ae0f94beb7
Addressed all commit suggestions
2022-10-09 15:49:58 +00:00
462b80cf6f
Update modules/auxiliary/gather/hikvision_info_disclosure_cve_2017_7921.rb
...
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com >
2022-10-09 14:59:59 +04:00
2b4785915d
Update modules/auxiliary/gather/hikvision_info_disclosure_cve_2017_7921.rb
...
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com >
2022-10-09 14:59:40 +04:00
7bae00975a
Update modules/auxiliary/gather/hikvision_info_disclosure_cve_2017_7921.rb
...
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com >
2022-10-09 14:59:23 +04:00
c280e2d57b
Update modules/auxiliary/gather/hikvision_info_disclosure_cve_2017_7921.rb
...
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com >
2022-10-09 14:59:08 +04:00
c1dd09771f
Update modules/auxiliary/gather/hikvision_info_disclosure_cve_2017_7921.rb
...
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com >
2022-10-09 14:58:36 +04:00
afb87ee87d
Update modules/auxiliary/gather/hikvision_info_disclosure_cve_2017_7921.rb
...
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com >
2022-10-09 14:58:28 +04:00
b37c26da87
Update modules/auxiliary/gather/hikvision_info_disclosure_cve_2017_7921.rb
...
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com >
2022-10-09 14:58:15 +04:00
b11dbc90a9
Update modules/auxiliary/gather/hikvision_info_disclosure_cve_2017_7921.rb
...
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com >
2022-10-09 14:58:04 +04:00
cbab556e7d
Update modules/auxiliary/gather/hikvision_info_disclosure_cve_2017_7921.rb
...
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com >
2022-10-09 14:57:54 +04:00
784393e41e
Update modules/auxiliary/gather/hikvision_info_disclosure_cve_2017_7921.rb
...
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com >
2022-10-09 14:57:45 +04:00
11f5cff45d
Update modules/auxiliary/gather/hikvision_info_disclosure_cve_2017_7921.rb
...
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com >
2022-10-09 14:57:30 +04:00
316c3f5302
Update modules/auxiliary/gather/hikvision_info_disclosure_cve_2017_7921.rb
...
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com >
2022-10-09 14:57:17 +04:00
a14ded588b
Update modules/auxiliary/gather/hikvision_info_disclosure_cve_2017_7921.rb
...
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com >
2022-10-09 14:57:04 +04:00
7ae0f552f3
init commit module and documentation
2022-10-02 19:47:47 +00:00
a48c2d9e72
Land #17033 , hikvision password reset via inproper authorization logic - CVE-2017-7921
2022-09-23 15:01:04 -05:00
0908006466
Land #16985 , wifi mouse rce - CVE-2022-3218
2022-09-23 14:46:49 -05:00
828cdb8862
Fix a typo
2022-09-23 14:20:18 -05:00
b62f163696
Update documentation on module and exploit a little more to make things a bit clearer
2022-09-23 14:08:18 -05:00
2958a43a6a
Update to reflect fact that bug is an improper authentication logic bug and to randomize password for auth parameter since it is ignored
2022-09-23 12:19:29 -05:00
2b5e85cd27
Land #17012 , Veritas Backup Agent RCE
...
This module exploits a chain of the vulnerabilities CVE-2021-27876,
CVE-2021-27877 and CVE-2021-27878 in Veritas Backup Exec Agent which
leads to remote code execution with privileges of system or root user
2022-09-23 12:31:46 -04:00
edc37835e5
Add more nil checks in, update some of the check code to catch an edge case, update notes to account for indicators of compromise, and fix some extra issues noticed on second round of review
2022-09-23 09:38:35 -05:00
9abe1649ff
Sanitize XML data prior to adding it to the XML POST request and also change the ID option to an integer from a string to match expectations
2022-09-23 09:38:35 -05:00
3ca34568c2
Clean up some of the documentation and module code and descriptions
2022-09-23 09:38:12 -05:00
37caf6dae5
removed exploit information from info section
2022-09-23 09:38:11 -05:00
a4a12d06bc
improved error handling
2022-09-23 09:38:10 -05:00
5ed7ff7f52
init commit module and documentation
2022-09-23 09:38:05 -05:00
425d58dd15
fix check methos output in Veritas BE rce
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2022-09-23 09:46:52 +03:00
04c897dbeb
Fix description info Veritas BE RCE
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2022-09-23 09:45:18 +03:00
a8210bfe70
add autocheck to veritas BE RCE
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2022-09-23 09:44:39 +03:00
5e2a6c9dba
Land #17015 , improve http login result checks
2022-09-23 01:28:59 +01:00
dd11156922
add new reference to bitbucket module
2022-09-22 16:14:18 -05:00
96d291121b
use model validator instead of setup check
2022-09-22 14:49:09 -05:00
c74f480177
Land #17049 , enum_domain_group_users module clean up
2022-09-22 17:51:12 +01:00
0029628db8
Land #17051 , wmic_command module cleanup
2022-09-22 16:17:33 +01:00
12f3325f3e
Land #16732 , VIDIdial Multiple SQLi
...
This PR adds a module which exploits several
authenticated sqli in VICIdial
2022-09-22 10:47:42 -04:00
ce48afd0db
wmic_command: Cleanup
2022-09-23 00:25:13 +10:00
9eab7eadab
enum_domain_group_users: Cleanup
2022-09-22 17:05:19 +10:00
6d608ea41e
vicidial sqli module docs update
2022-09-21 16:57:18 -04:00
32402c0e6d
wifi mouse doc updates
2022-09-21 16:35:08 -04:00
415383b48d
Land #17042 , Add exploit for CVE-2022-36804
2022-09-21 13:07:32 -04:00
8d2b182c7b
add cmd stager flavors and bad characters
2022-09-21 10:54:32 -05:00
77d1328c43
add module description
2022-09-21 08:38:18 -05:00
4943d86ec6
Land #16989 , Unified Remote RCE
2022-09-21 14:06:33 +02:00
34a6671c2d
update module to support auth & additional target
2022-09-20 18:45:14 -05:00
9e6c172dd4
unified remote review
2022-09-20 16:44:05 -04:00
98aea3f2ae
Land #17002 , Msf::Post::Windows: Replace load_extapi with ExtAPI capability check
2022-09-20 13:29:45 -05:00
3366179697
Add in guard clauses to wmic_command to handle sessions without sysinfo available.
2022-09-20 13:09:36 -05:00
9738f23b51
add cmdstager
2022-09-20 10:37:10 -05:00
bd4a062e5f
Land #17023 , Fix #16999 by using a compatible default action
2022-09-19 17:33:01 -05:00
h00die-gr3y