2c1869f9df
Land #14907 , Add exploit for CVE-2021-1732
...
Merge branch 'land-14907' into upstream-master
2021-03-18 14:29:59 -05:00
fb7a97077f
Land #14875,CVE-2021-21978 - VMWare View Planner Harness 4.6.x < 4.6 Security Patch 1 Arbitrary File Upload RCE
...
Merge branch 'land-14875' into upstream-master
2021-03-18 12:06:12 -05:00
b1c3c49eb5
Land #14757 , nagios_xi_magpie_debug: add writable paths, improvements, cleanup, fixes
2021-03-16 17:43:43 -05:00
0bff88c0c0
Update the module metadata and add module docs
2021-03-16 10:40:34 -04:00
e30d8db082
nagios_xi_magpie_debug: add writable paths, improvements, cleanup, fixes
...
Resolve Rubocop violations
Fix off-by-one in array index triggered when no file upload succeeds
Fix cleanup: ensure files are removed when upload succeeds but execution fails
Add AutoCheck
Add module notes
Add error handling and associated operator feedback
Add additional writable paths required for some old Nagios versions
Add fallback to session as `apache` if privlege escalation fails
Update documentation in line with above changes and fix software download links
2021-03-16 07:13:55 +00:00
ae5d31cb39
Land # 14776, Add Window Server 2012 SrClient DLL Hijacking local exploit module
...
Merge branch 'land-14776' into upstream-master
2021-03-15 14:34:35 -05:00
98c04eae6c
Remove TODO comment, update documentaton to include WAIT_FOR_TIWORKER option.
2021-03-15 07:51:12 -04:00
9a92ac87a1
Ensure documentation files have md extension
2021-03-15 10:24:50 +00:00
4f2e299d8f
Update the exploit to use Python as its payload since this is a lot more flexible, allows Meterpreter, returns a shell faster, and we are already injecting into and executing a Python file
2021-03-14 00:00:06 -06:00
c2c5db95d8
Add in documentation and fix some mistakes in the description of the module
2021-03-14 00:00:05 -06:00
8dce1acd64
Land #14794 , dup_scout_enterprise_login_bof: Add v9.9.14 target and auto targeting
2021-03-12 12:07:57 -06:00
d580e7d122
Fix some documentation, remove unnecessary code and fix a filename typo
2021-03-11 12:09:29 -06:00
a227d00275
Add additional setup notes for some modules
2021-03-11 12:09:29 -06:00
8d2e644f4f
Add a new Java Deserialization mixin and use it to set the shell
2021-03-11 12:09:29 -06:00
fbd6f19d04
Land #14846 , add HPE SIM unauth AMF deser rce
2021-03-08 16:50:49 -06:00
514d46bd4d
Rubocop module again and also update the documentation to reflect recent changes
2021-03-08 16:08:36 -06:00
729994d4af
Update module doc
2021-03-05 17:25:37 -06:00
7bbb4cc09a
Add module doc
2021-03-05 17:25:37 -06:00
59d7288773
RuboCop module and fix small spelling mistake in documentation
2021-03-04 18:48:19 -06:00
f193caa48e
Also make sure that the default option is to use Windows Powershell since this supports Meterpreter and is generally a lot more reliable
2021-03-04 18:40:21 -06:00
3ef8fcd996
Update module to fix an extra print statement and write documentation
2021-03-03 10:14:41 -06:00
3da8fce9cf
Add Microsoft Windows RRAS Service MIBEntryGet Overflow
2021-03-03 02:50:42 +00:00
6d939c16ce
Land #14783 , Update KarjaSoft Sami FTP Server v2.0.2 USER Overflow module
2021-02-26 11:17:05 -06:00
743248d993
Update KarjaSoft Sami FTP Server v2.0.2 USER Overflow module
2021-02-25 20:53:30 +00:00
f89d67df19
dup_scout_enterprise_login_bof: Add v9.9.14 target and auto targeting
2021-02-25 17:14:25 +00:00
1d5a6e4a0b
Land #14771 , Add Apache Flink JAR Upload Java Code Execution
2021-02-23 09:19:56 -05:00
69031fa91f
Add Apache Flink JAR Upload Java Code Execution
2021-02-22 23:00:57 +00:00
edea755096
Land #14740 , CVE-2021-3156 Sudo LPE (AKA: Baron Samedit) Improvements
2021-02-22 17:48:33 +00:00
68d4b197fa
Add SrClient DLL Hijacking local exploit module and docs
2021-02-18 13:50:28 -05:00
f227e82600
Land #14730 , OBM Local PrivEsc to SYSTEM
2021-02-15 10:24:34 +00:00
c1e2cfd9e7
Land #14744 , add Klog Server unauth cmd injection
2021-02-12 11:40:57 -06:00
bdc2041c83
Add Klog Server authenticate.php user Unauthenticated Command Injection
2021-02-12 17:07:52 +00:00
77cc799974
Fix a target version discrepancy in the CVE-2020-17132 docs
2021-02-11 18:04:03 -05:00
cb8cd89a90
Update the module docs for cve-2021-3156
2021-02-11 11:57:05 -05:00
88eaf97e79
Land #14607 , Updates for Exchange ECP DLP Policy Exploit
2021-02-11 15:15:34 +01:00
85b7e85d0b
Land #14671 , Micro Focus Multiple Products Authenticated RCE (CVE-2020-11853)
2021-02-09 18:24:57 +01:00
d884df96e2
fix msftidy docs
2021-02-09 14:37:35 +07:00
79cac47ba3
add suggestions by cdelafuente-r7
2021-02-09 14:24:49 +07:00
7281d00938
Implement feedback from PR review
2021-02-04 09:25:40 -05:00
c33c08bae9
Add a check method using the version information
2021-02-03 18:16:13 -05:00
c590d7b1bb
Add module docs and be more permissive with Length formatting
2021-02-03 18:16:13 -05:00
90f8c1f7b9
add tested for 2019.11 too
2021-01-30 21:54:48 +07:00
33edfaa8f6
mention that it has been tested on 2019.11 too
2021-01-30 21:47:31 +07:00
137664818d
add obm windows privesc sploit
2021-01-29 18:45:33 +07:00
b8fe5fabf8
fix typo another typo
2021-01-28 22:50:05 +07:00
446316ef6c
fix typo at the end of app list
2021-01-28 22:49:32 +07:00
dcd9a6a214
add more clarification regarding affected products
2021-01-28 20:41:08 +07:00
7ea5c3ffce
add clarification about c3p0
2021-01-28 18:23:20 +07:00
c73fa70543
do the rubocop thing and add docs
2021-01-28 18:21:51 +07:00
9174958489
Land #14627 , Add PRTG Network Monitor RCE (CVE-2018-9276)
...
Merge branch 'land-14627' into upstream-master
2021-01-27 15:48:27 -06:00
bwatters