Brent Cook
c8755a3a7a
add pre-flight checks, log a lot more info
2017-06-24 12:32:15 -05:00
h00die
cc9326d946
bcoles updates and table printing
2017-06-24 13:01:39 -04:00
Brent Cook
8f3c470bb3
make usage more intuitive, remove weird defaults
2017-06-24 11:52:52 -05:00
NickTyrer
655358cdf1
added missing newline in cleanup method
2017-06-23 17:58:11 +01:00
NickTyrer
916a4da182
fixed cleanup method to include all cleanup options
2017-06-23 17:38:48 +01:00
NickTyrer
412ea9432d
removed whitespace
2017-06-23 17:17:07 +01:00
NickTyrer
e7d6d5350f
added WAITFOR persistence method
2017-06-23 17:05:39 +01:00
OJ
5588d0f7b2
Update payload cached sizes
2017-06-23 13:45:04 +10:00
Brent Cook
fda2e8c73d
Land #8523 , Add support for session GUIDs
2017-06-22 20:10:10 -05:00
dmohanty-r7
18410d8230
Land #8540 , Add Symantec Messaging Gateway RCE
2017-06-22 19:00:32 -05:00
Brent Cook
24c43b1822
reregister rhost
2017-06-22 18:33:19 -05:00
Brent Cook
ca813e7a5c
fix message formatting
2017-06-22 18:21:33 -05:00
Brent Cook
823260cc04
fix error message
2017-06-22 18:11:07 -05:00
Brent Cook
3cf722a45d
use correct preqrequisites
2017-06-22 18:08:20 -05:00
Brent Cook
5e48a11e60
handle specific exceptions, update docs
2017-06-22 18:01:52 -05:00
Brent Cook
6a261b172f
move from scanner to admin
2017-06-22 17:47:04 -05:00
Brent Cook
125d14f81e
simplify module, add AAAA support
2017-06-22 17:44:55 -05:00
KINGSABRI
b618e5ca6f
Add more exception handling, fix tidy rules
2017-06-22 15:55:04 -05:00
KINGSABRI
ce124e6090
Add CNAME record
2017-06-22 15:55:04 -05:00
KINGSABRI
5528084e27
add Dnsruby
2017-06-22 15:55:04 -05:00
KINGSABRI
2410a3232f
Adding DNS Server Dynamic Update Record Injection module
2017-06-22 15:41:25 -05:00
Brent Cook
4fdd77f19a
Land #8051 , Add Netgear DGN2200v1/v2/v3/v4 Command Injection Module
2017-06-22 11:46:40 -05:00
Brent Cook
a4e8cdfa6e
msftidy fixes
2017-06-22 11:44:40 -05:00
William Webb
02e4edc4cb
Land #8579 , Easy File Sharing HTTP Server 7.2 - Post Overflow exploit
2017-06-22 10:56:41 -05:00
William Webb
47a659f554
Land #8185 , Convert ntp modules to bindata
2017-06-22 09:37:58 -05:00
Jin Qian
b51fc0a34e
Land #8489 , more httpClient modules use store_valid_credential
2017-06-21 17:18:34 -05:00
Jeffrey Martin
99fb905bbd
fix typo
2017-06-21 16:52:09 -05:00
William Vu
ceba4e6d61
Add pointer to CDX API
2017-06-21 12:34:40 -05:00
William Vu
c12056d242
Fix enum_wayback using CDX API
2017-06-21 12:29:15 -05:00
NickTyrer
24404ae40f
added heredoc to tidy formatting
...
changed USER persistence method to EVENT to better describe technique
removed "auditpol.exe /set /subcategory:Logon /failure:Enable" command from subscription_event method to be more opsec safe
added CUSTOM_PS_COMMAND advanced option
updated description to reflect changes
2017-06-21 18:15:13 +01:00
Pearce Barry
24d9bec0ae
Land #8260 , OpManager Version Check
2017-06-20 17:58:10 -05:00
Pearce Barry
241786e71f
Update description with tested versions.
2017-06-20 15:32:08 -05:00
Pearce Barry
14f0409c6c
Missing regex '+', readding so we get full API key.
2017-06-20 15:28:15 -05:00
Pearce Barry
b02719e795
Attempt to appease Travis...
2017-06-20 11:36:08 -05:00
Mzack9999
c7a55ef92f
Added exploit documentation
2017-06-20 09:03:40 +02:00
Pearce Barry
3cd28b28e2
Land #8569 , Add ability to specify API token instead of password
2017-06-19 17:42:35 -05:00
Pearce Barry
58cd432120
Added docs, minor code tweak to remove duplication.
