 remmons-r7
|
7fdff871e4
|
Add Ruby module for CVE-2024-24919
|
2024-05-31 14:29:38 -05:00 |
|
|
alanfoster
|
562e1dc453
|
Add osx aarch64 bind tcp payload
|
2024-05-31 18:21:24 +01:00 |
|
|
alanfoster
|
7955381de5
|
Add osx aarch64 shell reverse tcp payload
|
2024-05-31 18:05:15 +01:00 |
|
|
alanfoster
|
dbeeadefc7
|
Add osx aarch64 exec payload
|
2024-05-31 17:51:38 +01:00 |
|
|
adfoster-r7
|
1281f4726f
|
Land #19209, update fileformat modules to show the default template datastore values
|
2024-05-31 15:12:48 +01:00 |
|
|
Jack Heysel
|
80ee458410
|
Land #19151, Add Flowmon Priv Esc Feature Module
Privilege escalation module for Progress Flowmon unpatched feature
|
2024-05-29 11:35:53 -04:00 |
|
|
Zach Goldman
|
847b29178a
|
change nil guards to default values, nil or blank guards for certain datastore options
|
2024-05-29 09:34:58 -05:00 |
|
|
Jack Heysel
|
cc7aeb4364
|
Fix module cleanup
|
2024-05-29 08:39:06 -04:00 |
|
|
Jack Heysel
|
72f332aba0
|
Land #19150, Add Flowmon Command Injection Module
Unauthenticated Command Injection Module for Progress Flowmon
CVE-2024-2389
|
2024-05-29 08:28:37 -04:00 |
|
|
Jack Heysel
|
e57f4d3cb5
|
Change xml to html in get_html_document
|
2024-05-28 16:29:55 -04:00 |
|
|
Christophe De La Fuente
|
f274c46bd2
|
Land #19103, jasmin ransomware sqli and dir travers (CVE-2024-30851)
|
2024-05-27 11:23:42 +02:00 |
|
|
Jack Heysel
|
2c6fc11639
|
Responded to comments, clean up /etc/sudoers file
|
2024-05-23 16:56:35 -04:00 |
|
|
Jack Heysel
|
a0597007e4
|
Minor fixes, respond to comments
|
2024-05-23 14:02:28 -04:00 |
|
|
Dave Yesland
|
1b55b6512f
|
Rubocop fixes
|
2024-05-22 12:43:27 -07:00 |
|
|
Dave Yesland
|
b3bc4a6c68
|
Update progress_flowmon_sudo_privesc_2024.rb
|
2024-05-21 13:48:20 -07:00 |
|
|
Dave Yesland
|
de99a74540
|
Update modules/exploits/linux/local/progress_flowmon_sudo_privesc_2024.rb
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
|
2024-05-21 13:45:36 -07:00 |
|
|
Dave Yesland
|
5a60a9a3d9
|
Update modules/exploits/linux/local/progress_flowmon_sudo_privesc_2024.rb
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
|
2024-05-21 13:42:43 -07:00 |
|
|
Dave Yesland
|
a517a218ab
|
Update modules/exploits/linux/local/progress_flowmon_sudo_privesc_2024.rb
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
|
2024-05-21 13:41:44 -07:00 |
|
|
Dave Yesland
|
90a0be67b6
|
Update modules/exploits/linux/local/progress_flowmon_sudo_privesc_2024.rb
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
|
2024-05-21 13:39:54 -07:00 |
|
|
Dave Yesland
|
1ddc60b185
|
Update modules/exploits/linux/local/progress_flowmon_sudo_privesc_2024.rb
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
|
2024-05-21 13:39:44 -07:00 |
|
|
Jack Heysel
|
6e9e4a5aed
|
Land #19102, Northstar C2 Stored XSS to Agent RCE
Add exploit module for CVE-2024-28741, Northstar C2 Stored XSS to Agent
RCE
|
2024-05-21 14:57:44 -04:00 |
|
|
Jack Heysel
|
10acd86390
|
Land #19071, Add AVideo RCE module
Add module for CVE-2024-31819 which exploits an LFI in AVideo which uses
PHP Filter Chaining to turn the LFI into unauthenticated RCE
|
2024-05-21 14:27:15 -04:00 |
|
|
adfoster-r7
|
6d2041b1cb
|
Fix crashing mipsle modules
|
2024-05-21 12:52:12 +01:00 |
|
|
cgranleese-r7
|
67154a12e0
|
Land #19104, CHAOS rat xss to rce
|
2024-05-21 11:10:57 +01:00 |
|
|
bwatters
|
f8c69e434d
|
Land #19173, Add CarotDAV FTP PackRat module
