 scanu92
|
1850cfd0c1
|
Apply suggestions from code review
Co-Authored-By: bcoles <bcoles@gmail.com>
|
2019-11-03 00:32:32 +01:00 |
|
|
Brendan Coles
|
f239b5db8f
|
Add FreeSWITCH Event Socket Command Execution
|
2019-11-02 22:03:02 +00:00 |
|
|
scanu92
|
632e423236
|
Update cmsms_object_injection_rce.rb
|
2019-11-02 21:31:08 +01:00 |
|
|
scanu92
|
33303746f8
|
Update cmsms_object_injection_rce.rb
|
2019-11-02 21:29:38 +01:00 |
|
|
scanu92
|
beffab0787
|
Update cmsms_object_injection_rce.rb
|
2019-11-01 15:26:02 +01:00 |
|
|
scanu92
|
7cc1175287
|
Update cmsms_object_injection_rce.rb
Add NormalRanking to cmsms_object_injection_rce module
|
2019-11-01 15:15:49 +01:00 |
|
|
sk4
|
af0761bcfd
|
Add CMS Made Simple object injection exploit module
|
2019-11-01 12:11:38 +01:00 |
|
|
Francesco Soncina
|
9fc2df5ea8
|
move force_tls12 to rex-powershell
|
2019-10-31 16:28:59 +01:00 |
|
|
William Vu
|
f5ce31519c
|
Fix style, once more with feeling
|
2019-10-31 09:59:35 -05:00 |
|
|
wvu-r7
|
dc62ea080b
|
Fix style
Co-Authored-By: bcoles <bcoles@gmail.com>
|
2019-10-31 09:54:18 -05:00 |
|
|
Shelby Pace
|
0b4a0b3148
|
Land #12476, add Nostromo dir traversal RCE
|
2019-10-31 08:24:41 -05:00 |
|
|
Shelby Pace
|
99fd254348
|
add reference
|
2019-10-31 08:23:57 -05:00 |
|
|
Quentin Kaiser
|
ca81793860
|
Forgot to put ForceExploit in registered options.
|
2019-10-31 10:25:26 +01:00 |
|
|
Quentin Kaiser
|
0531dd7bb9
|
Hash rocket alignment.
|
2019-10-29 12:28:39 +01:00 |
|
|
Quentin Kaiser
|
bc0c2bf721
|
check function rewrite.
|
2019-10-29 12:27:15 +01:00 |
|
|
Quentin Kaiser
|
436d6781c1
|
Fix description.
|
2019-10-29 12:25:01 +01:00 |
|
|
Quentin Kaiser
|
b357db22cf
|
Fix description.
|
2019-10-29 12:24:22 +01:00 |
|
|
Quentin Kaiser
|
8bbb33c483
|
Generic name.
|
2019-10-29 12:24:00 +01:00 |
|
|
Quentin Kaiser
|
b6dd30302a
|
Rewriting of command stager, based on exploits/unix/webapp/webmin_backdoor.
|
2019-10-29 12:23:19 +01:00 |
|
|
William Vu
|
ec0974222c
|
Fix module title again
|
2019-10-27 11:48:50 -05:00 |
|
|
William Vu
|
e010f48a3b
|
Move module to coldfusion_rds_auth_bypass
|
2019-10-27 11:25:56 -05:00 |
|
|
William Vu
|
2cc5f23915
|
Fix module title
|
2019-10-27 11:25:40 -05:00 |
|
|
William Vu
|
a0d1f02fd1
|
Fix failed login check for ColdFusion 9.something
It was merely "ColdFusion Administrator" for the version I tested.