2017-06-19 17:35:41 -05:00
David Maloney
722d9a278c
Land #8580 , cachedump iteration count fix
...
lands rogdham's fixes for the ms cache dump post module
2017-06-19 14:04:07 -05:00
David Maloney
27469f8fac
Land #8582 , Rogdham Hashdump fixes
...
Land's Rogdham's fixes to the Hashdump post module
to support Windows 10!
2017-06-19 13:40:40 -05:00
David Maloney
6d38dffbe1
convert conditionals to case statements
...
just a little tidying up by using case statements
2017-06-19 13:40:00 -05:00
NickTyrer
681f9f37a6
updated check if powershell is available
2017-06-19 08:35:57 +01:00
NickTyrer
096469a8ec
added PROCESS persistence method
2017-06-18 20:42:07 +01:00
Rogdham
a01796d114
Make hashdump module work on Windows 10, fix #7936
2017-06-18 16:35:17 +02:00
Tim
03116d7933
Land #8543 , add error handling to ARM linux reverse tcp stager
2017-06-18 15:38:16 +08:00
mccurls
8c23769cbc
Updated module to use an instance variable for using HTTP session tokens across functions.
2017-06-18 12:59:34 +10:00
Mzack9999
7fb36edd50
corrected msftidy warnings
2017-06-17 22:58:47 +02:00
Mzack9999
31a5cc94b2
Easy File Sharing HTTP Server 7.2 - Post Overflow exploit
2017-06-17 22:35:21 +02:00
Rogdham
75fab600c5
Add iteration count to cachedump module, fix #8560
2017-06-17 22:23:41 +02:00
mccurls
19ceb53304
Modified payload handling and uploaded documentation
2017-06-18 02:04:22 +10:00
NickTyrer
6096e373cc
removed whitespace
2017-06-17 10:44:30 +01:00
NickTyrer
85173f36f7
moved exploit method moved to top
...
added logon persistence option
fixed typo
cleaned up formatting
2017-06-17 10:30:38 +01:00
Rogdham
86f5f3f002
Fix AES key length in cachedump module, fix #8525
2017-06-17 11:20:29 +02:00
Brendan Coles
b82051757d
Add SurgeNews User Credentials scanner module
2017-06-17 01:49:47 +00:00
h00die
c9e000e379
add new version
2017-06-16 20:59:19 -04:00
mccurls
07051d1f00
Removed whitespace
2017-06-17 09:59:46 +10:00
mccurls
8eb59eac3f
Stuffed up regex.. left some random $ characters floating around and have now removed them.
2017-06-17 08:03:09 +10:00
mccurls
6363a319d2
Fixed Typo
2017-06-17 07:32:17 +10:00
mccurls
b34bf76fea
Adding GoAutoDial RCE module
2017-06-17 07:22:41 +10:00
William Webb
652e237131
add missing .to_binary_s calls
2017-06-16 13:39:04 -05:00
h00die
f008f2aa8f
working code
2017-06-16 08:24:54 -04:00
thesubtlety
49d998f7d9
catch invalid tokens
2017-06-15 21:45:29 -04:00
Brent Cook
53253bfa37
Land #8558 , Fix AMT scanner when parsing mangled HTML
2017-06-15 20:42:33 -05:00
thesubtlety
f4ffade406
add ability to specify API token instead of password
2017-06-15 21:05:53 -04:00
William Vu
5f74da9023
Move php_preamble before $ipaddr and $port
...
php_preamble contains a <?php tag now, so we need to move it to the top.
2017-06-15 19:50:57 -05:00
OJ
c634931f0d
Updated payload cached size after the python3 fix
2017-06-16 09:05:31 +10:00
Tim
9cf9d22bae
fix mmap return cmp
2017-06-16 06:26:40 +08:00
Pearce Barry
9d57197736
Land #8551 , Update processmaker_exec module with workspace support
2017-06-15 17:12:35 -05:00
Tod Beardsley
49383f8f3a
Update and fix grammar to the CryptoLog module
...
After talking to the vendor, it appears that the PHP version of CryptoLog has been EOL'ed since 2009. It has since been replaced with an ASP.NET version, which, obviously, is no longer vulnerable to these PHP exposures.
2017-06-15 13:00:44 -05:00
William Vu
549f9e74d8
Fix AMT scanner for mangled HTML (no </p>)
...
