudo_privesc_2024.rb
...
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com >
2024-05-21 13:41:44 -07:00
90a0be67b6
Update modules/exploits/linux/local/progress_flowmon_sudo_privesc_2024.rb
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2024-05-21 13:39:54 -07:00
1ddc60b185
Update modules/exploits/linux/local/progress_flowmon_sudo_privesc_2024.rb
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2024-05-21 13:39:44 -07:00
66a7fbf0ea
Update based on jvoisin comments
2024-05-21 20:21:35 +00:00
6e9e4a5aed
Land #19102 , Northstar C2 Stored XSS to Agent RCE
...
Add exploit module for CVE-2024-28741, Northstar C2 Stored XSS to Agent
RCE
2024-05-21 14:57:44 -04:00
10acd86390
Land #19071 , Add AVideo RCE module
...
Add module for CVE-2024-31819 which exploits an LFI in AVideo which uses
PHP Filter Chaining to turn the LFI into unauthenticated RCE
2024-05-21 14:27:15 -04:00
6d2041b1cb
Fix crashing mipsle modules
2024-05-21 12:52:12 +01:00
67154a12e0
Land #19104 , CHAOS rat xss to rce
2024-05-21 11:10:57 +01:00
31babb6ca1
Fixed disclosure date
2024-05-19 12:23:21 +00:00
6d844ae9c8
first release module
2024-05-19 12:16:14 +00:00
f8c69e434d
Land #19173 , Add CarotDAV FTP PackRat module
...
Merge branch 'land-19173' into upstream-master
2024-05-17 16:49:33 -05:00
8a68eebbf6
Land #19171 , Add Sylpheed Email PackRat module
...
Merge branch 'land-19171' into upstream-master
2024-05-17 10:39:56 -05:00
175e16a29a
Removed unused regex search
...
Co-authored-by: cgranleese-r7 <69522014+cgranleese-r7@users.noreply.github.com >
2024-05-17 09:59:20 -05:00
a8f1d35773
Re-structured artifact enumeration option
...
Co-authored-by: cgranleese-r7 <69522014+cgranleese-r7@users.noreply.github.com >
2024-05-17 09:59:20 -05:00
39630f1d2b
Added post module for Adi IRC Client
2024-05-17 09:58:23 -05:00
25a1318052
Land #19170 , Refactor smb lookupsid module
2024-05-17 13:43:52 +01:00
34ab7d97b2
Follow MS-LSAD and MS-LSAT spec for LSARPC & LookupSids
2024-05-17 10:59:37 +01:00
138a553b36
Add support for configurable RPORT, session & default rports to lookupsid
2024-05-17 10:59:37 +01:00
d569077564
Refactor smb_lookupsid module to use RubySMB
2024-05-17 10:59:37 +01:00
6de0048354
Removed unused regex search
...
Co-authored-by: cgranleese-r7 <69522014+cgranleese-r7@users.noreply.github.com >
2024-05-16 19:15:00 -05:00
d08247776c
Re-arranged Author list
2024-05-16 19:12:54 -05:00
cf15b1f858
Added post module for Quassel IRC Client
2024-05-16 19:12:54 -05:00
d54b3920b2
Land #19165 , Add Halloy IRC PackRat module
...
Merge branch 'land-19165' into upstream-master
2024-05-16 16:59:47 -05:00
da31761336
Lint
2024-05-15 22:13:53 +02:00
3900680a96
Update modules/exploits/multi/http/avideo_wwbnindex_unauth_rce.rb
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2024-05-15 22:07:45 +02:00
c815c2b15c
Update modules/exploits/multi/http/avideo_wwbnindex_unauth_rce.rb
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2024-05-15 22:07:19 +02:00
7d2c06a246
Update modules/exploits/multi/http/avideo_wwbnindex_unauth_rce.rb
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2024-05-15 22:07:04 +02:00
cd10c2d208
Update modules/exploits/multi/http/avideo_wwbnindex_unauth_rce.rb
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2024-05-15 22:06:53 +02:00
0cea2cba75
Add guard clause to not print out session info unless the session is enabled
2024-05-15 15:12:51 +01:00
7cdea94000
Convert ldap modules to use the new ldap session type
2024-05-15 15:12:51 +01:00
e693b9588c
Update ldap modules to support an ldap session
2024-05-15 15:12:51 +01:00
55cb49c60e
Add back in useful base dn discovery print out
2024-05-15 15:12:51 +01:00
df32ce2db9
Add ldap query support to the ldap session
2024-05-15 15:12:51 +01:00
9e4f958af7
keep ldap connection open for use in a session
2024-05-15 15:12:51 +01:00
3cedb20f75
Add initial ldap session support
2024-05-15 15:12:51 +01:00
7a33970ef8
Re-structured artifact enumeration option
...
Co-authored-by: cgranleese-r7 <69522014+cgranleese-r7@users.noreply.github.com >
2024-05-15 14:58:51 +01:00
554c5c3cb4
Re-structured artifact enumeration option
...
Co-authored-by: cgranleese-r7 <69522014+cgranleese-r7@users.noreply.github.com >
2024-05-15 14:52:58 +01:00
121d3ded85
Re-structured artifact enumeration option
...
Co-authored-by: cgranleese-r7 <69522014+cgranleese-r7@users.noreply.github.com >
2024-05-15 14:07:48 +01:00
8259db4756
Removed unused regex search
...
Co-authored-by: cgranleese-r7 <69522014+cgranleese-r7@users.noreply.github.com >
2024-05-15 14:06:58 +01:00
h00die-gr3y