|
2019-10-24 17:07:45 -05:00 |
|
|
Shelby Pace
|
e8469dca93
|
Land #11025, add Xorg SUID Modulepath Privesc
|
2019-10-22 14:11:00 -05:00 |
|
|
Shelby Pace
|
f4a54df262
|
change location of rescue, method name
|
2019-10-22 09:31:43 -05:00 |
|
|
Shelby Pace
|
1fd09b6a81
|
add solaris targets and Metasm usage
|
2019-10-21 16:13:10 -05:00 |
|
|
William Vu
|
3565b0efb8
|
Land #12365, Total.js CMS widget creation RCE
|
2019-10-21 15:22:09 -05:00 |
|
|
Quentin Kaiser
|
d76ea0ca59
|
Initial module version for Nostromo RCE (CVE-2019-16278).
|
2019-10-21 18:11:44 +02:00 |
|
|
RAMELLA Sébastien
|
25f60b07ed
|
compliance for the framework
|
2019-10-18 15:51:58 +04:00 |
|
|
Wei Chen
|
0ebc971d29
|
Use CmdStager mixin
|
2019-10-15 14:00:58 -05:00 |
|
|
Wei Chen
|
bb7c42b2ce
|
Arch and disclosure date
|
2019-10-15 10:25:20 -05:00 |
|
|
Wei Chen
|
a3331dba9f
|
Move totaljs cms module and doc
|
2019-10-15 10:11:14 -05:00 |
|
|
Shelby Pace
|
ec9ea4ce0d
|
Land #12366, fix nil check in atutor module
|
2019-10-14 18:14:06 -05:00 |
|
|
Francesco Soncina
|
1878ff8017
|
move AMSI/SBL bypass in inner payload, force TLSv1.2 support
see https://github.com/rapid7/rex-powershell/pull/19
|
2019-10-13 02:33:49 +02:00 |
|
|
Francesco Soncina
|
16a85f2cfa
|
Add support for AMSI/SBL bypass to PSH web_delivery
Related to https://github.com/rapid7/rex-powershell/pull/17
|
2019-10-12 16:55:08 +02:00 |
|
|
Brendan Coles
|
af05a33957
|
Land #12408, Fix spelling mistakes
|
2019-10-05 21:10:56 +00:00 |
|
|
h00die
|
9f29f5f419
|
fix spelling received
|
2019-10-05 14:40:27 -04:00 |
|
|
h00die
|
4cc85ecb75
|
adress a spelling problem
|
2019-10-05 14:22:18 -04:00 |
|
|
h00die
|
ffc8c7e32a
|
more ruby style
|
2019-10-02 20:23:12 -04:00 |
|
|
floyd
|
c747221863
|
Remove invalid email addresses
|
2019-10-02 13:35:25 +02:00 |
|
|
h00die
|
c188d179ed
|
fix atutor bugs
|
2019-09-26 20:37:10 -04:00 |
|
|
RAMELLA Sébastien
|
28bbcd5402
|
fix. linux stager and add. documentation
|
2019-09-26 16:26:44 +04:00 |
|
|
RAMELLA Sébastien
|
dfd97a7518
|
add. stager and fix. generic command
|
2019-09-26 12:40:03 +04:00 |
|
|
Wei Chen
|
6a80bf2cf5
|
Should ensure, not in exception
|
2019-09-25 22:23:41 -05:00 |
|
|
h00die
|
d6a7da9490
|
fix atutor nil
|
2019-09-25 22:02:55 -04:00 |
|
|
h00die
|
ca99bd4191
|
fix nil check
|
2019-09-25 21:24:14 -04:00 |
|
|
Wei Chen
|
8dc238e687
|
Add TotaJS CMS Code Injection in Widget Creation
|
2019-09-25 16:54:44 -05:00 |
|
|
RAMELLA Sébastien
|
82457a4049
|
add. exploit module vbulletin 5.x unauth RCE
|
2019-09-26 01:11:22 +04:00 |
|
|
todb-r7
|
a9a2ce2f6a
|
Add correct CVE for shopware module
In PR #11828, the module author requested, and got, a new CVE for this
issue. The module should reflect that.
|
2019-09-12 16:09:32 -05:00 |
|
|
Shelby Pace
|
644988750e
|
change permission on payload
|
2019-09-12 07:43:54 -05:00 |
|