607dd9f081
Land #17348 , New exploit for CVE-2022-46770 Mirage firewall DoS
...
Merge branch 'land-17348' into upstream-master
2023-01-17 16:52:38 -06:00
7e23c34e6c
Apply fixes per code review
2023-01-17 12:44:22 -06:00
541dab9365
simplified messaging
2023-01-17 12:44:20 -06:00
77687bff3f
init module
2023-01-17 12:44:20 -06:00
a10e313e26
Land #17343 , unquoted service path tweaks
2023-01-17 08:59:37 -05:00
0c8e83c34e
Land #17451 , Crack netntlm*
2023-01-16 20:52:53 +01:00
3ddcf73c2b
Remove the QUICK option altogether
...
Use blocks to check whether each service is exploitable as they are
enumerated. With this change, it is the service and path enumeration
halts once an exploitable one is found that yields a session.
Also all files are registered for cleanup.
2023-01-13 17:06:42 -05:00
f98d1d838b
unquoted service path tweaks to check
2023-01-13 17:06:42 -05:00
90a12cf3b0
unquoted service path tweaks
2023-01-13 17:06:42 -05:00
a6ec7762ea
unquoted service path tweaks
2023-01-13 17:06:42 -05:00
c52eb09cbb
unquoted service path tweaks
2023-01-13 17:06:42 -05:00
551990a945
Land #17466 , report smb version information
...
fix #16394 : SMB_Version Module does not report SMB Version into Notes
2023-01-12 13:16:05 -05:00
29968fb76e
Land #17337 , Gather Dbeaver Password
2023-01-12 16:06:00 +01:00
becf613022
fix #16394 : SMB_Version Module does not report SMB Version into Notes
2023-01-12 09:29:53 +05:30
f9b1c17c39
Fix exception handler logic and small improvements
2023-01-11 20:00:09 +01:00
ada6e73af6
Land #17341 , MinIO_Client Post Exploitation Credential Gatherer
2023-01-11 15:36:23 +01:00
43051a2811
Add missing curly bracket
2023-01-11 14:30:23 +01:00
6738ca2c43
Support multiple platforms
2023-01-11 18:04:29 +08:00
ce83086c00
Update modules/post/multi/gather/minio_client.rb
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2023-01-11 09:31:42 +08:00
633d807dbc
Update modules/post/multi/gather/minio_client.rb
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2023-01-11 09:29:13 +08:00
e00a86b6d6
Update modules/post/multi/gather/minio_client.rb
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2023-01-11 09:28:26 +08:00
3dd794a97f
Update modules/post/multi/gather/minio_client.rb
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2023-01-11 09:27:48 +08:00
8b6387867d
Update modules/post/multi/gather/minio_client.rb
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2023-01-11 09:27:08 +08:00
6ef38e305f
Support multiple platforms
2023-01-10 15:01:55 +08:00
5845c7cb1f
Update modules/post/windows/gather/credentials/minio_client.rb
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2023-01-10 09:22:50 +08:00
ba5b100fe5
Update modules/post/windows/gather/credentials/minio_client.rb
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2023-01-10 09:20:32 +08:00
551edbe0d1
Review and lint fixes
2023-01-09 13:27:35 -06:00
a1ee09d544
New exploit for CVE-2022-46770 Mirage firewall DoS
2023-01-09 13:27:35 -06:00
f8ce1219e1
Remove extra line
2023-01-09 11:23:26 -06:00
2df3920432
fix #17436 : truncated file names in the logged data in module auxiliary/scanner/smb/smb_enumshares
2023-01-09 22:11:25 +05:30
ade00718c6
fix #17436 : truncated file names in the logged data in module auxiliary/scanner/smb/smb_enumshares
2023-01-09 19:32:37 +05:30
0c418d05e8
jtr cracking of netntlm
2023-01-08 16:54:36 -05:00
0c3026c201
crack netntlm*
2023-01-08 14:32:04 -05:00
4c6c8fcf8b
crack netntlm*
2023-01-08 14:29:21 -05:00
4a1c75ae73
dbeaver_store_config
2023-01-06 14:55:49 +08:00
1f938781d9
Land #17438 , exchange_proxylogon_collector bugfix
...
exchange_proxylogon_collector bugfix: prevent empty on nil by changing empty to blank
2023-01-05 16:24:58 -05:00
98b3b29cc2
Land #17439 , Removing Rex::ConnectionError exception handler from module template
2023-01-05 14:24:58 -06:00
25f4c023b4
Removing Rex::ConnectionError exception handler
2023-01-05 20:26:11 +01:00
725f83601f
Land #17435 , Restore raw_send_recv for module using SMTP mixin
2023-01-05 11:29:53 -06:00
5eae5068cc
update
2023-01-05 20:56:06 +08:00
f222bccf6c
prevent empty on nil by changing empty to blank
2023-01-05 10:38:09 +02:00
f39973de86
Fix up missing option in documentation and also add some additional validation on server response.
2023-01-04 17:02:05 -06:00
11b95b2094
added additional response check
2023-01-04 17:02:04 -06:00
c7b59b4815
updates based on gwillcox-r7 review comments
2023-01-04 17:02:04 -06:00
f9ecaa92ae
updated references section
2023-01-04 17:02:03 -06:00
4db15346e1
init commit module
2023-01-04 17:01:58 -06:00
6b5948a69d
restore raw_send_recv for module using SMTP mixin
...
changes in #16153 adjusted modules that were not utilizing
`Exploit::Remote::SMTPDeliver` in error restore calls to `raw_send_recv`
that is no longer shadowed by in `SMTPDeliver`.
2023-01-04 14:45:58 -06:00
615bba3d31
Update jenkins_gather.rb
...
blank? should be used instead of empty?
2022-12-27 19:31:49 -06:00
20d70799a7
Land #17298 , Add opentsdb_yrange_cmd_injection module and docs
2022-12-23 13:38:58 +01:00
83b11a69a8
Make rubocop happy
2022-12-23 13:38:16 +01:00
bwatters