27f5a789c9
rework the exploit to use the new MIPS64 fetch payload adapters. Removed the seperate command and dropper targets in favor of a single default target which can do both thanks to fetch payloads. Removed the redundant IO select() call which was bad copy pasta on my part.
2023-06-09 09:47:57 +01:00
a1528556e0
Merge branch 'rapid7:master' into CVE-2023-28771
2023-06-09 09:42:19 +01:00
a1e930397a
Land #18072 , Add CVE-2023-1133 - .NET Deserialization exploit for Delta Electronics InfraSuite Device Master
2023-06-08 08:42:07 -05:00
74dd134783
add options in scenarios output
2023-06-07 17:15:28 -05:00
4465582fee
Add in link to archived version of the installer
2023-06-07 16:51:01 -05:00
2738906f87
Update documentation/modules/exploit/windows/misc/delta_electronics_infrasuite_deserialization.md
...
Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com >
2023-06-07 16:41:44 -05:00
54649fb856
Update documentation/modules/exploit/windows/misc/delta_electronics_infrasuite_deserialization.md
...
Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com >
2023-06-07 16:41:37 -05:00
4377ff037a
Update documentation/modules/exploit/windows/misc/delta_electronics_infrasuite_deserialization.md
...
Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com >
2023-06-07 16:41:28 -05:00
60c642bcd0
Update documentation/modules/exploit/windows/misc/delta_electronics_infrasuite_deserialization.md
...
Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com >
2023-06-07 16:41:19 -05:00
82c8b5418e
Land #17936 , PaperCutNG Authentication Bypass with RCE
2023-06-07 15:05:51 +02:00
991b9604e5
Add options to the documentation
2023-06-07 15:05:12 +02:00
3b53966caa
add installation steps
2023-06-06 12:14:14 -05:00
a03603d076
Documentation linting.
2023-06-06 15:35:20 +00:00
5f7ae883f8
add documentation
2023-06-05 17:38:58 -05:00
f7d2cdae56
Add in ability to restore settings n documentation changes.
...
Previously there was not the ability to restore the server proxy setting.
This updates the code to do so. Additionally this also updates the documentation
to note that Fetch payloads are incompatible with this module since they
use HTTP connections that will be impacted by this module changing the server's
HTTP proxy settings. There is no way around this.
2023-06-02 09:48:03 -05:00
965311d09e
Fix documentation and fix bug in creating PARMS value
2023-06-02 09:48:02 -05:00
8577f21e52
Add in documentation and updated code
2023-06-02 09:48:01 -05:00
9e38ed4459
Land #17929 , Linux sudoedit LPE (CVE-2023-22809)
...
Linux sudoedit priv esc (CVE-2023-22809)
2023-05-23 09:30:18 -04:00
6b101b5a4d
make rubocop happy
2023-05-22 18:03:58 +01:00
6c88e85d02
Land #17993 , add invscout RPM privesc
2023-05-17 18:56:42 -05:00
0bc1fdf51d
Add invscout RPM Privilege Escalation
2023-05-17 20:17:55 +10:00
459cf871cb
Land #17979 , Add exploit for Ivanti Avalanche file upload - CVE-2023-28128
2023-05-16 09:19:33 -05:00
ea988f0c78
Add more documentation on how to set the target up based on my own experience and so that we have a backup in case the link to external documentation breaks
2023-05-12 14:27:39 -05:00
cf5f90ac4f
Minor updates to documentation to tidy things up a bit
2023-05-11 16:48:16 -05:00
722de33b6f
address feedback, use cleanup to restore path
...
fix bug where if config restore failed, module would
output that it was both a failure and a success
add akb topic as reference
2023-05-11 13:20:25 -05:00
020ee7ca5c
Land #17964 - Pentaho Business Server Auth Bypass and SSTI - CVE-2022-43769 and CVE-2022-43939
2023-05-11 09:28:55 -05:00
c43eaf86bc
Adding documentation.
2023-05-11 05:09:35 +00:00
9f6a1c18a1
Minor updates to fix URLs, disclosure date, description, and minor gramatical things
2023-05-10 18:22:00 -05:00
9f0a6503b7
require.js is not the only way, account for this new discovery in code
2023-05-10 13:02:02 -05:00
5d4e68d36c
Add Metasploit payload example and remove message that may suggest successful exploitation occurred even when it didn't
2023-05-10 10:36:29 -05:00
1b8f1de7c8
Add in fixes from review, add archive of software, and use uri_encode_mode for encoding parameters.
2023-05-10 10:16:08 -05:00
a485a786ef
Land #17881 , Zyxel chained RCE using LFI and weak password derivation algorithm
2023-05-10 11:49:51 +02:00
07056a74bc
Pentaho Business Server Auth Bypass and SSTI
2023-05-09 14:24:51 -05:00
d60843f0eb
name versions that are vulnerable
2023-05-09 09:16:42 -05:00
08a79a2f4e
add documentation
2023-05-08 17:42:23 -05:00
f773d348e1
Add in notes about reliability of the module, and also add documentation on 7005 test on Windows 2022
2023-05-08 12:11:01 -05:00
c221edb1ec
Add in ADAudit Plus build 6077 testing examples
2023-05-08 11:45:44 -05:00
51ab9746fb
Updates based on cdelafuente-r7 comments
2023-05-06 19:05:21 +00:00
e692e927dc
review fixes
2023-05-05 16:43:47 -04:00
19651633c4
Update the installation instructions to resolve some issues encountered during testing
2023-05-04 18:26:54 -05:00
f27fc28411
Perform review updates
2023-05-04 15:12:31 -05:00
aede036b02
additional changes from code review
2023-05-04 15:12:30 -05:00
0fd743d851
Add in fixes from code review
2023-05-04 15:12:29 -05:00
d5032f0a5d
Minor touchups on documentation for review
2023-05-04 15:12:28 -05:00
32796b429b
add note about payload limitations for builds 7004 and 7005
2023-05-04 15:12:27 -05:00
3b0d8b850b
Fix up some issues identified during review
2023-05-04 15:12:26 -05:00
9f68a5f8d1
add manageengine_adaudit_plus_authenticated_rce exploit module and docs
2023-05-04 15:12:09 -05:00
95562e04aa
sudoedit work
2023-05-02 18:39:59 -04:00
60149259a2
Land #17856 , RCE exploit for CVE-2023-26359 (Adobe ColdFusion) and an auxiliary module for arbitrary file read via the same vuln.
2023-04-28 19:27:15 +02:00
d454b2e195
cve-2023-22809
2023-04-25 20:54:48 -04:00
sfewer-r7