e4ce1c53dd
Fix reference URL link
2022-06-22 15:49:43 -05:00
3f06e237b7
Correctly format the notes sections
2022-06-10 14:01:57 +01:00
133b9e307a
Land #16563 , Zyxel Firewall Unauthenticated Command Injection (CVE-2022-30525)
2022-05-13 18:55:30 -05:00
2eb31cf765
Add in edits from review
2022-05-13 15:32:12 -05:00
6a1fe27406
Land #16442 , add vars_form_data to the HTTP client
2022-05-13 10:53:16 +01:00
23f8a0b915
Added Zyxel advisory. Added AKB reference. Used xpath as requested.
2022-05-12 07:17:37 -07:00
f3b23c072f
Added a reference to Rapid7 disclosure
2022-05-12 06:33:27 -07:00
24fa9aabe0
Fixed privilege flag. Swapped 'exploit' for 'command' in a couple of places
2022-05-12 06:24:33 -07:00
4af93ecfe2
Updated affected
2022-05-12 03:22:21 -07:00
617b4ae044
Initial commit of Zyxel unauth command injection (CVE=2022-30525)
2022-05-12 01:43:59 -07:00
93334b56ef
Properly credit Azeria and also include blog post at her request
2022-05-11 18:43:27 -05:00
8dbd6f3334
Change default target to 1 so we get benefit of avoiding some timeout issues since Unix Command may still cause server's REST API to time out at times.
2022-05-11 16:43:37 -05:00
196aac6b42
Add in PrependFork and MeterpreterTryToFork options as default to fix timeout issues and potential failure cases due to server not responding
2022-05-11 16:43:36 -05:00
27169c4ae1
Add in missing CmdStager library, add some more attribution, and add in PoC link
2022-05-11 16:43:36 -05:00
6354d7a055
Redo explanation of exploit in documentation to appropriately account for various nuances. Also update exploit title and description accordingly.
2022-05-11 16:43:36 -05:00
1bc2616c19
Update modules/exploits/linux/http/f5_icontrol_rce.rb
...
Co-authored-by: wvu <4551878+wvu@users.noreply.github.com >
2022-05-11 16:43:13 -05:00
208367d735
Improved check method reliability
...
Extra modifications:
- Promote advanced options HttpUsername and HttpPassword
- password is not really necessary, but if one have credential, can
use this module as an exec
- Fixed print statement on check
- Splitted execute_command in two, because we also send a command on the check
methods, however we don't need the checks that are in the execute_command
2022-05-11 16:43:12 -05:00
55163b86d6
Improvements
...
- Change module name and description
- Added author from the PoC
- Added reference
- Added payloads, targets and notes
- Removed headers used during the tests
2022-05-11 16:43:11 -05:00
77f60eb21e
Added module and documentation for f5 icontrol RCE (CVE-2022-1388)
2022-05-11 16:43:00 -05:00
1c934b87b4
Land #16169 , Add sploit for Cisco RV340 SSL VPN - CVE-2022-20699
2022-05-11 10:15:08 -05:00
68fdb103fe
Add in final touch ups to documentation to fix a typo or two for formatting. Also update exploit ranking since this exploit doesn't retrieve version information before exploiting and is not 100% reliable so Excellent ranking isn't appropriate
2022-05-11 09:39:47 -05:00
94e1ad3fe5
Update form data api defaults
2022-05-10 14:12:17 +01:00
4ad4ca32e8
Fix test alignment
2022-05-09 16:51:20 +01:00
2e59f17439
Rename files to form_data
2022-05-06 16:41:19 +01:00
481699ed8f
Land #16530 , PiHole module to not wait for sudo
...
Update PiHole pihole_remove_commands_lpe module
to no wait for sudo input
2022-05-04 14:57:29 -07:00
bc489fef91
Update PiHole module to not wait for sudo input
2022-05-04 17:24:43 +01:00
6532365dc8
Deregister VHOST
2022-05-03 11:52:50 -05:00
8c0cd40a19
Fix VMware Workspace ONE Access CVE-2022-22954
2022-05-03 10:39:58 -05:00
b2994aa8d8
Add words
2022-05-03 01:13:45 -05:00
9a980d068d
Link to freemarker.template.utility.Execute docs
2022-05-03 01:00:46 -05:00
612e3d6f13
Add another tested SSTI param
2022-05-03 00:30:12 -05:00
333681b6da
Add other tested SSTI URIs
2022-05-03 00:02:21 -05:00
a71ded0da8
Update PoC credit
2022-05-02 23:41:43 -05:00
fa09487ee1
Refactor code, once more with feeling
2022-05-02 22:27:52 -05:00
135a81ebc2
Refactor code
2022-05-02 21:53:17 -05:00
bf7d3e1c32
Add VMware Workspace ONE Access CVE-2022-22954
2022-05-02 18:51:46 -05:00
1b119a845c
Fixed handling of victim response
2022-04-26 12:34:45 -07:00
ec37ebc617
Update modules/exploits/linux/redis/redis_debian_sandbox_escape.rb
...
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com >
2022-04-26 14:43:03 -04:00
d20fd996bd
Fix spelling mistakes
2022-04-26 03:38:23 -07:00
71a4023c0d
Initial commit of Redis sandbox escape CVE-2022-0543
2022-04-26 03:32:11 -07:00
4ec4b89d00
Add upload of files to HttpClient & update a module to use it
2022-04-25 14:55:37 +01:00
e2c6c36b2b
Land #1642 , Add module for cve-2022-0995
2022-04-21 09:12:47 -05:00
9cba9576cd
Keep code reusable and fix some logical complexities
2022-04-21 07:44:40 -05:00
69b54c8448
Add in additional validation to check methods to address bcoles's comments and also to prevent issues with fail_with being used inside a check method
2022-04-20 19:50:08 -05:00
f33e3f45c1
RuboCop compliance for PacketStorm
2022-04-20 19:09:14 -05:00
78d4ac8592
Update module reliability and also fix issues from bcoles's review
2022-04-20 19:04:27 -05:00
26f9175816
Update c source with argc check and CRASH notes for module
2022-04-20 17:37:48 -05:00
d9a241defb
Fix overzealous source code edit and some version copy/pasta errors
2022-04-20 14:31:32 -05:00
4417a335ff
Land #16379 , Make SSH defaults widely used
...
Refactored a number of modules to use ssh_client_defaults
2022-04-19 22:08:45 -07:00
a756df5400
Add in missing RuboCop note sections
2022-04-19 16:40:57 -05:00
Grant Willcox