d15ed9d2bd
Land #17370 , force mixin to utilize ruby_smb
2022-12-14 13:13:04 -06:00
0032ba9e50
automatic module_metadata_base.json update
2022-12-14 07:08:11 -06:00
2a28af208d
Land #16992 , Syncovery For Linux - Auth. RCE (CVE-2022-36534)
2022-12-14 13:43:00 +01:00
b76ed0f0ba
automatic module_metadata_base.json update
2022-12-14 06:04:56 -06:00
9582411554
Land #16991 , Syncovery For Linux - Insecure Session Token Generation (CVE-2022-36536)
2022-12-14 11:30:47 +01:00
0f1e228f50
finalization
2022-12-14 08:59:53 +01:00
1f1b04e009
finalization
2022-12-14 08:38:20 +01:00
0ae824e169
Update modules/exploits/unix/http/syncovery_linux_rce_2022_36534.rb
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2022-12-14 08:07:55 +01:00
e16e689308
Update modules/exploits/unix/http/syncovery_linux_rce_2022_36534.rb
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2022-12-14 08:07:45 +01:00
d6ba30adcf
Update modules/exploits/unix/http/syncovery_linux_rce_2022_36534.rb
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2022-12-14 08:07:35 +01:00
911431c63b
Update modules/exploits/unix/http/syncovery_linux_rce_2022_36534.rb
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2022-12-14 08:07:24 +01:00
f70f48c233
Land #17378 , Bump the version of msf-payload to 2.0.105
2022-12-13 16:58:52 -06:00
a63a98eea4
Bump the version of msf-payload to 2.0.105
2022-12-13 14:29:39 -06:00
a653dbd51a
automatic module_metadata_base.json update
2022-12-13 12:16:12 -06:00
d6a5590c06
Land #17265 , Add Exploit for CVE-2020-25736
2022-12-13 18:49:56 +01:00
9b1513fca9
Land #17376 , Extract db command helpers to standalone module
2022-12-13 17:46:53 +00:00
f6ed9ef12d
Extract db command helpers to standalone module
2022-12-13 17:01:49 +00:00
0596620de7
Update modules/exploits/osx/local/acronis_trueimage_xpc_privesc.rb
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2022-12-13 09:49:59 -06:00
03a640fcec
Update modules/auxiliary/scanner/http/syncovery_linux_token_cve_2022_36536.rb
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2022-12-13 16:06:42 +01:00
f158cfaadd
Update modules/exploits/unix/http/syncovery_linux_rce_2022_36534.rb
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2022-12-13 16:05:56 +01:00
c8e301224b
Update modules/exploits/unix/http/syncovery_linux_rce_2022_36534.rb
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2022-12-13 16:05:45 +01:00
53cde6d2ef
Update modules/exploits/unix/http/syncovery_linux_rce_2022_36534.rb
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2022-12-13 16:04:45 +01:00
c7ed5f4ba2
Land #17368 , Fix slow msfvenom payload generation for large payloads when outputting as hex format
2022-12-13 02:14:47 -06:00
5aaf159a50
Land #17364 , Bump docs ruby version to 3.0.5
2022-12-13 01:48:00 -06:00
69f47aa6a7
automatic module_metadata_base.json update
2022-12-12 17:09:12 -06:00
d09aef7dc5
Land #17350 , Remove unnecesary sleep
...
Remove unnecesary sleep in several bypassuac modules
2022-12-12 17:45:10 -05:00
6885e576ed
add note about uninstalling the helper tool
2022-12-12 16:35:44 -06:00
0eec36200c
force mixin to utilize ruby_smb
...
When refactored recently the new code expects a `RubySMB` object
this ensures the client returned meets that expectation.
2022-12-12 16:14:09 -06:00
cf9e54909c
use 2021 helper name in objective-c code too
2022-12-12 15:55:36 -06:00
13a557013c
support 2021 version of software
...
specifically, the exploit will now search
for com.acronis.helpertool in addtion to the
2020 helper tool name. This also updates the
check() method to return CheckCode::Detected
for when we find the vulnerable service but
can't detect the build number
2022-12-12 15:53:35 -06:00
5a66666b4d
Fix check methods by using #present?
2022-12-12 16:53:34 -05:00
8013be1d07
Fix slow msfvenom payload generation for large payloads
2022-12-12 21:39:21 +00:00
f534168636
automatic module_metadata_base.json update
2022-12-12 13:46:17 -06:00
024fc87b4c
Land #17272 , Add F5 MCP post module
...
Add F5 MCP post module
2022-12-12 14:20:31 -05:00
5b1e37bf66
Merge pull request #2 from smcintyre-r7/pr/collab/17272
...
Store service credentials in the database
2022-12-12 10:10:03 -08:00
c9aab1201c
Land #17363 , Add enckrbkey database persistence support
2022-12-12 17:44:47 +00:00
2cb66a5c8b
Land #17355 , Update the creds command to allow viewing ssh key contents
2022-12-12 11:29:47 -06:00
1855306e14
Bump docs ruby version to 3.0.5
2022-12-12 17:28:29 +00:00
431bfdfc52
Add enckrbkey database persistence support
2022-12-12 17:19:17 +00:00
c5439b85ef
Land #17361 , unlock concurrent-ruby
2022-12-12 10:36:48 -06:00
8a68111198
Land #17357 , Update docs site to support mermaid
2022-12-12 10:04:07 -06:00
60302e1f02
unlock concurrent-ruby
...
Version was locked due to yanked ver 1.1.0, this should have been unlocked long ago.
2022-12-12 08:58:22 -06:00
fd3fb5f3a4
Update docs site to support mermaid
2022-12-11 01:22:30 +00:00
2ea880c799
Show ssh key with verbose creds command
2022-12-10 00:08:54 +00:00
c84b2a67d7
Land #17345 , Update report api to return nil when no active db
2022-12-09 14:02:28 -06:00
90828ac2bb
automatic module_metadata_base.json update
2022-12-09 12:42:23 -06:00
d9b217e50b
Land #17351 , Fix bug in s4u_persistence module
...
Fix buggy default in s4u_persistence module
2022-12-09 13:16:53 -05:00
b65b0a7bc5
Land #17352 , Fixes crash in meterp when file_version asks for a file that doesn't exist
2022-12-09 12:10:29 -06:00
e29d9effba
Land #17346 , Update rspec thread counting logic
2022-12-09 10:32:55 -06:00
32a5c350cb
Land 17349, Update Ruby version to 3.0.5
2022-12-09 08:39:03 -06:00
Grant Willcox