William Vu
d29532d4c4
Add VMware vCenter Server CVE-2021-21985 exploit
2021-07-12 13:07:05 -05:00
Spencer McIntyre
32eab49428
Fix a typo in the module description
2021-07-12 12:20:37 -04:00
Spencer McIntyre
a3dd916949
Restore the original stub data for FAULT
2021-07-12 11:27:26 -04:00
Metasploit
72eb22f55d
automatic module_metadata_base.json update
2021-07-12 09:42:02 -05:00
Spencer McIntyre
915e5f47fb
Land #15417 , Fix #15254 , set dynamic cached size on powershell payloads
2021-07-12 10:34:25 -04:00
Spencer McIntyre
beb39ae5bc
Mark another Powershell payload as dynamic
2021-07-12 10:06:56 -04:00
Spencer McIntyre
a23ef5ec5d
Set dynamic cached size on reverse powershell
2021-07-12 09:22:59 -04:00
Yann Castel
4d016a3521
correct CVE id
2021-07-12 14:35:47 +02:00
Hakyac
d26d9f50fa
Update wordpress_plugin_backup_guard_rce.md
2021-07-12 14:29:35 +02:00
Hakyac
ba69294967
Update wp_plugin_sp_project_document_rce.md
2021-07-12 14:28:35 +02:00
Yann Castel
6934ec7d18
initial commit
2021-07-12 14:25:38 +02:00
Tim W
6300518e19
Fix #15254 , set dynamic cached size on powershell payloads
2021-07-12 12:55:24 +01:00
Metasploit
5c7d282070
automatic module_metadata_base.json update
2021-07-12 06:28:12 -05:00
Tim W
39455827aa
Land #15254 , use obfuscated powershell protection bypasses
2021-07-12 12:20:17 +01:00
Yann Castel
f886ff0a22
now using Metasploit's Wordpress lib
2021-07-12 11:00:43 +02:00
Yann Castel
5cd32cdb36
add references + worpress website check
2021-07-12 10:46:58 +02:00
Yann Castel
20a8aac286
now using Metasploit's Wordpress lib
2021-07-12 10:10:34 +02:00
Metasploit
0226be575c
automatic module_metadata_base.json update
2021-07-09 17:09:37 -05:00
Grant Willcox
02ecc22751
Land #15386 , Add module for CVE-2021-35464; pre-auth RCE in ForgeRock AM (and OpenAM) server
2021-07-09 17:01:25 -05:00
Grant Willcox
5c8aa9b802
Add in ForgeRock demonstration and fix up some last minor issues with the documentation to make it more accurate
2021-07-09 16:43:25 -05:00
Spencer McIntyre
fba838f4e8
Update docs, pin version and fix the check method
2021-07-09 16:39:58 -04:00
Spencer McIntyre
9e61bf5752
Update the rex-powershell gem and unit tests
2021-07-09 15:35:37 -04:00
Spencer McIntyre
8e98abe867
Fix DCERPC's read method for fragments
...
The DCERPC's read method would only read one fragment of data which
caused the response to be corrupted when the data wouldn't fit into
a single fragment.
2021-07-09 13:48:35 -04:00
Grant Willcox
89b36bd1b8
Fix a small error in the logic so that we check the response body vs the response itself as per wvu's comment
2021-07-09 12:26:57 -05:00
Spencer McIntyre
e155bb64cd
Improved check method for PrintNightmare
2021-07-09 12:15:39 -04:00
Metasploit
10ab956c3f
automatic module_metadata_base.json update
2021-07-09 09:07:13 -05:00
Christophe De La Fuente
a5117119ee
Land #15154 , process memory dump post module
2021-07-09 15:49:47 +02:00
Christophe De La Fuente
8b4bce35ca
Fix issues from rubocop and msftidy_docs.rb
2021-07-09 15:47:11 +02:00
Christophe De La Fuente
5a71e7b0ee
Merge remote-tracking branch 'upstream/pr/15154' into HEAD
2021-07-09 15:32:04 +02:00
Metasploit
f09fb52685
automatic module_metadata_base.json update
2021-07-09 06:30:52 -05:00
adfoster-r7
f189724174
Land #15217 , Combine eternalblue modules
2021-07-09 12:23:34 +01:00
dwelch-r7
6817d0a0ee
Land #15382 , Add tests for aux and exploit cmd_check and cmd_run
2021-07-09 11:03:12 +01:00
Yann Castel
d9233b9d98
typo 2
2021-07-09 11:54:25 +02:00
Yann Castel
3f2d7cda10
typo
2021-07-09 11:51:52 +02:00
Yann Castel
920b88a2bd
initial commit
2021-07-09 11:49:53 +02:00
Stephen Bradshaw
edf99d06d2
Update modules/auxiliary/scanner/ssh/ssh_login_pubkey.rb
...
Suggested change
Co-authored-by: dwelch-r7 <Dean_Welch@rapid7.com>
2021-07-09 13:27:15 +10:00
wvu
aefd2cfd38
Fix CVE references
2021-07-08 22:21:28 -05:00
Metasploit
57fa188b10
automatic module_metadata_base.json update
2021-07-08 22:15:25 -05:00
William Vu
5447f09d2f
Land #15407 , backported module print changes
2021-07-08 22:06:40 -05:00
William Vu
6fbaecf919
Backport print changes to recent modules
2021-07-08 21:26:35 -05:00
William Vu
25ff7dbc3e
Land #15405 , Gemfile.lock update
2021-07-08 19:07:58 -05:00
William Vu
bc2776a55d
Update Gemfile.lock
2021-07-08 18:47:04 -05:00
Metasploit
93b5fbeb17
automatic module_metadata_base.json update
2021-07-08 17:05:22 -05:00
Grant Willcox
55f7bfe11d
Land #15368 , Polkit D-Bus Authentication Bypass and Privilege Escalation (CVE-2021-3560)
2021-07-08 16:56:31 -05:00
Grant Willcox
570ba091f6
Update some typos in the documentation and also update the exploit module to handle various cases whereby the dbus-send command might end up timing out due to TIMEOUT being too low and to fix some final issues found during testing
2021-07-08 16:24:01 -05:00
Grant Willcox
9f88ef0954
Fix up review comments
2021-07-08 16:22:29 -05:00
Jack Heysel
54ee8f7ae7
Added cmd_delay nil check, updated title
2021-07-08 16:20:45 -05:00
Jack Heysel
0f67dd5212
Fixed get_cmd_delay, reponded to comments
2021-07-08 16:20:38 -05:00
Jack Heysel
9a07039e7e
Updated docs
2021-07-08 16:09:15 -05:00
Jack Heysel
fdbf669da2
Fixed check for /bin/su
2021-07-08 16:09:12 -05:00