b9348bd579
Added the CVE number in the references
2018-11-14 16:52:57 +01:00
5f9570cbcf
Added WordPress Duplicator <= 1.2.40 and documentation
2018-11-14 16:39:42 +01:00
f43aaac290
Clean code.
2018-11-14 16:48:39 +08:00
4fc047db87
Added advanced option to check console lock on linux systems, default true & updated docs
2018-11-13 22:33:12 -06:00
7cc4d09a92
Clean code.
2018-11-14 10:35:38 +08:00
5e85683228
removed to_s from string
2018-11-13 15:28:55 -06:00
ac8932c144
update 9631 to a current branch
2018-11-13 15:15:25 -06:00
da134f06e3
Updated check method
...
Fixed check method and redundant variable declarations
2018-11-13 16:01:40 -05:00
538055c406
Initial documentation for Xorg Privesc Module
...
killed white spaces
2018-11-12 15:44:13 -06:00
541283a4dd
Tidied up set_payload
2018-11-12 20:45:49 +01:00
0bdab320f7
Remove useless variable declaration
...
Co-Authored-By: carmaa <carsten@carmaa.com >
2018-11-12 12:04:22 +01:00
388aebc335
Add exploit module for spark unauthenticated rce.
2018-11-12 17:07:50 +08:00
16d146fd59
Fixing indentation.
2018-11-12 13:24:00 +08:00
3e4df06500
Some more modifications
...
Placed contents of request_post into execute_command
Randomized fingerprint with rand_text_alpha(12)
Spaces at EOL fixed
Normalized target URI
2018-11-12 13:04:42 +08:00
818cb37aca
Implemented changes recommended by @bcoles.
2018-11-12 12:26:23 +08:00
e06af184c8
Tidy check method
2018-11-11 22:53:13 +01:00
8894af58de
serialized, not deserialized...
2018-11-11 22:47:57 +01:00
1e8fbc3a1b
Fixed indentation and added a status message printout when exploiting
2018-11-11 22:37:42 +01:00
cf5ca78350
Added YSOSerial payload generating string
2018-11-11 22:15:30 +01:00
ef7fc783be
Added Selinux check, changed version check, retested on all platforms
2018-11-11 12:34:30 -06:00
a5429d21a6
Update modules/exploits/multi/local/xorg_x11_suid_server.rb
...
Co-Authored-By: aringo <ringo.aaron@gmail.com >
2018-11-11 07:39:32 -06:00
2a7b18bcbf
Update modules/exploits/multi/local/xorg_x11_suid_server.rb
...
Co-Authored-By: aringo <ringo.aaron@gmail.com >
2018-11-11 07:38:42 -06:00
40bc44d2b6
Add ForceExploit to Linux local modules
2018-11-11 09:37:56 +00:00
e6f548c5f4
added meterpreter, took out in session, moved to exploits/multi/local
2018-11-11 01:43:36 -06:00
3770f121fe
Changing result parsing style
...
Co-Authored-By: carmaa <carsten@carmaa.com >
2018-11-11 08:07:37 +01:00
951d3e1117
Changing result parsing style
...
Co-Authored-By: carmaa <carsten@carmaa.com >
2018-11-11 08:07:32 +01:00
446eec00b3
Remove disconnect
...
Co-Authored-By: carmaa <carsten@carmaa.com >
2018-11-11 08:04:43 +01:00
189c203e3d
Remove handler
...
Co-Authored-By: carmaa <carsten@carmaa.com >
2018-11-11 08:04:34 +01:00
e5df5494d9
Remove connect
...
Co-Authored-By: carmaa <carsten@carmaa.com >
2018-11-11 08:04:22 +01:00
5a978dca2e
Removed architecture to make payload selection work
2018-11-10 23:00:54 +01:00
cbaacf696a
Add exploit module for CVE-2017-12557
...
HP Intelligent Management Java Deserialization RCE (Windows)
2018-11-10 22:36:43 +01:00
1f14a9846d
Land #10767 , Add Cisco Prime Infrastructure remote root exploit
2018-11-10 17:08:16 +00:00
981893a8bf
Merge branch 'master' into sparkrce
2018-11-09 14:12:33 +08:00
b93f14a5c2
Fixed some PR feedback, still working on adding meterpreter and cleanup
2018-11-08 22:10:46 -06:00
3f3bee6a79
added version check
2018-11-08 22:08:11 -06:00
012c8a450f
Feedback from PR work cont. changed loop, formatting errors, options
2018-11-08 22:08:11 -06:00
adb8be7f9f
includes partially implemented feedback from PR
2018-11-08 22:08:11 -06:00
18bf58e547
Update modules/exploits/openbsd/local/xorg_x11_suid_server.rb
...
Co-Authored-By: aringo <ringo.aaron@gmail.com >
2018-11-08 22:08:11 -06:00
8c4eb5f741
Update modules/exploits/openbsd/local/xorg_x11_suid_server.rb
...
Co-Authored-By: aringo <ringo.aaron@gmail.com >
2018-11-08 22:08:11 -06:00
84b79e6787
Update modules/exploits/openbsd/local/xorg_x11_suid_server.rb
...
Co-Authored-By: aringo <ringo.aaron@gmail.com >
2018-11-08 22:08:11 -06:00
7feb960d9b
Initial add of Xorg SUID privesc
2018-11-08 22:08:11 -06:00
9dd0f2a5ea
modified to allow unix cmd for testing and other targets not supported, took out interpolation,notes section re-added
...
added notes section back in
2018-11-06 20:45:20 -06:00
dd57b27652
Rename hash to generate_process_hash
...
In the interest of compatibility this uses a more descriptive name for
the process hash creation method instead of overriding ruby's hash method.
See https://docs.ruby-lang.org/en/2.0.0/Hash.html
2018-11-05 17:16:16 -06:00
aff4ef0752
land #10912 moving polycom exploit to misc folder
2018-11-05 16:54:24 -05:00
0c38babb9e
Land #10874 , rm size restriction from pyld_inject
2018-11-05 15:16:40 -06:00
f185c06204
Land 10794, Add support for ms17_010_eternalblue_win8 ProcessName option
...
Merge branch 'land-10794' into upstream-master
2018-11-05 15:08:59 -06:00
7ca2311325
Land #10792 , Add support for ms17_010_eternalblue ProcessName option
...
Merge branch 'land-10792' into upstream-master
2018-11-05 14:19:10 -06:00
1f0941101f
shut up, msftidy
2018-11-05 14:13:33 -06:00
4f2ba46125
Stop some of the rubocop carnage
2018-11-05 14:11:24 -06:00
a32d8083f0
Land #10847 - Add blueimp's jQuery (Arbitrary) File Upload
...
CVE-2018-9206
2018-11-05 11:37:20 -06:00
Julien Legras