Christophe De La Fuente
9c6a198453
Land #16796 , Path traversal vulnerability in RARLAB UnRAR < 6.12 with Zimbra RCE module
2022-08-04 19:44:57 +02:00
Metasploit
a858c15b47
Bump version of framework to 6.2.12
2022-08-04 12:05:15 -05:00
Metasploit
abb40ea4d6
automatic module_metadata_base.json update
2022-08-04 11:39:27 -05:00
Jack Heysel
4cedbadbf9
Land #16820 , fix default action err in ldap_query
...
If the user does not set a default action the ldap_query
module will now select a default action instead of erroring
2022-08-04 12:17:22 -04:00
Metasploit
11fcbb3509
automatic module_metadata_base.json update
2022-08-04 11:06:09 -05:00
Spencer McIntyre
c244399f1f
Land #16857 , Add auxiliary gather module for Cisco PVC2300 camera information disclosure
2022-08-04 11:46:07 -04:00
Spencer McIntyre
f87482351c
Add missing return statements in the check method
2022-08-04 11:45:36 -04:00
Ron Bowes
d8faa4dd37
Fix a blank line that I thought I'd fixed
2022-08-04 08:24:32 -07:00
Ron Bowes
26eee72512
Only print_status once, so it doesn't make a mess in the background
2022-08-04 08:02:28 -07:00
ErikWynter
0bb14d084f
add extra check, fix typo
2022-08-04 17:27:04 +03:00
ErikWynter
af712d4a89
add docs, fix typo in module description
2022-08-04 16:58:39 +03:00
Ron Bowes
2ec25fc3e5
Add a timeout to the reverse FTP connection
2022-08-03 15:17:02 -07:00
Metasploit
8febcd1b13
automatic module_metadata_base.json update
2022-08-03 17:11:28 -05:00
Ron Bowes
a314423e81
Some changes requested by @cdelafuente-r7
2022-08-03 14:51:51 -07:00
bwatters
163d4d5b11
Land #16854 , Add CVE-2022-31660 VMware Workspace ONE Access LPE
...
Merge branch 'land-16854' into upstream-master
2022-08-03 16:50:12 -05:00
Spencer McIntyre
0b9e1bbbb3
Fix "can not" to "cannot"
2022-08-03 17:45:06 -04:00
Metasploit
2e13902fd0
automatic module_metadata_base.json update
2022-08-03 13:07:59 -05:00
Christophe De La Fuente
fd2b325e44
Land #16788 , SCADA scanner module for BACnet protocol
2022-08-03 19:46:03 +02:00
Metasploit
937f3b13b0
automatic module_metadata_base.json update
2022-08-03 12:36:40 -05:00
Spencer McIntyre
b42c26b1e1
Land #16858 , Update zerologon error handling
2022-08-03 13:15:27 -04:00
ErikWynter
a95d239a88
cisco_pvc only report on creds when we have them
2022-08-03 19:10:28 +03:00
Jack Heysel
2433cccde5
Land #16840 , updates read_profile_list
...
This removes some Meterpreter-only method calls, which
allows non-Meterpreter sessions to use read_profile_list
and load_missing_hives. This also changes read_profile_list
to be able to read profile information for all accounts.
2022-08-03 11:46:44 -04:00
ErikWynter
75c6e80d68
add check method
2022-08-03 17:57:27 +03:00
adfoster-r7
f65119b353
Support OpenSSL3 and run Ubuntu 22.04 in test matrix
2022-08-03 15:49:53 +01:00
adfoster-r7
8253e99c11
Update zerologon error handling to output invalid computer name details
2022-08-03 15:32:38 +01:00
ErikWynter
7489b23336
add saving creds to the db
2022-08-03 17:27:53 +03:00
ErikWynter
e0514a5bf9
add cisco pvc2300 auxiliary module
2022-08-03 16:38:09 +03:00
krastanoel
36e542e2e1
Fix check code message typo
2022-08-03 19:21:42 +07:00
Christophe De La Fuente
449a7b71d5
Add module exploit and docs for the Webmin package updates RCE
2022-08-03 12:01:41 +02:00
Metasploit
6c2cf58803
automatic module_metadata_base.json update
2022-08-02 17:05:45 -05:00
bwatters
fff435fcef
Land #16842 , Remove scripts/meterpreter/enum_powershell_env.rb
...
Merge branch 'land-16842' into upstream-master
2022-08-02 16:40:27 -05:00
bwatters
a54d2402dc
Land #16844 , Cleanup and support non-Meterpreter sessions
...
Merge branch 'land-16844' into upstream-master
2022-08-02 16:30:42 -05:00
Spencer McIntyre
cd81ced5cb
Land #16822 , Fix msfrpcd console read failures
2022-08-02 17:29:25 -04:00
Jack Heysel
82182f7815
Land #16852 , Zoho PMP XML-RPC Unauth RCE module
...
Add in exploit module for CVE-2022-35405 aka Zoho
Password Manager Pro XML-RPC Unauthenticated RCE
2022-08-02 17:18:28 -04:00
Spencer McIntyre
8ed4293e9c
Add module docs for CVE-2022-31660
2022-08-02 16:42:08 -04:00
Grant Willcox
6d45320c0c
Update exploit title/name
2022-08-02 14:27:27 -05:00
Grant Willcox
ada3be8f7b
Update options section in documentation
2022-08-02 14:13:25 -05:00
Jack Heysel
4f5c711dc7
Land #16833 , Add easier way to delete host tags
...
This PR adds an easier way to delete host tags from
the metasploit-framework and updates documentation accordingly
2022-08-02 14:02:54 -04:00
Metasploit
3cd39d528c
automatic module_metadata_base.json update
2022-08-02 12:47:06 -05:00
Spencer McIntyre
a0058c03b7
Land #16837 , MobileIron Core Log4Shell RCE Module
2022-08-02 13:25:52 -04:00
Grant Willcox
f0e62de46a
Add CVE-2022-35405 docs and module
2022-08-02 11:57:56 -05:00
krastanoel
9a4a590b27
Add Cassandra Web file read auxiliary module
2022-08-02 23:40:40 +07:00
Spencer McIntyre
207862a810
Update module metadata now that it's disclosed
2022-08-02 12:13:34 -04:00
Spencer McIntyre
ef8fe215e1
Finish up an exploit for the first bug
2022-08-02 12:13:28 -04:00
bwatters
d71350dfe6
Remove superfluous code and add extra check
2022-08-02 11:04:13 -05:00
Metasploit
0602bc0aac
automatic module_metadata_base.json update
2022-08-02 10:15:57 -05:00
Jack Heysel
4085efa778
Land #16832 , remove echo statement from ms10_092
...
This PR removes the SCHELEVATOR echo statement from
the exec_schtasks method as its not needed anymore
2022-08-02 10:51:41 -04:00
Ron Bowes
d86e666e18
Change Platform to 'win'
2022-08-01 15:37:58 -07:00
adfoster-r7
6ac0a7c48f
Land #16848 , add safe navigation to ensure fs access valid
2022-08-01 21:46:05 +01:00
Jeffrey Martin
7277483022
add safe navigation to ensure fs access valid
2022-08-01 14:33:02 -05:00