bbec35f8ba
moves v.gui comment to appropriate location(s)
2020-10-08 11:59:09 -05:00
444215ffd0
updates Vagrantfile to support vmware_desktop
...
changes box from ubuntu/bionic64 to hashicorp/bionic64 as Canonical doesn't have a vmware box
makes it obvious how to allow the VM to show up in the hypervisor GUI
updates vmware provider to be the official vmware_desktop provider
Adds a VM display name option
Changes gpg key imports and rvm install to match what's in omnibus
handles stderr better to avoid some extra warnings unless there's a real failure
Installs Ruby only if it's not installed already (nicer if have to reprovision the box)
switches back to gem install bundler due to upstream bundler/ruby changes
adds --quiet to gem install bundler to avoid progress bar junk
2020-10-07 17:23:28 -05:00
01263e5f91
automatic module_metadata_base.json update
2020-10-07 12:18:19 -05:00
a2675c13e8
Land #14213 , Add disclosure date rubocop linting rule - enforce iso8601 disclosure dates
2020-10-07 12:09:59 -05:00
2c391e9edc
Fix up last of the module that had incorrect disclosure dates
2020-10-07 12:09:35 -05:00
068824aa31
automatic module_metadata_base.json update
2020-10-07 11:19:55 -05:00
64cc47d654
Land #14163 , SAP IGS XMLCHART XXE (CVE-2018-2392 and CVE-2018-2393)
2020-10-07 11:08:23 -05:00
32b489408e
Update docs
2020-10-07 10:12:10 -05:00
fa7b711d60
Change ltype in loot
2020-10-07 10:12:09 -05:00
12095f9174
Make minor updates to the error messages
2020-10-07 10:12:09 -05:00
df86b0c7c2
Update script to ensure action_file_read will correctly use fail_with, and to update the return types of send_first_request.
2020-10-07 10:11:12 -05:00
5ad2190c40
Apply updates to the module from the review process and a minor update to the documentation to note the renaming of the PATH option to URIPATH. Also update the check method so that it now works correctly and so that other functions return errors appropriately.
2020-10-07 10:08:57 -05:00
cc721fd64f
Update several functions to apply review edits and also update the documentation accordingly.
2020-10-07 10:07:48 -05:00
9ce3dc45f7
Delete default option: VERBOSE
2020-10-07 10:07:46 -05:00
24d14f8816
Rename URN to PATH in several functions. Also change check function.
2020-10-07 10:04:55 -05:00
8a8dfafcc3
Rename the files and update some descriptions as there may be more XXE bugs in SAP in the future. Also update the documentation accordingly.
2020-10-07 10:04:03 -05:00
14f4de1f0c
Clean up documentation to improve English and descriptions, and to also remove some excess information that was leading to some potential confusion
2020-10-07 10:04:03 -05:00
fc462d2465
Clean up code to remove some extra options and to make the match() calls a bit cleaner, as well as make some of the explanations a bit neater. Also remove duplicate code from a few places
2020-10-07 10:04:02 -05:00
a70cb25824
Remove all verbose options and tidy up one extra instance variable that was only used once
2020-10-07 10:04:02 -05:00
7c682af98b
Create sap_igs_xxe.rb and its associated documentation, and apply RuboCop fixes.
2020-10-07 10:03:09 -05:00
d1e48b1358
automatic module_metadata_base.json update
2020-10-07 08:32:02 -05:00
d0778c7a54
Land #14228 , Increase operations per run
2020-10-07 12:57:52 +01:00
7da99f72b8
Update schedule-stale.yml
2020-10-07 11:43:43 +01:00
9ee83e2657
Land #14028 , Fix msf6 TLV_TYPE_PIVOT_STAGE_DATA_SIZE pivoting error
2020-10-06 09:11:38 -04:00
3a6293357e
Land #14190 , Add the DOMAIN option to the CVE-2020-0688 Exploit
...
Merge branch 'land-14190' into upstream-master
2020-10-05 12:12:21 -05:00
83bd9bc3e4
Land #14220 , fix vulnerability spelling
...
Merge branch 'land-14220' into upstream-master
2020-10-05 08:14:37 -05:00
15bb690308
fix vulnerability spelling
2020-10-04 13:00:48 -04:00
7be36a772d
Land #14215 , updates Dockerfile for bundler 2 support
2020-10-02 22:46:21 +01:00
32a9719543
bump final container to use Ruby 2.6.6
2020-10-02 16:02:59 -05:00
9905f6ede6
update rubygems and bundler in final container
2020-10-02 15:52:02 -05:00
30809787c4
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
c4c551fdef
Add disclosure date rubocop linting rule
2020-10-02 21:00:32 +01:00
f8abaee104
updates Dockerfile for bundler 2 support
2020-10-02 14:06:55 -05:00
7d330da7b2
Land #14214 , Roll back Travis testing to 2.7.1
2020-10-02 14:04:54 -05:00
f13cd0e91c
Roll back Travis testing to 2.7.1
2020-10-02 12:04:22 -05:00
d612962ef4
Land #14197 , start testing on Ruby 2.7
2020-10-02 11:26:20 -05:00
919e5212e7
Update 2.7 tests to 2.7.2
2020-10-02 11:25:24 -05:00
c008edd200
automatic module_metadata_base.json update
2020-10-02 10:07:48 -05:00
640a9e2021
Land #14212 , Fix invalid disclosure date formats in some modules
2020-10-02 09:55:47 -05:00
26ff912291
Fix invalid disclosure date formats
2020-10-02 12:20:05 +01:00
66f04a95b7
better enforcement of binary mode on test fixtures
2020-10-01 14:29:10 -05:00
1b9b1c5a92
Bump version of framework to 6.0.10
2020-10-01 12:22:38 -05:00
4616e62543
Land #14211 , re-introduce unintentionally deleted support for finding a service by id.
2020-10-01 17:52:23 +01:00
03a30d80ef
creds need web service to support request by :id
2020-10-01 11:13:38 -05:00
49d5d2abf8
automatic module_metadata_base.json update
2020-10-01 10:18:53 -05:00
f45d9b295a
Land #14204 , Update the module docs for CVE-2020-1472 (Zerologon)
2020-10-01 10:09:19 -05:00
0ed3a65f3c
automatic module_metadata_base.json update
2020-10-01 09:59:34 -05:00
e24a81919a
Land #13996 , Add module for CVE-2020-9801, CVE-2020-9850 and CVE-2020-9856,
...
RCE for Safari on macOS 10.15.3 (pwn2own2020)
Merge branch 'land-13996' into upstream-master
2020-10-01 09:46:39 -05:00
bf13ffc692
Update documentation based on feedback
2020-10-01 09:19:15 -04:00
4747b7c676
Land #14129 , Add Impacket and associated dependencies into Dockerfile
2020-09-30 17:22:26 -05:00
kernelsmith