ad2fab6fee
Land #16153 , read full response on smtp send/recv
2022-03-04 01:24:46 +00:00
6be3443680
Land #16103 , LPE in polkit's pkexec (CVE-2021-4034)
2022-03-03 09:24:11 -05:00
0463373756
Simplify finding pkexec
2022-03-03 09:19:45 -05:00
e649fe3f69
Fix some markdown issues, update docs and add arch check for payloads
2022-03-02 16:30:52 -06:00
06e897436c
Add Fedora results to docs and some minor final cleanup
2022-03-02 09:12:01 -06:00
58aed837b2
Update docs and options
2022-03-01 14:48:48 -06:00
0516badd8e
Change the way we cd after new session is created
2022-03-01 14:20:07 -06:00
ecaf8b1ba9
Land #16204 , Hikvision Unauthenticated RCE (CVE-2021-36260)
...
Merge branch 'land-16204' into upstream-master
2022-02-25 16:37:08 -06:00
217afa0f3b
Land #16190 , Axis Camera App RCE (No CVE)
2022-02-25 11:35:03 -06:00
1e0db45f1d
Add small note about ARMLE stager for future travelers
2022-02-25 11:34:31 -06:00
2bec5c425f
Change CheckCode to Appears
2022-02-25 08:32:06 -08:00
1facfe4a2f
Alter upload filename.
2022-02-25 02:53:52 -08:00
d055a7d811
Altered some randomization, the json extracted by check, and fixed some wording
2022-02-24 18:48:21 -08:00
48072b6554
Fix rubcop complaint introduced in suggestion commit
2022-02-24 18:28:38 -08:00
454eba2438
Apply suggestions from code review
...
Added changes suggested by @gwillcox-r7
Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com >
2022-02-24 21:25:09 -05:00
9f05a7d11a
Removed unneeded custom timeout
2022-02-24 08:13:04 -08:00
3739dad470
Updated to use print_bad instead of fail_with for application removal errors. Also included instructions on how to manually remove the application
2022-02-24 07:44:34 -08:00
e1616a520f
Fixed a couple of typos. Changed a CheckCode. Randomized the replaced tmp file name
2022-02-24 06:38:36 -08:00
4cd3563bc7
Initial commit of exploit for CVE-2021-36260
2022-02-19 13:13:24 -08:00
f311bd4fce
Remove duplicate warning
2022-02-18 16:31:35 -06:00
3ea032472d
Updated exploit with better check method, added OnSessionCmd option
...
to run a command when a session is bootstrapped, added more
documentation.
2022-02-18 16:30:47 -06:00
d5ba1afbec
fix URLs not resolving
...
fix URLs not resolving
add csv export to references
fix URLs not resolving
pdf not pd
missed a url change
remove extra recirectedfrom fields
remove extra file
fix ovftool url accidental replacement
2022-02-16 17:22:40 -06:00
5ac3330802
Initial commit of Axis camera app install exploit
2022-02-14 17:54:18 -08:00
af3fa09896
refactor smtp delivery to support continuation
...
When dealing with SMTP servers the communication needs to flow
a known protocol. To ensure the socket is in the correct state
after a send and receive it needs to be read until a line return
a response code followed by a `space` and additional data and `\r\n`
or the response code immediately followed by `\r\n` is returned.
2022-02-14 16:55:49 -06:00
3f2d6b6c22
adding authors and removing C exploit reference
2022-02-12 11:52:23 +04:00
74521c8ced
Update check for supported CentOS, Ubuntu, and Debian Targets
2022-02-11 20:30:05 -06:00
db00991f26
Land #16150 , add nagios xi web shell upload
2022-02-11 11:45:06 -06:00
e1da95243f
Always clean up the created job
2022-02-10 17:39:07 -08:00
9635fde12d
Add support and templates for aarch64 targets
2022-02-10 10:49:02 -06:00
e18492a88a
Update modules/exploits/linux/http/nagios_xi_autodiscovery_webshell.rb
...
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com >
2022-02-09 15:35:38 -05:00
0a78dd78ec
Used suggested method for defining user webshell, used suggested depth configuration, and used vars_get in a couple of places
2022-02-08 18:20:03 -08:00
d1ba43e4c8
Remove hard-coded values
2022-02-08 16:00:20 -06:00
65ebeafacc
Use the supplied directory
2022-02-08 16:00:19 -06:00
c44fb6a9d3
ugly but working no-gcc module
2022-02-08 16:00:19 -06:00
bed067dda0
Land #16125 , add ARCH_CMD for GXV3140 support
2022-02-08 12:24:42 -06:00
0fcc7e7733
Fixed spelling errors in descriptions
2022-02-06 02:55:17 -08:00
2e0915fbd4
Fix the Claroty team name
2022-02-06 02:47:43 -08:00
9758251278
Initial commit of CVE-2021-37343
2022-02-05 18:21:18 -08:00
30b8e2196b
payload_file spaces
...
Thank you bcoles
Co-authored-by: bcoles <bcoles@gmail.com >
2022-02-02 21:30:13 +04:00
274b954c58
Land #16123 , fix reference URL in cisco_ucs_rce
2022-02-01 17:06:59 -05:00
06fb748402
Add the missing full disclosure URL reference
2022-02-01 17:06:37 -05:00
837fdf7c5e
Land #16128 , add cisco rv unauth rce
2022-02-01 10:34:57 -06:00
ccedcfefab
Added exploit for CVE-2021-1472/CVE-2021-1473
2022-01-29 18:56:53 -08:00
feebf25ad4
Add support for GXV3140 models and ARCH_CMD busybox telnetd payload
2022-01-29 19:38:57 +00:00
a4fcddca8e
Rename to grandstream_gxv31xx_settimezone_unauth_cmd_exec
2022-01-29 19:24:09 +00:00
70d4013610
fix faulty URL ref #16078 removed faulty url
...
fix faulty URL ref #16078 , i searched for FULL_DISC tool in Cisco but i cant find anything related to this so i removed it. if that is meant by the issue.
2022-01-29 22:33:33 +05:30
ad190fe80f
Spaces at EOL
2022-01-27 12:51:36 +04:00
4828bc58e6
Spaces at EOL and Date
2022-01-27 12:43:41 +04:00
dbca5eeb07
Some linting
2022-01-27 12:32:33 +04:00
4c0340b26c
cve_2021_4034_pwnkit_lpe_pkexec
2022-01-26 23:05:36 +04:00
adfoster-r7