fc762f8a82
Land #13402 , add service_exists? method
2020-05-12 13:37:54 -05:00
9b40554ec6
Land #13370 , Add Druva inSync inSyncCPHwnet64.exe RPC Type 5 Privilege Escalation
...
Merge branch 'land-13370' into upstream-master
2020-05-12 13:20:27 -05:00
e3e82ca17e
Land #13401 , Add SaltStack Salt root key disclosure and RCE
2020-05-12 14:18:50 -04:00
df5bb76aea
Land #13404 , Fix fakedns.rb's TARGETDOMAIN explanation.
2020-05-12 12:38:51 -05:00
235f822937
Add Netsweeper WebAdmin unixlogin.php pre-auth RCE
2020-05-12 08:34:20 -05:00
06cae74d51
Note what CheckModule is used to provide a check
...
Hat tip @ccondon-r7 for making me realize my standard comment needs to
be reapplied.
2020-05-11 12:28:02 -05:00
83dde571a2
Add VMware vRealize Operations Manager advisory
...
Hat tip @brudis-r7!
2020-05-11 12:05:38 -05:00
6e8abd7a40
Add SaltStack Salt unauthenticated RCE module
2020-05-11 12:05:38 -05:00
f346b1b001
Add SaltStack Salt root key disclosure module
...
Also adds a new ZeroMQ mixin, mainly for use with Salt modules.
2020-05-11 12:05:38 -05:00
d31ddadd74
Fix advisory link in Qradar sploit
2020-05-09 14:59:43 +07:00
cf25629510
Fix advisory link in TM1 module
2020-05-09 14:58:46 +07:00
1a9c04c2c4
Use new method
2020-05-08 14:49:01 -05:00
e243d3ec9a
Clanup cloud_lookup docs and remove some unnecessary code
2020-05-08 15:41:19 -04:00
683ecb7b8d
Tweak handling of the DnsNote option
2020-05-08 12:21:52 -04:00
6be4b5431c
Remove the TLD wordlist option for now
2020-05-08 12:21:52 -04:00
0a8cb83e7f
Fix TXT records, the DNS port, and messages for cloud_lookup
2020-05-08 12:21:52 -04:00
715dfc13f8
Refactor the auxiliary mixin to an enumeration exploit mixin
2020-05-08 12:21:52 -04:00
09ded72247
migrate enum_dns to mixin (add. TLDs wordlist) and update cloud_lookup
2020-05-08 12:21:52 -04:00
578a13732d
add. move DNS functions into a mixin
2020-05-08 12:21:52 -04:00
e96cd2695b
remove deprecated ips blacklist for Stackpath and add more features.
2020-05-08 12:21:52 -04:00
9a7175522b
fix. rubocop add. comments, review, NoWAFBypass, AzureCDN and mores...
2020-05-08 12:21:52 -04:00
85a5ee2cc6
add. some IP check filters.
2020-05-08 12:21:52 -04:00
c6d754aa9f
add. some comparisons and fixes of some stuff
2020-05-08 12:21:52 -04:00
7334e5b2e9
add. new gather module cloud_lookup
2020-05-08 12:21:52 -04:00
0b6fdb9888
Land #13413 , ibm_drm_download default action fix
2020-05-07 09:24:00 -05:00
b4e2599921
Remove trailing whitespace to fix build failures
2020-05-07 09:59:34 -04:00
9769e04b6e
Land #13322 , CVE-2020-0668 Service tracing file junction overwrite
2020-05-07 09:47:20 -04:00
26d4cb7a47
Tweak the service tracking checks and update docs markdown
2020-05-07 09:46:19 -04:00
04e263f305
Add auxiliary/admin/http/ibm_drm_download action
2020-05-07 08:03:28 -05:00
61e17d3a2c
Land #13406 , Fix multiple DNS enumeration related bugs
2020-05-07 10:38:07 +01:00
a1275845ec
Land #13200 , CVE-2019-0808 LPE for Windows 7 x86 SP0 and SP1
2020-05-06 17:23:52 -05:00
a5fe498610
Update ARCH handling, suggested changes, and last-minute fixes
2020-05-06 15:36:53 -05:00
f8fe5974be
Properly skip over unsupported RRs when doing DNS zone transfers
2020-05-06 13:15:33 -04:00
b7234902bc
fakedns: specificy in help the wildcard character
2020-05-06 19:02:32 +02:00
3473016aea
Land #13107 , Kentico deserialization RCE
2020-05-06 16:16:05 +02:00
bf16307d7f
Add Druva inSync inSyncCPHwnet64.exe RPC Type 5 Privilege Escalation
2020-05-06 14:09:46 +00:00
5609a99758
Neaten up alignment and spacing on ntusermndragover.rb
2020-05-05 21:28:51 -05:00
b7e6d625bc
Land #13399 , Fix fail with call in vmware fusion lpe
...
