adcf45b0ff
Fix the arch in #handle_connection too
...
This fixes an issue with the adated peinject stage which supported both
x86 and x64 via a library that checked its own #arch.
2022-05-27 16:42:14 -04:00
2d0cdc31e3
Set the correct arch in #generate_stage too
2022-05-19 16:30:54 -04:00
9a345052b6
Set the arch while generating
2022-05-19 16:30:52 -04:00
19abce7045
Land #16505 , Fix Lotus Domino Hash Parsing
...
This fixes an issue with the regex that was parsing
Lotus Domino hashes. The fix also changes the
regex to xml parsing
2022-05-19 10:00:36 -04:00
2cbd64b759
Land #16487 , fix deprecation warning in auxiliary/capture/server/mssql as well as updating johntheripper format
2022-05-19 00:40:03 +01:00
e629264678
Check size for compatibility with powershell
2022-05-17 09:28:07 -04:00
879591f686
Land #16499 , Specify peer hostname for SNI
2022-05-16 14:21:57 -04:00
0196b6fa75
Land #16555 , move duplicated retry_until_truthy code into centralized location
2022-05-16 18:31:57 +01:00
db694efd36
Improve relative redirect handling
2022-05-16 12:03:24 +01:00
133b9e307a
Land #16563 , Zyxel Firewall Unauthenticated Command Injection (CVE-2022-30525)
2022-05-13 18:55:30 -05:00
2eb31cf765
Add in edits from review
2022-05-13 15:32:12 -05:00
1fe04caadd
Land #16406 , Create get_bookmarks.rb
...
Merge branch 'land-16406' into upstream-master
2022-05-13 13:42:31 -05:00
1aceb71971
Rename the function to emphasize truthy
2022-05-13 09:16:01 -04:00
739c0fcad1
Specify peer hostname for ssl connections
2022-05-13 13:55:43 +01:00
c0c02e56ba
Land #16430 , Improve kerberos user enum module
2022-05-13 12:17:26 +01:00
6a1fe27406
Land #16442 , add vars_form_data to the HTTP client
2022-05-13 10:53:16 +01:00
934f193dc0
Land #16484 , Add vcenter_forge_saml_token aux module
...
Merge branch 'land-16484' into upstream-master
2022-05-12 17:36:20 -05:00
23f8a0b915
Added Zyxel advisory. Added AKB reference. Used xpath as requested.
2022-05-12 07:17:37 -07:00
f3b23c072f
Added a reference to Rapid7 disclosure
2022-05-12 06:33:27 -07:00
24fa9aabe0
Fixed privilege flag. Swapped 'exploit' for 'command' in a couple of places
2022-05-12 06:24:33 -07:00
d210d2fd2b
Land #16544 , Update ad_to_sqlite to store loot
2022-05-12 13:09:54 +01:00
4af93ecfe2
Updated affected
2022-05-12 03:22:21 -07:00
617b4ae044
Initial commit of Zyxel unauth command injection (CVE=2022-30525)
2022-05-12 01:43:59 -07:00
93334b56ef
Properly credit Azeria and also include blog post at her request
2022-05-11 18:43:27 -05:00
8dbd6f3334
Change default target to 1 so we get benefit of avoiding some timeout issues since Unix Command may still cause server's REST API to time out at times.
2022-05-11 16:43:37 -05:00
196aac6b42
Add in PrependFork and MeterpreterTryToFork options as default to fix timeout issues and potential failure cases due to server not responding
2022-05-11 16:43:36 -05:00
27169c4ae1
Add in missing CmdStager library, add some more attribution, and add in PoC link
2022-05-11 16:43:36 -05:00
6354d7a055
Redo explanation of exploit in documentation to appropriately account for various nuances. Also update exploit title and description accordingly.
2022-05-11 16:43:36 -05:00
1bc2616c19
Update modules/exploits/linux/http/f5_icontrol_rce.rb
...
Co-authored-by: wvu <4551878+wvu@users.noreply.github.com >
2022-05-11 16:43:13 -05:00
208367d735
Improved check method reliability
...
Extra modifications:
- Promote advanced options HttpUsername and HttpPassword
- password is not really necessary, but if one have credential, can
use this module as an exec
- Fixed print statement on check
- Splitted execute_command in two, because we also send a command on the check
methods, however we don't need the checks that are in the execute_command
2022-05-11 16:43:12 -05:00
55163b86d6
Improvements
...
- Change module name and description
- Added author from the PoC
- Added reference
- Added payloads, targets and notes
- Removed headers used during the tests
2022-05-11 16:43:11 -05:00
77f60eb21e
Added module and documentation for f5 icontrol RCE (CVE-2022-1388)
2022-05-11 16:43:00 -05:00
05fcbd803e
Add a new Retry mixin
2022-05-11 15:41:37 -04:00
535a6e752d
Update get_bookmarks.rb
...
style changes made
2022-05-11 14:29:36 -04:00
e4f42d7eaa
Update more modules to use the vars_form_data api
2022-05-11 18:18:21 +01:00
03d658c28d
Update get_bookmarks.rb
...
style changes
2022-05-11 13:14:05 -04:00
606669e7cf
Update modules/post/windows/gather/get_bookmarks.rb
...
Skip symbols for current and parent dir
Co-authored-by: Brendan <bwatters@rapid7.com >
2022-05-11 12:59:47 -04:00
1c934b87b4
Land #16169 , Add sploit for Cisco RV340 SSL VPN - CVE-2022-20699
2022-05-11 10:15:08 -05:00
68fdb103fe
Add in final touch ups to documentation to fix a typo or two for formatting. Also update exploit ranking since this exploit doesn't retrieve version information before exploiting and is not 100% reliable so Excellent ranking isn't appropriate
2022-05-11 09:39:47 -05:00
f5df9b500d
Update to include Internet Explorer
2022-05-10 18:13:22 -04:00
b920c04b75
Land #16548 , Add Powershell Command Adapter
2022-05-10 16:47:57 -05:00
d5fb559e05
Land #16485 , Allow all post-Vista builds
2022-05-10 10:32:09 -04:00
92715c883f
Land #16423 , Add module for exploit CVE-2022-22965
...
Merge branch 'land-16423' into upstream-master
2022-05-10 08:44:06 -05:00
94e1ad3fe5
Update form data api defaults
2022-05-10 14:12:17 +01:00
e48624558a
Set the UUID arch and platform correctly
2022-05-09 11:55:57 -04:00
dd5aee4956
Increase the size of psexec commands
2022-05-09 11:55:57 -04:00
eb03c9f131
Add the powershell adapters
2022-05-09 11:55:57 -04:00
4ad4ca32e8
Fix test alignment
2022-05-09 16:51:20 +01:00
deb163c882
Update ad_to_sqlite to store loot
2022-05-06 21:41:17 +01:00
51f255127e
Land #16531 , Fix login crash for pihole modules
...
Fixes a crash in various Pi-hole modules when login
authentication is required
2022-05-06 14:08:22 -06:00
Spencer McIntyre