94de45d856
Fix Bug
2020-02-29 23:22:56 +08:00
60f4787123
Exception handling and automatic get_domain info
2020-02-29 15:26:39 +08:00
9fa339eca8
Add an option,Fully implemented through API
2020-02-29 00:22:58 +08:00
ee64f38d8c
Added post module for adding local user accounts
2020-02-25 20:03:05 +08:00
7aa89c9d4e
Land #12970 , revert reverse_powershell changes
2020-02-22 09:12:51 +08:00
578bf9999f
Land #12955 , Update logic for ForceExploit in modules
2020-02-21 15:45:12 -06:00
2db93c9051
Land #12002 , Feature/reverse ssh
...
Merge branch 'land-12002' into upstream-master
2020-02-21 09:17:51 -06:00
f9077bcd8d
Land #12704 , OpenNetAdmin 18.1.1 Remote Code Execution exploit
2020-02-21 15:49:26 +01:00
5e4b83581a
Fix indentation issue
2020-02-21 15:47:32 +01:00
fe0e955dc2
Land #12849 , oracle_login docs
2020-02-21 08:58:16 -05:00
f451041d4b
oracle_login docs
2020-02-21 08:41:42 -05:00
9ef6110b54
Revert "Land #12945 , fix the cmd/windows/reverse_powershell payload"
...
This reverts commit 564895e1a8c1b2762b03
2020-02-21 06:53:37 -06:00
c9e4ca34c3
Land #12921 , Updating regex in ms16_075_reflection_juicy exploit windows version check
...
Merge branch 'land-12921' into upstream-master
2020-02-20 21:10:37 -06:00
564895e1a8
Land #12945 , fix the cmd/windows/reverse_powershell payload
...
Merge branch 'land-12945' into upstream-master
2020-02-20 20:52:46 -06:00
f483b80849
Changed to vars_post
2020-02-21 03:48:12 +03:00
695f6869df
Update opennetadmin_ping_cmd_injection.rb
2020-02-21 03:13:44 +03:00
f90d605c21
Update modules/exploits/unix/webapp/opennetadmin_ping_cmd_injection.rb
...
Co-Authored-By: cdelafuente-r7 <56716719+cdelafuente-r7@users.noreply.github.com >
2020-02-21 03:07:27 +03:00
f6e4b52446
Removing dead code.
2020-02-21 08:33:20 +09:00
f484e6c83c
Land #12862 , Apache James 2.3.2 arbitrary file write exploit module
2020-02-20 10:41:13 +01:00
a861ad3f21
Payload handler/cleanup improvement
2020-02-19 18:57:08 -08:00
f44f200f49
Remove problematic ruby cmd payloads and fix missing require in reverse_ssh
2020-02-19 13:52:38 -05:00
db8555e007
Land #12942 , add Diamorphine privilege escalation
2020-02-19 10:36:39 -06:00
d670276148
Land #12954 , fixes typos in CrossChex exploit docs
2020-02-19 15:40:46 +00:00
4288632203
Applied suggestions from rubocop.
...
Feedback from bwatters-r7
2020-02-19 16:59:08 +09:00
7dc1315dac
Update logic for ForceExploit in my modules
...
This lets the user opt out of running check completely.
2020-02-19 01:06:50 -06:00
ede90ef9a1
Land #12938 , CPU vulns for Linux enum_system
2020-02-19 00:46:32 -06:00
89dc1aebf8
add stderr output and attempt to fix utf8
2020-02-19 13:28:53 +08:00
4fa3b25788
Correct language in crosschex_device_bof
2020-02-18 23:18:45 -06:00
028285de77
Refactoring juicy potato check() logic.
...
Previously, server 2016/19 was not correctly detected and falsely
reporting as vulnerable, because the check was overly trusting the
reported OS name - see PR #355 for a description of the problem.
Furthermore, I discovered a self-introduced bug in the regex of build
detection, which would in some cases first match on '2016' and not the
build number, which would be less than the five-digit build number for
the forseeable future.
Testing data included in PR comments.
Feedback from @bwatters-r7
2020-02-19 11:19:02 +09:00
aa1fdb2075
Land #12724 , server AMSI and SBL separately from psh stager in web_delivery
2020-02-19 09:33:25 +08:00
0d8a86905a
fix sessions -K
2020-02-19 08:30:45 +08:00
5497876fd2
fix #12579 , make reverse_powershell great again
2020-02-19 07:58:59 +08:00
9aac803f41
remove a scratchpad line I saved while testing blog link fixes
2020-02-18 09:26:29 -06:00
8489bcdfd9
This fixes broken links to the community.rapid7.com blog
...
Performed mechanically with sed, spot-checked that the new blog can consume these links.
2020-02-18 09:06:11 -06:00
48ba1026c6
Land 12915, adds windows ssh persistence module
2020-02-17 12:02:49 +00:00
f630990b3b
use random amsi resource url
2020-02-17 10:07:18 +08:00
808a158c84
Land #12931 , fix the OSX password_prompt_spoof prompt module on Mojave and Catalina
2020-02-17 09:23:19 +08:00
ac6d0e4391
Add Diamorphine Rootkit Signal Privilege Escalation module
2020-02-16 14:53:16 +00:00
1db1bed08f
Land #12892 , set default username for mysql and mssql aux login modules
...
Set default username `sa` for auxiliary/scanner/mssql/mssql_login
Set default username `root` for auxiliary/scanner/mysql/mysql_login
Enable `BLANK_PASSWORDS` option by default for both modules,
as the default users make use of a blank password in by default.
2020-02-16 14:20:56 +00:00
0bffcd6212
Land #12448 , fix cmd/unix/reverse_perl_ssl and cmd/unix/reverse_php_ssl payloads
2020-02-16 12:11:28 +08:00
d047feeb03
Add check for CPU vulnerability status to enum_system
2020-02-15 14:35:38 +00:00
f5844ee953
Land #12830 , Ensure post/windows/gather/enum_patches gathers all patches
2020-02-15 03:47:43 +00:00
f61c188e57
Handling possible nil case of regex on OS build.
...
Feedback from adfoster-r7
Testing of detection:
```
msf5 exploit(windows/local/ms16_075_reflection_juicy) > check
[*] Target appears to be patched or not vulnerable (Windows 10 (10.0
Build 18363).)
[*] The target is not exploitable.
```
Testing of (forced) nil-case:
```
msf5 exploit(windows/local/ms16_075_reflection_juicy) > check
[*] Reloading module...
[!] Could not determine Windows build number - exploiting might fail.
[*] The target is not exploitable.
```
2020-02-14 09:26:04 +09:00
07954c0ce2
Land #12902 , Add exploit module for crosschex buffer overflow
2020-02-13 15:48:10 +00:00
0e55e20c9c
Land #12902 , Add exploit module for crosschex buffer overflow
2020-02-13 15:43:38 +00:00
da820f08e6
don't interact with other apps to avoid asking permissions
2020-02-13 16:17:33 +01:00
2ca2b5c7bb
replaces magic numbers with target fields
2020-02-13 14:17:23 +00:00
fce70c9284
Adjusting print method to better reflect the situation.
2020-02-13 08:02:02 +09:00
cbcf8a2a68
adds to_i and removes default options
2020-02-12 12:04:15 +00:00
6d73b572c7
Update vulnerable systems documentation.
...
Feedback from bcoles.
2020-02-12 08:22:43 +09:00
cn-kali-team