006faaab9a
Land #14924 , Add auxiliary and exploit modules for CVE-2020-6207 in SAP Solution Manager
2021-03-25 17:48:56 -04:00
3b8f3620d2
Minor updates
...
Updated action_exec in auxiliary module cve_2020_6207_solman_rce.rb
Updated execute_command in exploit module cve_2020_6207_solman_rs.rb
2021-03-25 15:37:29 +03:00
0487e451cf
Updated payload
...
Updated make_rce_payload, renamed get_agent_os to check_agent in lib sap_sol_man_eem_miss_auth.rb
Updated action_ssrf, action_exec in auxiliary module cve_2020_6207_solman_rce.rb
Updated execute_command, exploit in exploit module cve_2020_6207_solman_rs.rb
2021-03-25 14:20:54 +03:00
391e013d89
Removed var lhost, lport in exploit module cve_2020_6207_solman_rs.rb
...
Changed fail reason if agent_name is nil in lib sap_sol_man_eem_miss_auth.rb
2021-03-25 11:26:14 +03:00
924f7feb76
Updated Arch in the exploit module cve_2020_6207_solman_rs.rb
...
Corrected by rubocop library sap_sol_man_eem_miss_auth.rb
2021-03-24 16:26:01 +03:00
66ce45d833
Added support for CmdStager in the exploit module cve_2020_6207_solman_rs.rb
2021-03-24 16:16:43 +03:00
567f78c532
Update PAYLOAD_XML, check_response in lib sap_sol_man_eem_miss_auth.rb
...
Delete class var agents in auxiliary and exploit modules
2021-03-24 11:21:57 +03:00
8c7a483f6e
Delete analyze_error in exploit module cve_2020_6207_solman_rs.rb
2021-03-23 23:59:48 +03:00
2c18435e6e
Update pretty_agents_table in lib sap_sol_man_eem_miss_auth.rb
...
Change output in auxiliary and exploit modules
2021-03-23 23:00:34 +03:00
d76224066f
Rename option URIPATH to TARGETURI
2021-03-23 13:33:39 +03:00
113dce79de
Move lib/metasploit/framework/sap_solman/client.rb to lib/msf/core/exploit/remote/http/sap_sol_man_eem_miss_auth.rb
2021-03-23 13:20:27 +03:00
2a48dd265d
Replace class var @@agents with a class instance var in auxiliary and exploit modules.
2021-03-22 12:13:04 +03:00
42726a70c0
client.rb - library for auxiliary and exploit modules
...
cve_2020_6207_solman_rce.rb - auxiliary module
cve_2020_6207_solman_rce.md - documentation for auxiliary module
cve_2020_6207_solman_rs.rb - exploit module
cve_2020_6207_solman_rs.md - documentation for exploit module
2021-03-21 16:51:21 +03:00
308a42e95b
Fix apache_activemq_upload_jsp exploit module for Java 8
2021-03-20 15:26:34 +00:00
aaf7e21def
Update the microfocus_ucmdb_unauth_deser module to use the new mixin
...
This updates the microfocus_ucmdb_unauth_deser module to use the new
Java Deserialization mixin. Unfortunately we do not have access to the
software for testing so these changes can not be verified.
2021-03-11 12:09:29 -06:00
d580e7d122
Fix some documentation, remove unnecessary code and fix a filename typo
2021-03-11 12:09:29 -06:00
8d2e644f4f
Add a new Java Deserialization mixin and use it to set the shell
2021-03-11 12:09:29 -06:00
2bd6b7abc7
Specify the modified_type when generating ysoserial payloads
...
Fixes #13753
2021-03-11 12:09:29 -06:00
f5edb5a105
Remove redundant rubocop disables
2021-03-11 17:23:44 +00:00
bcf7ad000b
Add CheckModule to fingerprint VMware product
2021-03-05 17:25:37 -06:00
33e52b0fb2
Update and refactor check
...
Now with more science!
2021-03-05 17:25:37 -06:00
26f1c209b2
Add VMware vCenter Server CVE-2021-21972 exploit
2021-03-05 17:25:37 -06:00
319f15d938
Handle nil versions for rubygems 4
2021-02-25 16:47:49 +00:00
b06c5c12aa
Rubocop recently landed modules continued
2021-02-25 14:13:40 +00:00
1d5a6e4a0b
Land #14771 , Add Apache Flink JAR Upload Java Code Execution
2021-02-23 09:19:56 -05:00
69031fa91f
Add Apache Flink JAR Upload Java Code Execution
2021-02-22 23:00:57 +00:00
8a339f54c1
Land #14734 , updates and runs rubocop against recent modules
...
Rubocop recently landed modules
2021-02-19 13:48:47 +00:00
275e9c5454
Land #14696 , Further Zeitwerk lands to improve boot speed
...
Zeitwerk rex folder
2021-02-19 10:33:37 +00:00
5b3fde7735
Rubocop recently landed modules
2021-02-16 15:08:08 +00:00
f6c3de5732
Land #14733 , Add latest Rubocop rules
2021-02-12 16:18:13 +00:00
bed7ae2c78
Add latest rubocop rules
2021-02-12 13:31:51 +00:00
85b7e85d0b
Land #14671 , Micro Focus Multiple Products Authenticated RCE (CVE-2020-11853)
2021-02-09 18:24:57 +01:00
9881512833
Update modules/exploits/multi/http/microfocus_obm_auth_rce.rb
...
Co-authored-by: cdelafuente-r7 <56716719+cdelafuente-r7@users.noreply.github.com >
2021-02-09 14:18:47 +07:00
7fbbe23426
Remove more requires that were missed before
2021-02-08 14:51:58 +00:00
b95be3ed10
Zeitwerk rex folder
2021-02-08 12:24:12 +00:00
3a2932b798
Migrate old uses of manual autocheck to use the new prepend autocheck
2021-02-02 10:15:46 +00:00
e0ab259880
Remove < character from Archive_Tar exploit module
2021-01-29 11:20:50 +00:00
7d9eb1e88b
fix typo on LWSSO_COOKIE_KEY
2021-01-28 22:45:04 +07:00
c73fa70543
do the rubocop thing and add docs
2021-01-28 18:21:51 +07:00
a5725b823a
add sploit
2021-01-28 17:41:06 +07:00
74898461b4
Land #14654 , Add exploit for Micro Focus UCMDB unauthenticated RCE
2021-01-27 10:00:22 -05:00
191e772f06
fix issues highlighted by smcintyre-r7
2021-01-25 22:25:07 +07:00
fc0e221f5a
add comment for self removal
2021-01-24 22:47:47 +07:00
7220dc3ff6
add new note on broken payloads
2021-01-24 22:39:01 +07:00
12157163f7
Merge branch 'obm_deser' into ucmdb
2021-01-24 22:25:57 +07:00
bf4ac7b1a8
add UCMDB sploit
2021-01-24 22:25:45 +07:00
6e326d6a60
Fix up confusing variable name and a typo as pointed out during review
2021-01-19 09:25:56 -06:00
95d3bd98ac
Do msftidy_docs and rubocop changes
2021-01-15 18:10:23 -06:00
2f0abe4900
Add in documentation and fix up small issues with module
2021-01-15 18:06:07 -06:00
65370a6b47
Initial module code
2021-01-15 16:20:06 -06:00
Spencer McIntyre