adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
35,863 Commits 27 Branches 1,043 Tags
065d042ec475a5c2d5eba190c5dfaffc8ea5bfb2
Commit Graph

18727 Commits

Author SHA1 Message Date
William Vu 129544c18b Land #6112, splat for ZPanel exploit 2015-10-21 13:07:51 -05:00
Boumediene Kaddour e188bce4c9 Update minishare_get_overflow.rb 2015-10-21 16:48:31 +02:00
wchen-r7 f06d7591d6 Add header for zpanel_information_disclosure_rce.rb 2015-10-20 16:19:44 -05:00
wchen-r7 70b005de7f Land #6041, Zpanel info disclosure exploit 2015-10-20 16:08:16 -05:00
wchen-r7 728fd17856 Make code changes for zpanel_information_disclosure_rce.rb 
Use Nokogiri and URI, as well as indent fixes and other things
 2015-10-20 16:07:02 -05:00
Brent Cook 0784370b98 more typo and whitespace fixes 2015-10-20 13:09:17 -05:00
Rob Fuller 2f1406e1c8 fix typo 
not sure how this got in there
 2015-10-20 13:48:00 -04:00
William Vu 88159edf9f Fix double raise in vnc_none_auth 
Not necessary for what it's trying to accomplish, being a scanner.
 2015-10-19 18:22:06 -05:00
wchen-r7 c399d7e381 Land #5959, Add Nibbleblog File Upload Vuln 2015-10-16 15:30:13 -05:00
wchen-r7 9666660c06 Enforce check and add another error message 2015-10-16 15:29:12 -05:00
Brent Cook 20366993e3 Land #5937, use the Android mixin to get the Android version 2015-10-16 14:23:27 -05:00
wchen-r7 896099b297 Land #6082, Directory Traversal for Elasticsearch 2015-10-16 11:00:27 -05:00
wchen-r7 e59a4e36b7 Fix check 2015-10-16 10:59:04 -05:00
Roberto Soares 41e9f8a91b Some code changes from Roberto 2015-10-16 10:47:19 -05:00
William Vu f14776ab63 Land #6092, refs for arkeia_agent_exec 2015-10-15 22:50:57 -05:00
William Vu 8cb6cc57b5 Land #6094, refs for another ManageEngine module 2015-10-15 22:49:05 -05:00
William Vu 86dfbf23e8 Fix whitespace 2015-10-15 22:48:53 -05:00
xistence 018b515150 Add CVE/URL references to manageengine_eventlog_analyzer_rce 2015-10-16 10:41:39 +07:00
xistence b1f2e40b98 Add CVE/URL references to module manage_engine_opmanager_rce 2015-10-16 10:36:13 +07:00
xistence 6a1553ae63 Add EDB/CVE/URL references to arkeia_agent_exec 2015-10-16 10:23:20 +07:00
jvazquez-r7 db5d83a40a Move namespaces 2015-10-15 09:17:06 -05:00
William Vu bf9530d5ba Land #5941, X11 keyboard exec module 2015-10-14 11:38:47 -05:00
Brent Cook 30d2a3f2a9 Land #5999, teach PSH web delivery to use a proxy 2015-10-14 11:05:45 -05:00
William Vu c1b6de90a0 Land #6083, autofilter fixes for aggro modules 2015-10-14 00:14:20 -05:00
William Vu 2a2d8d941d Land #6054, HTTP Host header injection module 2015-10-13 23:37:31 -05:00
HD Moore d67b55d195 Fix autofilter values for aggressive modules 2015-10-13 15:56:18 -07:00
jaguasch d933962ff9 Last fix, including espreto minor changes 2015-10-13 18:41:51 +01:00
William Vu c642057fa0 Clean up module 2015-10-13 12:03:41 -05:00
jaguasch 772f9d8742 Changes based on espreto recommendations 2015-10-13 16:06:26 +01:00
jaguasch 7790f14af2 Auxiliary module to exploit CVE-2015-5531 (Directory traversal) in Elasticsearch before 1.6.1 2015-10-13 13:05:58 +01:00
William Vu a4f0666fea Land #6081, DLink -> D-Link 2015-10-12 18:05:52 -05:00
Tod Beardsley 185e947ce5 Spell 'D-Link' correctly 2015-10-12 17:12:01 -05:00
Tod Beardsley 336c56bb8d Note the CAPTCHA exploit is good on 1.12. 2015-10-12 17:09:45 -05:00
HD Moore 6f3bd81b64 Enable 64-bit payloads for MSSQL modules 2015-10-11 12:52:46 -05:00
jvazquez-r7 ed0b9b0721 Land #6072, @hmoore-r7's lands Fix #6050 and moves RMI/JMX mixin namespace 2015-10-10 00:24:12 -05:00
jvazquez-r7 b9b488c109 Deleted unused exception handling 2015-10-09 23:38:52 -05:00
jvazquez-r7 c60fa496c7 Delete extra spaces 2015-10-09 23:37:11 -05:00
jvazquez-r7 e6fbca716c Readd comment 2015-10-09 23:29:23 -05:00
jvazquez-r7 af445ee411 Re apply a couple of fixes 2015-10-09 23:24:51 -05:00
HD Moore a590b80211 Update autoregister_ports, try both addresses for the MBean 2015-10-09 20:20:35 -07:00
HD Moore 2b94b70365 Always connect to RHOST regardless of JMXRMI address 2015-10-09 17:49:22 -07:00
HD Moore cd2e9d4232 Move Msf::Java to the normal Msf::Exploit::Remote namespace 2015-10-09 13:24:34 -07:00
Tod Beardsley 94bb94d33a Working URL for real 2015-10-09 15:07:44 -05:00
Tod Beardsley b04f947272 Fix blog post date, derp 2015-10-09 14:59:57 -05:00
Tod Beardsley 55ef6ebe91 HP SiteScope vuln, R7-2015-17 
On behalf of @l0gan, already reviewed once by @jvazquez-r7, reviewed
again by me.

For details, see:

https://community.rapid7.com/community/metasploit/blog/2017/10/09/r7-2015-17-hp-sitescope-dns-tool-command-injection
 2015-10-09 14:55:48 -05:00
jvazquez-r7 5e9faad4dc Revert "Merge branch using Rex sockets as IO" 
This reverts commit c48246c91c, reversing
changes made to 3cd9dc4fde.
 2015-10-09 14:09:12 -05:00
jvazquez-r7 347495e2f5 Rescue Rex::StreamClosedError when there is a session 2015-10-09 13:41:41 -05:00
William Vu b95d5790f6 Improve output 2015-10-09 11:13:50 -05:00
William Vu 6d2a89e9a6 Be more descriptive about EOFError 
There are other modules that could be updated, surely.
 2015-10-09 11:05:17 -05:00
jvazquez-r7 5fab1cc71a Add loop timeout 2015-10-09 11:05:05 -05:00