e963582e18
Update fortra_goanywhere_rce_cve_2023_0669.rb
...
Name typo
2023-02-09 23:06:59 +01:00
c7279e9a0a
Add credit for CVE-2023-0669; fix path in docs
2023-02-09 13:02:40 -05:00
de8a6e1445
Move fortra_goanywhere_rce_cve_2023_0669 module documentation to documentation directory
2023-02-09 23:12:45 +11:00
508f5c7e52
Land #17619 , Run rubocop on exploit modules
2023-02-09 10:11:53 +00:00
c997952d83
Land #17607 , Fortra RCE CVE-2023-0669
...
Fortra deserialization RCE CVE-2023-0669 (ETR)
2023-02-08 12:56:09 -05:00
656ded4b86
Add module notes
2023-02-08 15:46:07 +00:00
2b008af097
Move the module to reflect it targets Windows too
2023-02-08 10:24:27 -05:00
25ee41df68
Run rubocop on exploit modules
2023-02-08 15:20:32 +00:00
10144a9f13
Land #17615 , Add missing module notes for stability reliability and side effects
2023-02-08 12:28:47 +00:00
433bafdccf
Add missing module notes for stability reliability and side effects
2023-02-08 11:45:17 +00:00
8ee67085c8
Land #17556 , ManageEngine ADSelfService Plus RCE (CVE-2022-47966)
...
Merge branch 'land-17556' into upstream-master
2023-02-07 16:57:22 -06:00
53c67653f5
Land #17527 , ManageEngine ServiceDesk Plus RCE (CVE-2022-47966)
...
Merge branch 'land-17527' into upstream-master
2023-02-06 17:37:31 -06:00
6870efc34a
Land #17426 , Update all references to old Wiki to point to new docs site
2023-02-01 23:49:20 +00:00
f676568d89
Fix CVE
2023-01-30 12:18:08 +01:00
a5ba1245c2
Fix CVE
2023-01-30 12:15:14 +01:00
e11aaa8027
modules/exploits/multi/local: Resolve Rubocop and msftidy_docs violations
2023-01-28 15:02:24 +11:00
85d5b041aa
Add minimum build number check
2023-01-27 18:03:19 +01:00
6043d0ffba
Update all links from Wiki site to new docs site.
2023-01-27 09:58:53 -06:00
e01239cf7b
Add exploit module and documentation
2023-01-26 21:53:14 +01:00
ed2dd2fc0c
Add randomization in the XML when possible & fix BadChars issue
2023-01-26 18:42:09 +01:00
2be22752be
Add Linuc specifics and documentation
2023-01-26 16:16:00 +01:00
38f0d33d6b
Add exploit module
2023-01-24 00:55:45 +01:00
3c219c8a77
prevent .keys call on nil in log4shell_header_injection
2022-12-15 12:51:30 +02:00
330cb2944b
fix typo
...
OptString.new('FILENAME', [true, 'The OpoenOffice Text document name', 'msf.odt']) -> OpoenOffice changed to OpenOffice
2022-11-30 22:10:18 +01:00
8ca7550062
Land #17257 , Adding exploit for ChurchInfo 1.2.13-1.3.0 RCE (CVE-2021-43258)
2022-11-18 19:27:10 -06:00
237eb904d4
Add in fixes for documentation examples and then update the code to fix some bugs
2022-11-18 18:30:07 -06:00
85a6770973
Add additional checks, a check method, and fix up some doc errors
2022-11-18 18:22:06 -06:00
b9ecdb3bc2
Use TARGETURI, registered cleanup, implment cookie_jar, and perform response checks and documentation
2022-11-18 18:21:27 -06:00
a33a313544
Adding exploit for ChurchInfo 1.3.0
2022-11-18 18:21:08 -06:00
d1a7170020
Land #17021 , Gitea Git fetch RCE module - CVE-2022-30781
2022-11-17 12:28:29 +01:00
11541a5774
Add comment for details about the string substitutions on Windows
2022-11-17 12:25:52 +01:00
1ddc137f1a
Update module
...
- adjust execute_command method and add logic for :win_dropper target
- move cmdstager uripath setting into target case statement
- add more cmdstagerflavour for :linux_dropper target
- fix lint msftidy
2022-11-15 22:30:45 +07:00
cbca2a5604
Update modules/exploits/multi/http/gitea_git_fetch_rce.rb
...
apply suggestion
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2022-11-15 22:17:59 +07:00
639afebe1e
Update module
...
- handle cleanup method on manual `check`
- adjust targets flavour option
- add :win_dropper target and handle the payload delivery
NOTE: the Windows dropper target is still unsuccessfull but keep this for further review
2022-11-09 16:12:20 +07:00
13bb31feeb
Update module
...
- move repository migration to execute_command.
NOTE: the stageless payload is still unsuccessfull but keep this anyway for christophe to review.
2022-11-09 04:52:18 +07:00
bca5138fc8
Update module
...
- move cleanup process to its own method and handle the response
- remove timeout and http delay option
- adjust target type location as code review suggestion
2022-11-09 01:42:27 +07:00
a50cca27e6
remove cookie_jar manipulation
2022-11-09 00:48:23 +07:00
52d867bbc7
follow Ruby coding convetions
...
- combine gitea_version into get_gitea_version for the check method
- validate empty username
2022-11-09 00:41:30 +07:00
f0b67c8812
fix msftidy
2022-11-08 14:14:45 +07:00
540984804d
Apply suggestions from code review
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2022-11-08 14:09:31 +07:00
f61136dd6d
Fixed powershell taget
2022-11-01 10:55:50 -05:00
757c0da639
Review updates
...
Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com >
2022-11-01 10:55:20 -05:00
b31c0f6987
Added check method, refactored, updated docs
2022-11-01 10:54:27 -05:00
a0babb354a
Apache CouchDB Erlang module initial commit
2022-11-01 10:54:19 -05:00
c4c2c7c0c1
Beta commit, injection working
2022-11-01 10:54:12 -05:00
9c5d82e00f
Land #17147 , add Vargrant Breakout module
...
This PR adds a module that exploits a default
Vagrant shared folder to append a Ruby payload
to the Vagrant project Vagrantfile config file.
2022-10-26 17:11:03 -04:00
01fa2e1041
Add Vagrant Synced Folder Vagrantfile Breakout module
2022-10-26 17:33:44 +11:00
7c64b0ba93
add option in documentation and add notes
2022-10-25 12:22:00 -05:00
982cfb97c2
Refactor: check for THEME_DIR as ternary
...
Suggested by @space-r7
2022-10-25 17:38:30 +02:00
08721ccf73
Adding THEME_DIR option to wp_crop_rce exploit
2022-10-20 16:37:21 +02:00
Frycos