3fbe851d71
Update tomcat_ghostcat.rb
2020-11-30 08:33:32 +07:00
4dce7c070b
Update tomcat_ghostcat.rb
2020-11-26 16:24:49 +07:00
a87bc32a5c
Update tomcat_ghostcat.rb
2020-11-19 14:06:05 +07:00
803f3c7bf7
Update tomcat_ghostcat.rb
2020-11-19 09:27:05 +07:00
441c61190b
Update tomcat_ghostcat.rb
2020-11-17 00:00:32 +07:00
41aae4224f
Update tomcat_ghostcat.rb
2020-11-16 22:25:41 +07:00
7d860bb623
Rename modules/exploits/windows/http/tomcat_ghostcat.rb to modules/auxiliary/admin/http/tomcat_ghostcat.rb
2020-11-16 20:57:13 +07:00
30809787c4
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
9bd687edcd
Land #14034 , telpho10_credential_dump: Prevent traversal in untar
2020-08-25 09:35:32 -04:00
39284d4263
align logging line, fix msftidy_docs warning
2020-08-21 14:55:45 -05:00
33524c0cbf
Create cisco_7937g_ssh_privesc.py
2020-08-21 13:40:53 -04:00
37a06756cc
telpho10_credential_dump: Prevent traveral in untar
2020-08-21 15:30:55 +00:00
fdfef2729f
Update documentation and modules to better list the range of versions affected now that we know which versions we can target and the CVE IDs. Also update the firmware links to archive.org links in case they ever get removed which is more common than you think
2020-07-01 13:28:46 -05:00
ddb41d5a50
Update module and documentation with new output from the exploit
2020-07-01 13:28:32 -05:00
3db867e5eb
Futher updates to the module documentation since technically this module doesn't send the packet to UDP port 23 to enable the telnet server.
2020-07-01 13:28:15 -05:00
d1e66c9d9f
Add in rest of the fixes from my updates to the code
2020-07-01 13:27:58 -05:00
79794b32ae
Add in update to denote the timeout and MAC options in the telnetenable module in case this helps fix people's issues.
2020-07-01 13:27:56 -05:00
37f2eb8e9d
Fix up Failure::UNKNOWN check within get_offset()
2020-07-01 13:27:56 -05:00
1e520f27e9
Updating md as per comments
2020-07-01 13:27:32 -05:00
4b29b76f0b
Adding URLs
2020-07-01 13:27:17 -05:00
4a62d473a0
Commit initial files
2020-07-01 13:26:42 -05:00
0af3b57013
Update ibm_drm_download.rb
2020-06-26 11:38:29 +07:00
b42f99b652
Add IBM links to download module
2020-06-26 11:24:12 +07:00
33e35bae7c
Add descriptions to auxiliary modules Actions
...
And a little formatting
Closes #13403
Update modules/auxiliary/admin/android/google_play_store_uxss_xframe_rce.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/admin/backupexec/dump.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/admin/http/arris_motorola_surfboard_backdoor_xss.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/dos/android/android_stock_browser_iframe.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/admin/tikiwiki/tikidblib.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/server/capture/smb.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/server/capture/telnet.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/server/capture/vnc.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/server/fakedns.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/server/tftp.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/dos/http/gzip_bomb_dos.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/dos/http/ibm_lotus_notes.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/dos/http/ibm_lotus_notes2.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/dos/http/webkitplus.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/dos/windows/browser/ms09_065_eot_integer.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/example.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/gather/android_browser_file_theft.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/gather/apple_safari_ftp_url_cookie_theft.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/gather/android_browser_new_tab_cookie_theft.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/gather/apple_safari_webarchive_uxss.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/gather/browser_lanipleak.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/gather/firefox_pdfjs_file_theft.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/gather/flash_rosetta_jsonp_url_disclosure.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/gather/samsung_browser_sop_bypass.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/server/capture/http.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/server/capture/http_basic.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/server/capture/http_ntlm.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/server/http_ntlmrelay.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/server/socks4a.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/server/socks5.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/server/capture/sip.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/server/capture/postgresql.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/server/local_hwbridge.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/server/webkit_xslt_dropper.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/server/socks_unc.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/client/iec104/iec104.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/gather/browser_info.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/server/capture/drda.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/server/capture/ftp.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/server/capture/mssql.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/server/capture/mysql.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/server/capture/pop3.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/server/dns/spoofhelper.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/server/capture/printjob_capture.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update description following Actions removal
Update modules/auxiliary/gather/browser_info.rb
Update modules/auxiliary/gather/browser_info.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/gather/browser_info.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
2020-05-17 14:51:14 -05:00
04e263f305
Add auxiliary/admin/http/ibm_drm_download action
2020-05-07 08:03:28 -05:00
227347627c
Address review comments
...
