786d59d360
Use AutoCheck mixin and prefer cc over gcc
2020-08-24 11:47:50 +00:00
841d488667
Land #13985 , add Cisco ssh dos module
2020-08-21 15:45:27 -05:00
c578fde89c
Land #13982 , add cisco 7937g ssh privesc
2020-08-21 15:04:24 -05:00
39284d4263
align logging line, fix msftidy_docs warning
2020-08-21 14:55:45 -05:00
06f0e2ee92
add randomize ssh cred function
2020-08-21 13:13:33 -05:00
33524c0cbf
Create cisco_7937g_ssh_privesc.py
2020-08-21 13:40:53 -04:00
8ea1f5acc2
Delete cisco_7937g_ssh_privesc.py
2020-08-21 13:40:17 -04:00
5a26aa602e
Land #14014 , improve squid_pivot_scanning's handling of http response codes
2020-08-21 18:39:05 +01:00
5bcdaa50d6
Land #13984 , add cisco 7937g dos module
2020-08-21 09:21:46 -05:00
e74a8f38e9
misaligned except statement
2020-08-21 09:01:45 -05:00
178bc3fe50
Serve the public trust. Protect the innocent. Tell noobs to delete necessary parameters. Uphold the law.
2020-08-21 08:47:05 +09:00
935403d937
Applying rubocop suggestions.
2020-08-21 08:35:20 +09:00
06cbf9a86c
Applying suggested fixes.
2020-08-21 08:20:21 +09:00
86dbac3466
add a space to author field
2020-08-20 10:52:39 -05:00
3326d86db7
review comments
2020-08-20 10:26:13 -05:00
43fabcad53
arista
2020-08-20 10:25:08 -05:00
02e6e3feda
Adding documentation for auxiliary/scanner/http/squid_pivot_scanning.
2020-08-20 17:41:03 +09:00
11e0bd1375
Landing #14016 , fix syntax errors in post/osx/gather/enum_osx
2020-08-19 15:28:33 +02:00
f05f2b1846
Land #13989 , TeamViewer URI SMB exploit (CVE-2020-13699)
2020-08-19 11:08:40 +02:00
28338ace57
review comments
2020-08-18 13:45:28 -04:00
a765c1d994
post/osx/gather/enum_osx: Fix typos
2020-08-18 16:02:24 +00:00
6e2a7001a9
Land #13994 , add Dlink Wifi manager rce
2020-08-18 09:34:19 -05:00
d79ad5efca
minor rubocop fix
2020-08-18 09:33:32 -05:00
114290cd94
Land #14006 , update path in osx_enum to fix keychain download
2020-08-18 13:00:45 +02:00
d50ed2eb37
Better handling of Squid HTTP response codes.
...
The previous version has a bug where HTTP codes that are not [200, 401, 404],
or the word "Zero" is not included in the response body(??), the valid open
port is not printed to the user. This patch fixes that and improves outut.
This commit improves the resilience of this module by looking at the HTTP
response header 'X-Squid-Error', which has static strings from an enum struct
documented here: http://www.squid-cache.org/Doc/code/err__type_8h.html
If the client receives an error from Squid that is not handled, the error type
will now also be printed for the user (eg: ERR_READ_TIMEOUT).
Previously, the module would also output (almost) every IP:PORT pair, even when
they are closed or forbidden by Squid ACL. This has been moved to be a verbose
option, so that non-verbose port-scanning prints a significantly shorter list
for human consumption.
As (among others) HTTP 3xx redirects were not previously displayed to users,
the redirect location is now also printed in the output. The server header is
printed for all open ports where available, and stored in the database.
2020-08-18 12:57:18 +09:00
9c90741a79
Rename cisco_7937G_ssh_privesc.py to cisco_7937g_ssh_privesc.py
2020-08-17 20:26:01 -04:00
c19836b7d5
Rename cisco_7937G_DoS.py to cisco_7937g_dos.py
2020-08-17 20:24:34 -04:00
cfea0db83c
Rename cve_2020_16139.py to cisco_7937g_dos_reboot.py
2020-08-17 20:24:17 -04:00
9906c931a2
Rename cve_2020_16138.py to cisco_7937G_DoS.py
2020-08-17 20:21:33 -04:00
fc08076240
Update and rename cve_2020_16137.py to cisco_7937G_ssh_privesc.py
2020-08-17 20:20:35 -04:00
0a20a217dc
Fix description of the vulnerability
...
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com >
2020-08-17 21:06:46 +02:00
602865ef70
refactor if in check method
...
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com >
2020-08-17 21:01:34 +02:00
de5f335618
Fix formatting
2020-08-17 11:53:39 -05:00
0c34c2559e
Remove no-op Nokogiri::XML pretty printing
...
ea1f3d60f1
2020-08-17 11:16:11 -05:00
27ae6c4edd
Land #13986 , Add CVE-2020-16205 exploit for Geutebruck G-CAM
2020-08-17 09:24:32 -05:00
ea1f3d60f1
Adjust XML whitespace and add commands to the setup docs
2020-08-17 10:03:44 -04:00
8eca964ced
Update path in osx_enum to fix keychain download
...
Looks like an anchoring "/" has always been missing for the keychain download in enum_osx to function.
2020-08-16 22:50:03 -05:00
eda222434f
Execute commands in a shell
2020-08-14 21:46:34 -05:00
22cf22fe53
Fix ARCH_CMD payload
...
Currently, we're not invoking within a shell.
2020-08-14 21:46:34 -05:00
f151c511bc
Explain what we're doing in the check
2020-08-14 21:46:34 -05:00
d3febe3284
Set SSL as a DefaultOption and update RPORT
2020-08-14 21:46:34 -05:00
46b6368597
Add Apache OFBiz XML-RPC Java deserialization
2020-08-14 21:46:34 -05:00
4a8b64a12f
Use WritableDir in execute_cmdstager, too
2020-08-14 21:07:08 -05:00
93fa66bfc5
Update geutebruck_testaction_exec.rb
...
And a fix for the fix ;)
I guess now everything will work as intended !
2020-08-15 00:56:53 +02:00
1da359ee01
Merge with last fix. This fix just fixes a issue with a method call as I tried calling the nonexistant method .true?
2020-08-14 17:49:02 -05:00
896c8aacae
Add in AutoCheck mixin so that we ensure targets are vulnerable before attempting to exploit them.
2020-08-14 17:27:39 -05:00
898f94320c
Add in fixes to check method so that the code will return the correct status if the connection fails
2020-08-14 17:18:31 -05:00
f3fdcf4343
Update geutebruck_testaction_exec.rb
...
Oops sorry, don't know what this "return true" was doing there.
2020-08-14 23:56:21 +02:00
82857c0a36
Update cve_2020_16137.py
2020-08-14 17:47:04 -04:00
b65c49aa25
Update cve_2020_16137.py
2020-08-14 17:43:38 -04:00
Brendan Coles