b69db83398
Land #16202 , Add exploit for CVE-2022-21882 (Win32k LPE)
...
Merge branch 'land-16202' into upstream-master
2022-02-25 15:55:48 -06:00
217afa0f3b
Land #16190 , Axis Camera App RCE (No CVE)
2022-02-25 11:35:03 -06:00
d055a7d811
Altered some randomization, the json extracted by check, and fixed some wording
2022-02-24 18:48:21 -08:00
544f8e161a
Land #16164 , Create Module For CVE-2021-42321
2022-02-24 11:36:12 -05:00
fddd3f15c2
Fix up code so that it will not block on attempting to delete the configuration on the folder, just in case the configuration doesn't exist in the first place. Instead print a warning and continue.
2022-02-22 17:52:29 -06:00
443bf1249a
Remove all the old CVE-2021-1732 data
2022-02-18 15:25:39 -05:00
bcd7cb1122
Writeup the module metadata and docs
2022-02-18 15:23:44 -05:00
1086926b2e
Land #16159 , Add module for CVE-2021-3129
...
Merge branch 'land-16159' into upstream-master
2022-02-15 17:14:01 -06:00
5ac3330802
Initial commit of Axis camera app install exploit
2022-02-14 17:54:18 -08:00
a7ace66b3f
Use send_request_cgi and update options to use HttpUsername and HttpPassword accordingly. This simplifies code. Also update documentation accordingly
2022-02-14 18:19:00 -06:00
c49591cf11
Add in changes to use targets array as per Spencer's suggestion so we can now spawn Meterpreter shells. Also remove ACCOUNT_LOCKOUTS and fix a call that should have been .get_xml_document
2022-02-14 17:38:10 -06:00
4c1b2478fa
Add in exploit and documentation
2022-02-11 13:58:56 -06:00
db00991f26
Land #16150 , add nagios xi web shell upload
2022-02-11 11:45:06 -06:00
0a78dd78ec
Used suggested method for defining user webshell, used suggested depth configuration, and used vars_get in a couple of places
2022-02-08 18:20:03 -08:00
bed067dda0
Land #16125 , add ARCH_CMD for GXV3140 support
2022-02-08 12:24:42 -06:00
6b64c6b393
Add module documentation
2022-02-08 15:29:11 +01:00
5bbe934db9
Add QEMU Monitor HMP 'migrate' Command Execution module
2022-02-07 17:48:27 +00:00
0fcc7e7733
Fixed spelling errors in descriptions
2022-02-06 02:55:17 -08:00
9758251278
Initial commit of CVE-2021-37343
2022-02-05 18:21:18 -08:00
e2c91ebf30
Land #16010 , zabbix_script_exec improvements
...
This updates the zabbix_script_exec module to work with versions 5.0 and
newer as well as adds a new item-based execution technique.
2022-02-04 15:13:13 -05:00
ae278d0568
Cleanup some minor typos
2022-02-04 15:12:57 -05:00
8838d9cb66
Added timeout system, fixed a bug with TLS_PSK, linted
2022-02-04 04:01:23 -08:00
645ef5e71f
Fixed few bugs
2022-02-02 14:30:02 -08:00
de32cc0e97
Linted with Rubocop, factorized API call, fixed some grammmar
2022-02-01 13:29:30 -08:00
837fdf7c5e
Land #16128 , add cisco rv unauth rce
2022-02-01 10:34:57 -06:00
78312fb300
Update documentation/modules/exploit/linux/http/cisco_rv_series_authbypass_and_rce.md
...
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com >
2022-02-01 06:41:26 -05:00
ccedcfefab
Added exploit for CVE-2021-1472/CVE-2021-1473
2022-01-29 18:56:53 -08:00
feebf25ad4
Add support for GXV3140 models and ARCH_CMD busybox telnetd payload
2022-01-29 19:38:57 +00:00
a4fcddca8e
Rename to grandstream_gxv31xx_settimezone_unauth_cmd_exec
2022-01-29 19:24:09 +00:00
44f040ad78
Land #16056 , Exploit Module for Grandstream UCM62xx IP PBX (CVE-2020-5722)
2022-01-24 21:03:46 -06:00
15751a0f78
Minor langauge fix and final typo
2022-01-24 21:01:34 -06:00
2c989ec714
Addressed multiple review comments (spelling, doc details, randomization, etc)
2022-01-22 14:09:58 -08:00
458d584f83
Add details to check codes and PR feedback
2022-01-21 09:40:23 -05:00
579627f5c7
Update docs, note OS X support
2022-01-20 10:47:11 -05:00
ba469a4b2c
Add version detection to the Unifi exploit
2022-01-20 09:26:48 -05:00
ef344d9d12
Add the Unifi Log4Shell RCE exploit
2022-01-19 17:51:31 -05:00
4cf3ae352c
Land #16050 , Log4Shell: vCenter RCE
...
Merge branch 'land-16050' into upstream-master
2022-01-19 16:30:33 -06:00
8bb3e39fd7
Land #16036 , Add Grandstream GXV3175 'settimezone' Unauthenticated Command Execution
2022-01-19 10:58:42 -06:00
ee2feb1207
Add Grandstream GXV3175 'settimezone' Unauthenticated Command Execution
2022-01-19 00:04:15 +00:00
4ebb702405
Added an exploit for Grandstream UCM62xx IP PBX (CVE-2020-5722)
2022-01-15 12:46:56 -08:00
3f04b80d8b
Add vCenter Log4Shell docs
2022-01-13 14:50:28 -05:00
435e79aaef
Land #16041 , add SonicWALL cmd injection
2022-01-12 13:23:57 -06:00
877bab6f2a
Land #15969 , Log4j2 HTTP Header Injection Exploit
2022-01-11 16:52:08 -05:00
7b64383040
Preemptively tweak references to ysoserial
2022-01-11 16:25:21 -05:00
d4ee9a0183
Initial commit of CVE-2021-20039 exploit
2022-01-10 12:43:50 -08:00
53c2400be9
Added cleaning procedure + fixed few mistakes/error mesage, removed unused docs
2022-01-08 10:56:31 -08:00
ccc90b0330
Linted doc+module, added support for 6.x version, aded support for TLS and item RCE, improved payload management
2022-01-07 17:40:15 -08:00
3f15c9ecc1
Writeup the module docs
2022-01-07 17:30:39 -05:00
41ebb3aa29
Land #15903 , SMB Shadow Module: Direct SMB Session Takeover
2022-01-07 16:57:17 +01:00
3051c5d9f5
Add mutex to cleanup in smb_shadow
...
The mutex will prevent multiple calls to cleanup when the module is
stopped with Ctrl-C. Add a Notes section to the documentation which
describes arpspoof usage and such.
2022-01-07 14:18:15 +09:00
bwatters