Update documentation/modules/auxiliary/admin/http/ibm_drm_download.md
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update documentation/modules/auxiliary/admin/http/ibm_drm_download.md
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update documentation/modules/auxiliary/admin/http/ibm_drm_download.md
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/admin/http/ibm_drm_download.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
final changes!
Update modules/auxiliary/admin/http/ibm_drm_download.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/admin/http/ibm_drm_download.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/admin/http/ibm_drm_download.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/admin/http/ibm_drm_download.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/admin/http/ibm_drm_download.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/admin/http/ibm_drm_download.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/admin/http/ibm_drm_download.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
Update modules/auxiliary/admin/http/ibm_drm_download.rb
Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com >
final final
Update ibm_drm_download.md
change date to ISO
really fix the date now
2020-05-05 10:56:40 -05:00
9fe684e5d5
break into smaller chunks
2020-05-05 10:15:55 +07:00
9020e2e391
add full disclosure url
2020-05-01 21:01:26 +07:00
8e20cf94be
got me refs wrong m8
2020-05-01 13:48:02 +07:00
37eecbc01f
fix eol spaces
2020-05-01 13:29:50 +07:00
fc50e21251
add cve
2020-05-01 10:17:57 +07:00
81b678b271
remove CVE for merge, will add later
2020-04-30 11:15:43 +07:00
75c9cf5c80
Update ibm_drm_download.rb
2020-04-28 14:12:53 +07:00
bf3fff677e
and rubocop the file download module too
2020-04-24 10:24:39 +07:00
13c4d50c2c
Create ibm_drm_download.rb
2020-04-21 15:53:12 +07:00
b89744cef2
Land #12145 , add a module to generate grafana cookies
2020-04-20 09:21:01 -04:00
c9bfcf2240
Make VERSION an OptEnum and clean up whitespace
2020-04-20 09:20:55 -04:00
a4507bbfc6
requested changes
2020-04-19 19:53:33 +02:00
8489bcdfd9
This fixes broken links to the community.rapid7.com blog
...
Performed mechanically with sed, spot-checked that the new blog can consume these links.
2020-02-18 09:06:11 -06:00
905eb17132
begining to fix spelling errors
2019-10-05 14:26:34 -04:00
a587668b9e
Remove Default targets from aux modules
2019-09-24 12:15:43 +01:00
134765dc40
Remove targets from aux modules
2019-09-23 15:29:38 +01:00
32334c2386
Update all module splats from http:// to https://
2019-08-15 18:10:44 -05:00
dee7e9d690
moved module to another directory
2019-08-15 11:01:53 +02:00
5e45c3e469
Recoded the tool to a scanner.
2019-08-14 13:32:11 +02:00
02d0e36d2a
No shows all vulnerable version and covers some edge cases
2019-08-01 08:06:36 +02:00
790f388fb3
I want to contribute a module for generating remember cookies for grafana instances where ldap or oauth is used.
...
These cookies can be used for authentication bypass, like its explained here:
https://github.com/u238/grafana-CVE-2018-15727
https://grafana.com/blog/2019/04/29/grafana-5.4.4-and-6.1.6-released-with-important-security-fix/
The module takes a username and generates a bad salted cookie.
It also takes one of these cookies to decrypt the username out of it.
Both cookies has to be set where as an existing session cookie should have been deleted before getting access.
I wrote it in python since I had a lot of different results while calculating this task comparing the go and ruby crypto libraries.
2019-07-31 18:59:00 +02:00
501a9109a5
Fix and refactor check method
2019-07-12 20:29:43 -05:00
2bc2b88ee6
vprint and quotes
2019-07-12 14:37:34 -05:00
be5f15a245
Add @h00die and @bcoles changes
2019-07-12 12:46:13 -05:00
SunCSR Team