60faddebbf
Update authors with sinn3r
2018-07-25 14:35:09 -05:00
8f89275df8
authenticating to WordPress
2018-07-25 14:22:24 -05:00
efacaef9df
Clamp compatible payloads until we know better
2018-07-25 14:14:15 -05:00
86d634cb64
Update module for MVP
2018-07-25 12:01:36 -05:00
668bcb38cb
metadata setup
2018-07-25 11:29:47 -05:00
f5ccdcfcd2
Net SSH CommandStream fixes implemented
...
* Net::SSH::CommandStream typos fixed
* Net::SSH::CommandStream cleanup made more robust and refactored
* require 'net/ssh/command_stream' added to various modules
2018-07-25 11:22:28 -05:00
19239c72c0
Update cmsms_upload_rename_rce check and docs
2018-07-19 18:26:42 +00:00
28e3f3a5f0
Land #10327 , Add CMS Made Simple Upload/Rename Authenticated RCE
2018-07-19 12:18:12 -05:00
c5ac4c791f
Make changes based on community feedback
2018-07-19 12:17:02 -05:00
6173305776
Update author fields
2018-07-19 01:25:59 -04:00
08290b81c0
Land #10282 , Add support for running external modules outside of msfconsole
2018-07-18 17:38:40 -05:00
b90583d07c
don't throw an exception in haraka checks if we cannot connect
2018-07-18 17:17:45 -05:00
0024cca3bf
Land #10328 , Log errors in Python ETERNALBLUE
2018-07-18 14:50:40 -05:00
70a1df70a1
Land #9753 , Linux BPF sign extension local privesc
2018-07-18 18:44:14 +08:00
b481855c87
Add vlc_mkv exploit module
2018-07-18 03:40:09 -04:00
08e33cad0c
Spelling fix
2018-07-17 20:12:37 -05:00
20905d1ca1
Fix syntax error
2018-07-17 18:48:07 -05:00
a24666a00a
msftidy fixes
2018-07-17 18:28:33 -05:00
e5efa4faac
Make failures consistent
2018-07-17 17:35:52 -05:00
96f9e60e84
Swap return for sys.exit(1)
2018-07-17 17:25:38 -05:00
09d347ca33
Add missed sys.exit(1)
2018-07-17 16:31:57 -05:00
e1be94e568
Pass RPORT to sess_port in Impacket
2018-07-17 13:49:38 -05:00
0bdaa0e23a
Catch connection errors and module.log them
2018-07-17 13:49:34 -05:00
677b22698d
Land #10273 , [clean up] iis_webdav_scstoragepathfromurl
2018-07-17 09:33:32 -05:00
1e004769ca
CMS Made Simple Upload/Rename Authenticated RCE
2018-07-17 09:00:39 -05:00
703f94d981
Check that /etc/rc.local is writeable
2018-07-17 12:52:51 +02:00
97e89cf3bb
Cleanup rc_local patching code
2018-07-17 12:49:55 +02:00
df32ab674d
Fix newline bad character
2018-07-17 12:48:26 +02:00
6bf184dbcf
Update tested versions
2018-07-17 06:24:16 +00:00
9a7c34e6e9
Land #10064 , Claymore Dual Miner API RCE
2018-07-16 18:02:20 -05:00
7df20539af
Fix msftidy
2018-07-16 11:55:37 +02:00
c84eb9fee9
Handle file patching on framework side
2018-07-16 11:54:37 +02:00
4f137f2f3f
rc.local persistence
2018-07-16 09:34:03 +02:00
134417b598
Account for nil
2018-07-14 10:44:09 -05:00
6e450973b9
Land #10295 , Add QNAP Q'Center change_passwd Command Execution exploit
2018-07-14 10:09:46 -05:00
18e65abc54
Fix link
2018-07-14 10:03:01 -05:00
9bdec97b2e
Fix bpf_sign_extension_priv_esc
2018-07-13 23:01:17 +00:00
4e72dff791
Update module references
2018-07-14 05:03:13 +10:00
b40a146723
Land #10297 , Add priv escalation mod for CVE-2018-8897
2018-07-13 10:54:25 -05:00
f33d12676f
Added License, make msftidy happy, and include original cve project
...
readme document.
2018-07-13 10:19:41 -05:00
4fa2a4775d
Update the target check and added cleanup
2018-07-13 09:27:41 -05:00
9ba0a72ea1
Rename file
2018-07-13 01:11:37 -05:00
e1e8444188
Clean up ruby code for CVE-2018-8897
2018-07-13 01:06:21 -05:00
a020d48caf
Move module documentation to documentation directory
2018-07-13 04:46:25 +00:00
f02c05e530
This one is the same as cve_2018_8897_exe.rb
2018-07-12 22:09:44 -05:00
c9001699cd
Land #10027 , Hadoop unauthed command execution
2018-07-12 21:58:49 -05:00
50252c75d6
Clean up module
...
With a little rubocop -a.
2018-07-12 21:58:00 -05:00
2f37482535
Land #10278 , gitlist_arg_injection fixes
2018-07-12 19:03:52 -05:00
9080b38dcc
Add Axis camera exploit (VDOO research)
2018-07-12 18:46:49 -05:00
e613b2570a
Land #10299 , Add 88 CVEs to various auxiliary and exploit modules
2018-07-12 18:26:07 -05:00
William Vu