3922844650
ninja style changes
2018-01-23 16:34:49 -06:00
685a950077
Land #9114 , Add module for Kaltura <= 13.1.0 RCE (CVE-2017-14143)
...
Merge branch 'land-9114' into upstream-master
2018-01-23 12:35:59 -06:00
5684b9ed7c
Readd dropped return during refactoring
2018-01-23 10:12:15 -06:00
d3b3946669
Use Msf::Post::File#setuid? in setuid_nmap
2018-01-23 02:05:26 -06:00
aae77fc1a4
Land #9349 , GoAhead LD_PRELOAD CGI Module
2018-01-22 23:10:36 -06:00
621868b7fb
Add CVE numbers
2018-01-23 11:26:39 +07:00
d1569f8280
Land #9413 , Expand the number of class names searched when checking for an exploitable JMX server
2018-01-22 16:49:01 -06:00
682c915a09
Land #9267 , Add targets to sshexec
2018-01-22 09:59:48 -06:00
b734af4e79
Add my advisory URL
2018-01-22 22:00:48 +07:00
c1fe355329
Create exploit for AsusWRT LAN RCE
2018-01-22 21:44:02 +07:00
c7d3b5dfbb
Update payload and disable check functionality
...
The check functionality is broken as MSF cannot handle HttpServer and HttpClient at this time.
The payloads were updated to ensure CVE-2017-10271 is being exploited instead of CVE-2017-3506 as explained on https://blog.nsfocusglobal.com/threats/vulnerability-analysis/technical-analysis-and-solution-of-weblogic-server-wls-component-vulnerability/
2018-01-18 13:26:44 -05:00
4c11eae774
Maybe that timeout is needed.....
2018-01-17 13:21:36 -06:00
35bec8d3cd
Fixed classes names and added RMI interfaces
2018-01-17 17:10:36 +01:00
d345008b20
Added all the classes that implement RMI server
2018-01-17 17:03:32 +01:00
f439edfa1a
Fixes by the fabled wvu
2018-01-17 08:20:52 -06:00
5e11d36351
Add ABRT raceabrt Privilege Escalation module
2018-01-16 14:52:33 +00:00
1c156c3d3c
Add powershell payload to module
2018-01-16 14:30:02 +00:00
4ade798cef
Fix check for juju-run path
2018-01-16 07:19:48 +00:00
aa9b5e4419
Sync Breeze Enterprise Import Command
2018-01-15 20:46:40 +00:00
2f9eebe28b
remove plugin dir
2018-01-15 14:48:59 +01:00
dfb9941e95
Fix java_jmx_server exploit
...
Add test case when discovering RMI endpoint as the previous one was not complete
2018-01-15 12:13:09 +01:00
333ee893d3
Tidied up platform detection, check method, and minor typos.
2018-01-14 18:28:40 +00:00
e1cbe4e906
Rename apport_chroot_priv_esc to apport_abrt_chroot_priv_esc
2018-01-14 08:33:43 +00:00
c234d0523a
Add support for abrt on Fedora
2018-01-14 08:33:10 +00:00
c94763bfe0
Add Juju-run Agent Privilege Escalation module
2018-01-14 05:57:17 +00:00
6568d29b67
Add BMC Server Automation RSCD Agent RCE exploit module.
2018-01-14 01:12:55 +00:00
2f3e3b486a
Use cross-compiled exploit
2018-01-13 05:44:42 +00:00
842736f7b1
register_dir_for_cleanup
2018-01-12 14:21:43 +00:00
488f27bf76
Small Typo
2018-01-12 07:05:30 -05:00
8bbffd20cd
Add Apport chroot Privilege Escalation exploit
2018-01-12 07:25:35 +00:00
04e4ff6b3c
Use stop_service to avoid cleanup overload
2018-01-11 19:14:26 -05:00
40f54df129
Feedback updates
2018-01-11 18:54:58 -05:00
172ffdfea1
Use geturi instead of building it ourselves
2018-01-11 18:27:56 -05:00
e6c4fb1dab
Land #9269 , Add a new target for Sync Breeze Enterprise GET BoF
...
Land #9269
2018-01-11 16:54:23 -06:00
f395e07fc6
Land #9269 , add new target for Sync Breeze Enterprise GET BoF
...
Land #9269
2018-01-11 16:53:02 -06:00
d4056e72da
Lower the default timeout for CHECK
2018-01-11 17:38:30 -05:00
3617a30e34
Add URIPATH random URI
2018-01-11 17:33:14 -05:00
a28d4a4b5b
Add check and update for some style considerations
2018-01-11 17:28:09 -05:00
0d9a40d2e5
Use target['Platform'] instead of target_platform
2018-01-11 15:44:07 -05:00
c490d642e2
Was missing a comma
2018-01-11 09:42:24 -05:00
3132566d8f
Fix OptFloat error
2018-01-11 09:22:16 -05:00
c05b440f26
Fix additional feedback
...
This
* uses ternary operators
* uses an `RPORT` option shortcut
* removes the `xml_payload` variable and instead more explicitly uses the method directly
* Uses `OptFloat` for the timeout option to allow partial seconds
2018-01-11 08:17:13 -05:00
6510ee53bc
Land #9204 , Add exploit for Samsung SRN-1670D (CVE-2017-16524)
...
Land #9204
2018-01-10 20:15:29 -06:00
18c179a091
Update module and add documentation
...
This updates the module to pass:
* msftidy
* Ruby style guidelines
* Proper usage of Metasploit API
* Mostly other cosmetic fixes
A documentation is also added.
2018-01-10 20:13:42 -06:00
7e2c7837e5
Land #9325 , Add CVE-2017-6090 phpCollab 2.5.1 file upload exploit module
...
Land #9325
2018-01-10 17:39:50 -06:00
b1f3f471f3
Update phpcollab_upload_exec code (also module documentation)
2018-01-10 17:38:52 -06:00
dd737c3bc8
Land #9317 , remove multiple deprecated modules
...
Land #9317
The following modules are replaced by the following:
auxiliary/scanner/discovery/udp_probe
is replaced by:
auxiliary/scanner/discovery/udp_sweep
exploit/unix/webapp/wp_ninja_forms_unauthenticated_file_upload
is replaced by:
exploit/multi/http/wp_ninja_forms_unauthenticated_file_upload
exploit/windows/misc/regsvr32_applocker_bypass_server
is replaced by:
exploits/multi/script/web_delivery
2018-01-10 15:47:20 -06:00
8d77f35b16
Land #9373 , Add LabF nfsAxe FTP Client 3.7 Stack Buffer Overflow
...
Land #9373
2018-01-09 22:40:50 -06:00
25280e3319
Update labf_nfsaxe and module documentation
2018-01-09 22:39:40 -06:00
777e383568
Land #9377 , Add HPE iMC dbman RestoreDBase Unauthenticated RCE exploit
...
Land #9377
2018-01-09 13:56:53 -06:00
bwatters-r7