Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update/sharepoint ssi viewstate by adding cookie option #14361

Merged
merged 5 commits into from
Nov 18, 2020
Merged

Update/sharepoint ssi viewstate by adding cookie option #14361

merged 5 commits into from
Nov 18, 2020

Conversation

chmod750
Copy link
Contributor

@chmod750 chmod750 commented Nov 6, 2020
edited by wvu
Loading

Add cookie header as an option.
This can be used when authentication is performed trough an HTTP form for example.

Verification

  • Start msfconsole
  • use exploit/windows/http/sharepoint_ssi_viewstate
  • set Cookie ''
  • Verify Configure other inputs function of the target and run the exploit. The exploit shall work properly using added inputs.

Updates #14265.

@wvu wvu mentioned this pull request Nov 6, 2020
Closed
4 tasks
@wvu wvu self-assigned this Nov 6, 2020
chmod750 and others added 2 commits November 6, 2020 23:20
@chmod750 @wvu-r7
Update modules/exploits/windows/http/sharepoint_ssi_viewstate.rb
7a968fc 
CamelCase update

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>
@chmod750 @wvu-r7
Update modules/exploits/windows/http/sharepoint_ssi_viewstate.rb
5ec0556 
CamelCase update

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>
@chmod750
Copy link
Contributor Author

chmod750 commented Nov 6, 2020

Thanks for your time and advices!
That's should be fine by now ;)

@wvu
Copy link
Contributor

wvu commented Nov 6, 2020

Yep, looks good now. I'll handle the doc changes, since I wrote them. Thanks!

@wvu wvu merged commit d3f16c7 into rapid7:master Nov 18, 2020
@wvu
Copy link
Contributor

wvu commented Nov 18, 2020
edited by pbarry-r7
Loading

Release Notes

Added a COOKIE option to the exploit/windows/http/sharepoint_ssi_viewstate module, primarily useful when SharePoint is authenticated through a web form.

@pbarry-r7 pbarry-r7 added the rn-enhancement release notes enhancement label Nov 20, 2020
@zeroSteiner zeroSteiner mentioned this pull request Jun 14, 2021
Merged
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@wvu wvu wvu left review comments

Assignees

@wvu wvu

Labels
enhancement module rn-enhancement release notes enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@chmod750 @wvu @pbarry-r7 @smcintyre-r7