Merge branch 'land-19173' into upstream-master
|
2024-05-17 16:49:33 -05:00 |
|
|
bwatters
|
8a68eebbf6
|
Land #19171, Add Sylpheed Email PackRat module
Merge branch 'land-19171' into upstream-master
|
2024-05-17 10:39:56 -05:00 |
|
|
Jacob
|
175e16a29a
|
Removed unused regex search
Co-authored-by: cgranleese-r7 <69522014+cgranleese-r7@users.noreply.github.com>
|
2024-05-17 09:59:20 -05:00 |
|
|
Jacob
|
a8f1d35773
|
Re-structured artifact enumeration option
Co-authored-by: cgranleese-r7 <69522014+cgranleese-r7@users.noreply.github.com>
|
2024-05-17 09:59:20 -05:00 |
|
|
-Pink-Panther
|
39630f1d2b
|
Added post module for Adi IRC Client
|
2024-05-17 09:58:23 -05:00 |
|
|
adfoster-r7
|
25a1318052
|
Land #19170, Refactor smb lookupsid module
|
2024-05-17 13:43:52 +01:00 |
|
|
sjanusz-r7
|
34ab7d97b2
|
Follow MS-LSAD and MS-LSAT spec for LSARPC & LookupSids
|
2024-05-17 10:59:37 +01:00 |
|
|
sjanusz-r7
|
138a553b36
|
Add support for configurable RPORT, session & default rports to lookupsid
|
2024-05-17 10:59:37 +01:00 |
|
|
sjanusz-r7
|
d569077564
|
Refactor smb_lookupsid module to use RubySMB
|
2024-05-17 10:59:37 +01:00 |
|
|
Jacob
|
6de0048354
|
Removed unused regex search
Co-authored-by: cgranleese-r7 <69522014+cgranleese-r7@users.noreply.github.com>
|
2024-05-16 19:15:00 -05:00 |
|
|
-Pink-Panther
|
d08247776c
|
Re-arranged Author list
|
2024-05-16 19:12:54 -05:00 |
|
|
-Pink-Panther
|
cf15b1f858
|
Added post module for Quassel IRC Client
|
2024-05-16 19:12:54 -05:00 |
|
|
bwatters
|
d54b3920b2
|
Land #19165, Add Halloy IRC PackRat module
Merge branch 'land-19165' into upstream-master
|
2024-05-16 16:59:47 -05:00 |
|
|
Chocapikk
|
da31761336
|
Lint
|
2024-05-15 22:13:53 +02:00 |
|
|
Valentin Lobstein
|
3900680a96
|
Update modules/exploits/multi/http/avideo_wwbnindex_unauth_rce.rb
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
|
2024-05-15 22:07:45 +02:00 |
|
|
Valentin Lobstein
|
c815c2b15c
|
Update modules/exploits/multi/http/avideo_wwbnindex_unauth_rce.rb
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
|
2024-05-15 22:07:19 +02:00 |
|
|
Valentin Lobstein
|
7d2c06a246
|
Update modules/exploits/multi/http/avideo_wwbnindex_unauth_rce.rb
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
|
2024-05-15 22:07:04 +02:00 |
|
|
Valentin Lobstein
|
cd10c2d208
|
Update modules/exploits/multi/http/avideo_wwbnindex_unauth_rce.rb
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
|
2024-05-15 22:06:53 +02:00 |
|
|
Dean Welch
|
0cea2cba75
|
Add guard clause to not print out session info unless the session is enabled
|
2024-05-15 15:12:51 +01:00 |
|
|
Dean Welch
|
7cdea94000
|
Convert ldap modules to use the new ldap session type
|
2024-05-15 15:12:51 +01:00 |
|
|
Dean Welch
|
e693b9588c
|
Update ldap modules to support an ldap session
|
2024-05-15 15:12:51 +01:00 |
|
|
Dean Welch
|
55cb49c60e
|
Add back in useful base dn discovery print out
|
2024-05-15 15:12:51 +01:00 |
|
|
Dean Welch
|
df32ce2db9
|
Add ldap query support to the ldap session
|
2024-05-15 15:12:51 +01:00 |
|
|
Dean Welch
|
9e4f958af7
|
keep ldap connection open for use in a session
|
2024-05-15 15:12:51 +01:00 |
|
|
Dean Welch
|
3cedb20f75
|
Add initial ldap session support
|
2024-05-15 15:12:51 +01:00 |
|
|
Jacob
|
7a33970ef8
|
Re-structured artifact enumeration option
Co-authored-by: cgranleese-r7 <69522014+cgranleese-r7@users.noreply.github.com>
|
2024-05-15 14:58:51 +01:00 |
|