d7531ef74c
fix typo in documentation
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2024-06-13 15:09:56 +01:00
bf9b3f1d2a
add documentation
2024-06-10 17:41:55 +01:00
a89d418725
review of northstar c2
2024-05-16 15:17:28 -04:00
19af4ae4e6
mermaid flow chart
2024-04-24 16:54:02 -04:00
9fb217fb59
northstar c2 exploit
2024-04-24 16:54:02 -04:00
dae9657433
FortiClient EMS Exploit Module
2024-04-12 10:00:07 -07:00
e58c6b9df2
Land #18721 , SharePoint Unauth RCE Exploit Chain (CVE-2023-29357 & CVE-2023-24955)
...
Merge branch 'land-18721' into upstream-master
2024-03-26 12:42:22 -05:00
4e4303c274
Fixed backup_bdc_metadata initialization
2024-02-15 09:26:54 -05:00
326b50bd4d
Responded to comments
2024-02-06 15:22:21 -05:00
5f1fa2a678
Apply suggestions from jvoisin
...
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com >
2024-01-19 20:30:53 -05:00
854ec41db1
Initial commit
2024-01-19 15:22:22 -05:00
2f3e207277
Fixed documentation for exploit
2023-12-15 13:58:10 +01:00
9f9f18c73f
Apply suggestions from code review
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2023-11-02 10:10:26 +08:00
00ccebe8ce
Upadte documentation for AjaxPro Deserializaion RCE
2023-10-31 13:31:10 +08:00
40683ff591
Add document for AjaxPro Deserialization RCE Module
2023-10-28 01:37:34 +08:00
557a15a115
spelling fixes on docs
2023-10-10 14:46:18 -04:00
623b589fb5
When I removed the PowerShell target I forgot to update the documentation, this commit updates the documentation to reflect the changes made to the exploit module.
2023-10-04 17:03:28 +01:00
1695a12c9c
Explicitly state both the release name (e.g. 2022.0.2) and the version number (e.g. 8.8.2) in a more consistent way.
2023-10-02 17:40:11 +01:00
53ed4a632b
add in exploit module for CVE-2023-40044 - WS_FTP unauthenticated RCE via .NET deserialization.
2023-10-02 11:42:19 +01:00
48cb2db70b
Update scenario
2023-09-01 03:48:08 +02:00
1d9c7fde77
Add LG Simple Editor Unauthenticated RCE (CVE-2023-40498) Exploit
2023-08-29 17:58:43 +02:00
7fa2586e34
Land #18247 , Netgear NMS RCE CVE-2023-38096/8
2023-08-28 11:23:08 +02:00
b10d677308
Doc update.
2023-08-25 21:18:48 +02:00
0fe335aff2
Update documentation/modules/exploit/windows/http/netgear_nms_rce.md
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2023-08-24 16:10:30 +00:00
c216c5a184
Fix lines in SmarterMail RCE docs for linting with msftidy_docs
2023-08-23 23:07:07 +08:00
329920eeb2
Add Netgear NMS RCE (CVE-2023-38096/8) exploit
2023-08-02 18:03:57 +02:00
1706812099
Implemented requested changes
...
* Small fixes in Description - removed backticks
* Implemented Windows Command target
* Removed PowerShell Stager, in Targets and in exploit method
* Implemented Rex::Socket::Tcp in place of TCPSocket
* Updated TARGET section in documentation
* Added TARGET 0 - Windows Command scenario
* Removed PowerShell Stager scenario
* Replaced 'Using configured payload' lines to use Windows Command payload
for the 2nd, 3rd, and 4th scenarios. Did not rerun the scenarios, however
2023-07-07 04:14:20 -04:00
24ef4e1b90
Update documentation/modules/exploit/windows/http/smartermail_rce.md
...
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com >
2023-07-06 18:49:49 +03:00
ad0d3e79a9
SmarterMail RCE module and documentation
2023-07-06 08:00:28 -04:00
dfd450561e
Tweak some messages and cleanup markdown table
2023-06-22 14:23:25 -04:00
5f667e1d79
Address code review
2023-06-22 10:22:43 -05:00
2adea08f67
Add documentation & code cleanup
2023-06-21 15:41:50 -05:00
f7d2cdae56
Add in ability to restore settings n documentation changes.
...
Previously there was not the ability to restore the server proxy setting.
This updates the code to do so. Additionally this also updates the documentation
to note that Fetch payloads are incompatible with this module since they
use HTTP connections that will be impacted by this module changing the server's
HTTP proxy settings. There is no way around this.
2023-06-02 09:48:03 -05:00
965311d09e
Fix documentation and fix bug in creating PARMS value
2023-06-02 09:48:02 -05:00
8577f21e52
Add in documentation and updated code
2023-06-02 09:48:01 -05:00
459cf871cb
Land #17979 , Add exploit for Ivanti Avalanche file upload - CVE-2023-28128
2023-05-16 09:19:33 -05:00
ea988f0c78
Add more documentation on how to set the target up based on my own experience and so that we have a backup in case the link to external documentation breaks
2023-05-12 14:27:39 -05:00
cf5f90ac4f
Minor updates to documentation to tidy things up a bit
2023-05-11 16:48:16 -05:00
722de33b6f
address feedback, use cleanup to restore path
...
fix bug where if config restore failed, module would
output that it was both a failure and a success
add akb topic as reference
2023-05-11 13:20:25 -05:00
9f6a1c18a1
Minor updates to fix URLs, disclosure date, description, and minor gramatical things
2023-05-10 18:22:00 -05:00
d60843f0eb
name versions that are vulnerable
2023-05-09 09:16:42 -05:00
08a79a2f4e
add documentation
2023-05-08 17:42:23 -05:00
f773d348e1
Add in notes about reliability of the module, and also add documentation on 7005 test on Windows 2022
2023-05-08 12:11:01 -05:00
c221edb1ec
Add in ADAudit Plus build 6077 testing examples
2023-05-08 11:45:44 -05:00
19651633c4
Update the installation instructions to resolve some issues encountered during testing
2023-05-04 18:26:54 -05:00
f27fc28411
Perform review updates
2023-05-04 15:12:31 -05:00
aede036b02
additional changes from code review
2023-05-04 15:12:30 -05:00
0fd743d851
Add in fixes from code review
2023-05-04 15:12:29 -05:00
d5032f0a5d
Minor touchups on documentation for review
2023-05-04 15:12:28 -05:00
32796b429b
add note about payload limitations for builds 7004 and 7005
2023-05-04 15:12:27 -05:00
Stephen Fewer