Also stores proof using the correct :info for report_vuln (not :proof).
2017-06-14 16:54:32 -05:00
Mehmet Ince
c147779097
Add CVE number to the symantec-messaging-gateway-exec module
2017-06-14 23:07:58 +03:00
James Lee
c1372456e2
Land #8326 , support LLMNR ANY responses
2017-06-14 14:01:44 -05:00
James Lee
55f0edb732
Land #8491 , fixes for service_persistence
2017-06-13 17:17:53 -05:00
Brendan Coles
0766f92013
Add option for workspace
2017-06-13 12:46:36 +00:00
Jeffrey Martin
cbbb57d1a5
Land #8526 , Refactor QNAP and airOS modules for creds
2017-06-12 14:46:11 -05:00
William Vu
a40e7164d8
Refactor QNAP module for traditional creds
2017-06-12 14:41:58 -05:00
William Vu
bb9d1a6768
Land #8507 , Riverbed SteelHead VCX file read
2017-06-12 10:39:48 -05:00
Pearce Barry
704a1218fa
Land #8498 , store more specific credential wordpress_directory_traversal_dos
2017-06-12 10:13:52 -05:00
Pearce Barry
80e91e9de2
Minor fixups.
2017-06-12 09:51:30 -05:00
tkmru
93c4b3fffc
update CacheSize
2017-06-12 01:39:13 +09:00
tkmru
1862900aae
add error handling
2017-06-12 01:36:13 +09:00
tkmru
17d7bb0c64
add label and regster value to comment
2017-06-11 20:38:47 +09:00
h00die
a349eb9a0d
fixes per peer review
2017-06-10 14:29:53 -04:00
Mehmet Ince
6ae540d889
Adding Symantec messaging gateway rce
2017-06-10 12:23:12 +03:00
OJ
c4288fb35a
Update branch to include chances from upstream/master
2017-06-09 17:18:57 +10:00
OJ
a3f3dc0a70
Upload payloads/mettle gems, update cache sizes
...
Updated both the metasploit-payload and metasploit-payload-mettle gems
to the versions that match for the session GUID pull requests. Updated
the payload cached sizes to match the new payloads.
2017-06-09 17:15:52 +10:00
Stephen Shkardoon (ss23)
a968a74ae0
Update ms17_010_eternalblue description and ranking.
...
The module has been noted to cause crashes, reboots, BSOD, etc, on
some systems.
2017-06-09 11:01:48 +12:00
Brent Cook
aa00661fd0
Land #8518 , update CVE references where modules report_vuln
2017-06-08 13:38:12 -05:00
William Vu
3e20296cf5
Add service_details for SSH
2017-06-08 13:28:29 -05:00
William Vu
e22334343e
Use store_valid_credential in my modules
...
I used report_note because using the creds API was a pain in the ass.
2017-06-08 00:57:51 -05:00
OJ
eef82a501d
Add support for session GUIDs in mettle
2017-06-08 11:20:48 +10:00
bwatters-r7
99fa52e660
Land #8434 , Add Windows 10 Bypassuac fodhelper module
2017-06-07 11:15:01 -05:00
Spencer McIntyre
834e0eba95
Land #8340 , add exception handling for rev_tcp_ssl
2017-06-06 19:09:15 -04:00
Anderson
d641058f75
Added module to exploit ActiveMQ CVE-2016-3088
2017-06-06 11:33:42 -07:00
Jeffrey Martin
b932aae82e
reference typo fix
2017-06-06 11:50:07 -05:00
Brent Cook
bac17a8e80
Land #8053 , Add DC/OS Marathon UI Exploit
2017-06-06 09:29:26 -05:00
NickTyrer
09e4974b99
removed whitespace at end of lines
2017-06-06 14:44:37 +01:00
NickTyrer
1831056010
updated disclosure date
2017-06-06 14:32:19 +01:00
Brent Cook
3ded57e1cd
Land #8516 , add verbose debug to ntds dumper
2017-06-06 07:26:54 -05:00
Brent Cook
0830e4aaa5
Land #8503 , Linux x86 reverse_tcp error handling
2017-06-06 06:36:55 -05:00
OJ
37b9cd07a2
Add support for the session GUID in the UI
...
The Session GUID will identify active sessions, and is the beginning of
work that will allow for tracking of sessions that have come back alive
after failing or switching transports.
2017-06-06 17:15:57 +10:00