Merge branch 'land-13399' into upstream-master
2020-05-05 14:34:33 -05:00
8b47ee6013
Fix fail with call in vmware fusion lpe
2020-05-05 19:24:07 +01:00
80b64830cc
Land #13304 , IBM DRM SSH exploit
2020-05-05 12:08:02 -05:00
e2690ad378
Land #13301 , IBM DRM arbitrary file download
2020-05-05 12:07:37 -05:00
e0a67f4fd1
Land #13300 , IBM DRM RCE
2020-05-05 12:07:15 -05:00
1cb91dcb42
Address review comments
...
Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update ibm_drm_a3user.md
Update modules/exploits/linux/ssh/ibm_drm_a3user.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/exploits/linux/ssh/ibm_drm_a3user.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/exploits/linux/ssh/ibm_drm_a3user.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/exploits/linux/ssh/ibm_drm_a3user.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/exploits/linux/ssh/ibm_drm_a3user.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/exploits/linux/ssh/ibm_drm_a3user.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/exploits/linux/ssh/ibm_drm_a3user.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/exploits/linux/ssh/ibm_drm_a3user.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/exploits/linux/ssh/ibm_drm_a3user.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/exploits/linux/ssh/ibm_drm_a3user.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/exploits/linux/ssh/ibm_drm_a3user.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/exploits/linux/ssh/ibm_drm_a3user.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
use fail_with
2020-05-05 10:58:05 -05:00
227347627c
Address review comments
...
Update documentation/modules/auxiliary/admin/http/ibm_drm_download.md
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update documentation/modules/auxiliary/admin/http/ibm_drm_download.md
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update documentation/modules/auxiliary/admin/http/ibm_drm_download.md
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/admin/http/ibm_drm_download.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
final changes!
Update modules/auxiliary/admin/http/ibm_drm_download.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/admin/http/ibm_drm_download.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/admin/http/ibm_drm_download.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/admin/http/ibm_drm_download.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/admin/http/ibm_drm_download.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/admin/http/ibm_drm_download.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/admin/http/ibm_drm_download.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/admin/http/ibm_drm_download.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
final final
Update ibm_drm_download.md
change date to ISO
really fix the date now
2020-05-05 10:56:40 -05:00
a17d78a327
Address review comments
...
Update documentation/modules/exploit/linux/http/ibm_drm_rce.md
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update documentation/modules/exploit/linux/http/ibm_drm_rce.md
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update documentation/modules/exploit/linux/http/ibm_drm_rce.md
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update ibm_drm_rce.md
Update modules/exploits/linux/http/ibm_drm_rce.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/exploits/linux/http/ibm_drm_rce.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/exploits/linux/http/ibm_drm_rce.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/exploits/linux/http/ibm_drm_rce.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/exploits/linux/http/ibm_drm_rce.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/exploits/linux/http/ibm_drm_rce.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/exploits/linux/http/ibm_drm_rce.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
make final changes!
Update modules/exploits/linux/http/ibm_drm_rce.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/exploits/linux/http/ibm_drm_rce.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/exploits/linux/http/ibm_drm_rce.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/exploits/linux/http/ibm_drm_rce.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/exploits/linux/http/ibm_drm_rce.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/exploits/linux/http/ibm_drm_rce.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/exploits/linux/http/ibm_drm_rce.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/exploits/linux/http/ibm_drm_rce.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/exploits/linux/http/ibm_drm_rce.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/exploits/linux/http/ibm_drm_rce.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/exploits/linux/http/ibm_drm_rce.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/exploits/linux/http/ibm_drm_rce.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/exploits/linux/http/ibm_drm_rce.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/exploits/linux/http/ibm_drm_rce.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/exploits/linux/http/ibm_drm_rce.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/exploits/linux/http/ibm_drm_rce.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/exploits/linux/http/ibm_drm_rce.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/exploits/linux/http/ibm_drm_rce.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
final final final
2020-05-05 10:53:08 -05:00
9fe684e5d5
break into smaller chunks
2020-05-05 10:15:55 +07:00
5651f4ae75
break into small chunks
2020-05-05 10:01:40 +07:00
d2b196f172
Land #13353 , Trixbox CE endpoint_devicemap.php Authenticated RCE
2020-05-04 16:11:05 -05:00
18ebf5efa6
Trixbox CE <= v2.8.0.4 Authenticated RCE
...
This module exploits a post-authentication OS command injection vulnerability found in Trixbox CE <= v2.8.0.4 which may allow arbitrary command execution on the underlying operating system.
2020-05-04 15:58:38 -05:00
30b17c6323
Remove some whitespace for msftidy compliance
2020-05-04 10:14:00 -04:00
Shelby Pace