607dd9f081
Land #17348 , New exploit for CVE-2022-46770 Mirage firewall DoS
...
Merge branch 'land-17348' into upstream-master
2023-01-17 16:52:38 -06:00
7e23c34e6c
Apply fixes per code review
2023-01-17 12:44:22 -06:00
da3ae22135
added documentation
2023-01-17 12:44:20 -06:00
0ac4d3d2e6
doc how to set permissions on service
2023-01-13 17:07:17 -05:00
3ddcf73c2b
Remove the QUICK option altogether
...
Use blocks to check whether each service is exploitable as they are
enumerated. With this change, it is the service and path enumeration
halts once an exploitable one is found that yields a session.
Also all files are registered for cleanup.
2023-01-13 17:06:42 -05:00
90a12cf3b0
unquoted service path tweaks
2023-01-13 17:06:42 -05:00
c52eb09cbb
unquoted service path tweaks
2023-01-13 17:06:42 -05:00
29968fb76e
Land #17337 , Gather Dbeaver Password
2023-01-12 16:06:00 +01:00
f9b1c17c39
Fix exception handler logic and small improvements
2023-01-11 20:00:09 +01:00
ada6e73af6
Land #17341 , MinIO_Client Post Exploitation Credential Gatherer
2023-01-11 15:36:23 +01:00
6738ca2c43
Support multiple platforms
2023-01-11 18:04:29 +08:00
6ef38e305f
Support multiple platforms
2023-01-10 15:01:55 +08:00
a14af52146
Update documentation/modules/post/windows/gather/credentials/minio_client.md
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2023-01-10 09:19:58 +08:00
b72bfec033
Update documentation/modules/post/windows/gather/credentials/minio_client.md
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2023-01-10 09:17:40 +08:00
ca0a57124b
Add qubes_mirage_firewall_dos module documentation
2023-01-09 13:27:35 -06:00
5eae5068cc
update
2023-01-05 20:56:06 +08:00
f39973de86
Fix up missing option in documentation and also add some additional validation on server response.
2023-01-04 17:02:05 -06:00
c7b59b4815
updates based on gwillcox-r7 review comments
2023-01-04 17:02:04 -06:00
6801cbd21e
updated Limitation section
2023-01-04 17:02:03 -06:00
fc6acdab6a
added documentation
2023-01-04 17:01:59 -06:00
20d70799a7
Land #17298 , Add opentsdb_yrange_cmd_injection module and docs
2022-12-23 13:38:58 +01:00
6758c8313f
Land #17258 , Update sharphound
2022-12-21 14:04:09 +01:00
a6605d36a3
Land #17334 , enum_commands: Cleanup
2022-12-20 22:52:00 +00:00
fa5e4df3f5
Land #17278 , Add solarwinds_orion_dump post module
2022-12-20 15:42:25 +01:00
e3c6aa7820
solarwinds_orion_dump attribution update
...
Updated original research attribution to align with reality.
2022-12-20 08:55:19 -05:00
78906a8217
enum_commands: Cleanup
2022-12-20 23:42:51 +11:00
2a28af208d
Land #16992 , Syncovery For Linux - Auth. RCE (CVE-2022-36534)
2022-12-14 13:43:00 +01:00
9582411554
Land #16991 , Syncovery For Linux - Insecure Session Token Generation (CVE-2022-36536)
2022-12-14 11:30:47 +01:00
d6a5590c06
Land #17265 , Add Exploit for CVE-2020-25736
2022-12-13 18:49:56 +01:00
6885e576ed
add note about uninstalling the helper tool
2022-12-12 16:35:44 -06:00
024fc87b4c
Land #17272 , Add F5 MCP post module
...
Add F5 MCP post module
2022-12-12 14:20:31 -05:00
d04111ad6f
solarwinds_orion_dump markdown update
...
Nuked the last embarrassing typo in the module description.
Updated the documentation to include detail on sqlcmd / CSV export
process when manually exporting the data.
2022-12-12 10:54:41 -05:00
8075654f10
Revise solarwinds_orion_dump MKII
...
Fixed humiliating typos in the markdown doc.
Updated the Author section of the module per guidelines.
Changed credential type for AES key loot storage.
Updated database config code to include the case where the SQL password
is not encrypted (needs testing).
Additional tweaks and fixes.
2022-12-09 14:47:18 -05:00
771b7c58f9
change brute-forcer
2022-12-09 12:33:13 +01:00
005d43f7d1
Merge branch 'rapid7:master' into syncovery_craftable_token
2022-12-09 09:34:42 +01:00
293a203a03
Added path option to cmd payloads
2022-12-08 12:19:31 -06:00
2f3fd6c917
Revise solarwinds_orion_dump
...
Made modifications to documentation to add further detail for each
action.
Significant refactor of error handling, now with (hopefully) proper use
of exceptions.
Various suggested code improvements and optimization.
Fixed some redundant and buggy code.
2022-12-07 07:55:43 -05:00
97a9fb6650
Update docs for Acronis module
...
Note that uninstalling the module doesn't necessarily uninstall the vulnerable service, so call that out to people who are testing this module so they have a chance to do more thorough cleanup after testing.
2022-12-06 11:08:31 -06:00
e7e2849f6d
Land #17183 , Zimbra fixes
2022-12-06 15:38:37 +01:00
9b55f32474
MinIO_Client
2022-12-06 20:04:10 +08:00
d48319a867
Land #17242 , Add Gather Module for WP BookingPress Plugin unauth SQLi (CVE-2022-0739)
2022-12-05 15:04:31 -06:00
cb68c255bb
Fix up issues from review
2022-12-05 14:17:43 -06:00
1fec75621c
Fix up documentation from review
2022-12-05 14:04:22 -06:00
f29b4fad75
Add Gather Module for WP BookingPress Plugin SQLi (CVE-2022-0739)
2022-12-05 14:04:03 -06:00
37540572e0
Land #17214 , add database functionality to vcenter post module
...
Merge branch 'land-17214' into upstream-master
2022-12-05 12:50:14 -06:00
54cd055276
Land #17286 , CVE-2021-22015 vCenter priv esc
...
Merge branch 'land-17286' into upstream-master
2022-12-05 09:31:01 -06:00
6e7d4edf02
Land #16990 , Syncovery for Linux - Login brute-force utility
2022-12-05 14:39:29 +01:00
907612b41d
Dbeaver
2022-12-05 14:54:19 +08:00
d90dee8235
enum_proxy: Cleanup and support non-Meterpreter sessions
2022-12-04 15:10:47 +11:00
04e5aa3033
apply suggestions
2022-12-02 16:05:01 +01:00
bwatters