4473 Commits

Author	SHA1	Message	Date
Spencer McIntyre	56cd43a8b8	Land #15624, Add module for CVE-2020-27955	2021-09-15 14:54:19 -04:00
space-r7	c491687b78	Land #14631, add Jira user enum module	2021-09-15 12:37:17 -05:00
space-r7	c151937226	Update versions tested and vulnerable versions	2021-09-15 12:35:34 -05:00
Spencer McIntyre	480dec9a1e	Land #15658, Add module for CVE-2021-32682	2021-09-14 14:09:27 -04:00
Grant Willcox	cec3a4bc46	Land #15601, Add Geutebruck Post Exploitation Module	2021-09-14 10:03:21 -05:00
space-r7	91ae50eb27	escapeshellcmd -> escapeshellarg	2021-09-09 17:28:05 -05:00
space-r7	0095613a94	add completed module and documentation	2021-09-09 16:58:40 -05:00
Grant Willcox	7d3d57817f	Add in final changes so that we verify what we insert into the database more and only insert valid formats of data, and then also update the documentation accordingly	2021-09-08 17:27:53 -05:00
Grant Willcox	8057b63329	Add in documentation for various scenarios, fix up another database error, and also improve error handling of invalid responses from the server	2021-09-08 17:27:51 -05:00
Grant Willcox	e1cfc8d956	Bring documentation in line with standards and also update the module to fix a bug and to make it more conformant	2021-09-08 17:27:46 -05:00
Jeffrey Martin	67be4a6519	add zoomeye_search documentation	2021-09-08 17:27:44 -05:00
William Vu	5ed5bc3903	Add module doc	2021-09-08 09:37:02 -05:00
Jack Heysel	abbb994dab	Updated docs	2021-09-07 13:55:21 -04:00
Jack Heysel	7fe44583fe	Updated docs	2021-09-07 13:32:52 -04:00
bwatters	a7d99ebbfc	Land # 15611, ProxyShell Improvements ... Merge branch 'land-15611' into upstream-master	2021-09-07 11:47:13 -05:00
Jack Heysel	3c43bd409d	Added docs an Git User-Agent FP	2021-09-03 16:15:39 -05:00
Grant Willcox	e94d3bf260	Fix minor documentation change	2021-09-03 12:55:51 -05:00
Grant Willcox	e62f5e3011	Update documentation to reflect latest changes and update module to check files exist and bail if they don't, including when uploading a custom image	2021-09-03 12:55:45 -05:00
Grant Willcox	3334fce5e8	Fix up initial documentation concerns	2021-09-03 12:55:44 -05:00
Your Name	817904a916	Add Geutebruck Post Exploitation Module	2021-09-03 12:55:39 -05:00
Grant Willcox	0e0e3bbcfb	Land #15603, Add Geutebruck CVE_2021_335XX command injection module	2021-09-01 10:59:22 -05:00
bwatters	ff50a94348	Land #15567, Add in Exploit for CVE-2021-3490 ... Merge branch 'land-15567' into upstream-master	2021-08-31 18:46:25 -05:00
Grant Willcox	0a57641aa4	Add in documentation and module code cleanness improvements and also make the output easier for readers to understand should something fail midway through.	2021-08-31 18:24:57 -05:00
Grant Willcox	30a7ee1bf2	Final very minor documentation fixes for better clarity	2021-08-31 18:24:56 -05:00
Your Name	56cde3eaba	Add Geutebruck CVE_2021_335XX command injections module	2021-08-31 18:24:14 -05:00
Grant Willcox	3bca3b0bcb	Update exploit code to use & after the command to execute as root so it executes in the background and doesn't hang Metasploit. Also update the logic of the code to check the response from executing the exploit and respond accordingly and update the documentation to match	2021-08-31 15:07:37 -05:00
Spencer McIntyre	8317a484a3	Land #15548, Overhaul SMB auth capture server	2021-08-30 10:01:55 -04:00
Spencer McIntyre	95015f0c2b	Update the ProxyShell module docs	2021-08-27 17:50:28 -04:00
Tim W	6c0b90eabb	Land #15532, add module for CVE-2021-21300 and git mixins	2021-08-26 18:26:04 +01:00
Spencer McIntyre	674628e600	Land #15384, Improve Windows RDLL injection	2021-08-26 12:11:44 -04:00
Grant Willcox	6f9b06fb4b	Add in Manfred Paul's original blog post and chompie1337's original PoC to the list of links. Also add in a relatively detailed description of how to add in new targets to this exploit to the documentation in case that helps anyone down the line	2021-08-25 18:09:07 -05:00
space-r7	17da80163c	fix typo, set COUNT default to 3 as noted in docs	2021-08-25 14:17:47 -05:00
Grant Willcox	5a80e9678c	Address Spencer's comments and remove changes that don't directly use the DLL injection library API change	2021-08-24 16:34:01 -05:00
h00die	b9db47f873	wp_learnpress sqli	2021-08-23 19:45:45 -04:00
Grant Willcox	bd490d35ed	Add support for Linux 5.11.x on Fedora	2021-08-23 15:09:10 -05:00
Grant Willcox	db5ac81ecf	Fix up mistakes bcoles pointed out and also add in a check to ensure we are only targetting x64 systems	2021-08-23 13:23:40 -05:00
Grant Willcox	e46611cffb	Add in support for exploiting Fedora 32 with Linux kernel 5.10.12	2021-08-20 18:04:59 -05:00
Grant Willcox	75ae2b76f5	Add support for Fedora 32 Linux Kernel 5.9.8-100 and also fix an error where the wrong file was being used for Fedora 32 Linux Kernel 5.8.8.	2021-08-20 16:50:20 -05:00
Grant Willcox	5abf407228	Add support for Fedora 32 with Linux Kernel 5.8.8-200	2021-08-20 15:42:34 -05:00
Grant Willcox	dd806a9d61	Add in support for Fedora 32 running kernel 5.7.11-200	2021-08-20 13:37:52 -05:00
William Vu	e480e868b9	Remove dead cisco_rv130_rmi_rce documentation ... It is now cve_2019_1663_cisco_rmi_rce.	2021-08-20 05:06:00 -05:00
Grant Willcox	b479cb61a4	Add in scenario for Ubuntu 20.04.02 LTS and show that its still working as expected	2021-08-19 15:05:03 -05:00
Grant Willcox	b60ad3ee26	Fix up mistakes I noticed whilst doing edits on the code as well as some mistakes identified during peer review	2021-08-19 13:55:54 -05:00
William Vu	31796c6236	Land #15561, ProxyShell exploit	2021-08-19 10:31:02 -05:00
Spencer McIntyre	1519aef539	Land #15570, Fix smb enum gpp module	2021-08-19 09:20:38 -04:00
wvu	bcf00a0d3a	Update exchange_proxyshell_rce.md	2021-08-18 14:38:56 -05:00
Spencer McIntyre	75e63992d6	Write an exploit for ProxyShell	2021-08-18 10:50:34 -04:00
adfoster-r7	d9baaed0ba	Fix smb enum gpp module	2021-08-18 11:44:03 +01:00
Grant Willcox	d5df47692c	Add in first copy of the exploit along with the supporting source code and binaries. Documentation to come	2021-08-17 18:01:14 -05:00
A Galway	534ba9a7af	splits jtr hash files, adds timeout & updates docs	2021-08-16 16:57:49 +01:00