adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
43,178 Commits 27 Branches 1,043 Tags
0ac19087cd6015e596fff45a4ca1bed65afcc8ef
Commit Graph

843 Commits

Author SHA1 Message Date
Pearce Barry e1576154fb Document the new padding option. 2017-08-06 18:34:56 -05:00
Brent Cook da3ca9eb90 update some documentation 2017-08-03 17:09:44 -05:00
Yorick Koster 67dddd2402 Typo reported by @nixawk 2017-08-02 15:47:21 -05:00
Yorick Koster 3229320ba9 Code review feedback from @nixawk 2017-08-02 15:46:51 -05:00
Yorick Koster 565a3355be CVE-2017-8464 LNK Remote Code Execution Vulnerability 
This module exploits a vulnerability in the handling of Windows
Shortcut files (.LNK) that contain a dynamic icon, loaded from a
malicious DLL.

This vulnerability is a variant of MS15-020 (CVE-2015-0096). The
created LNK file is similar except in an additional
SpecialFolderDataBlock is included. The folder ID set in this
SpecialFolderDataBlock is set to the Control Panel. This is enought to
bypass the CPL whitelist. This bypass can be used to trick Windows into
loading an arbitrary DLL file.
 2017-08-02 15:46:30 -05:00
Brent Cook 6300758c46 use https for metaploit.com links 2017-07-24 06:26:21 -07:00
Brent Cook 7c55cdc1c8 fix some module documentation 
3 modules got documentation landed in the wrong spot. This also fixes a few
typos and improves formatting.
 2017-07-23 07:46:52 -07:00
Pearce Barry 6bb745744b Land #8471, Add VICIdial user_authorization Unauthenticated Command Execution module 2017-07-21 15:57:08 -05:00
bwatters-r7 ffad0d1bbf Land #8559, Ipfire oinkcode exec 2017-07-19 14:31:18 -05:00
Jon Hart e93e524c3b Merge branch 'upstream-master' into feature/rdp-scanner 2017-07-17 13:46:59 -07:00
Jon Hart e5ef737c21 Add documentation 2017-07-17 13:45:12 -07:00
David Maloney 8f6cac9c37 Land #8652, rpc console write exploit 
lands pr for the metasploit rpc console write exploit
 2017-07-14 14:47:35 -05:00
bwatters-r7 de230478eb Land #8566, Add ye olde NNTP Login Utility scanner module 2017-07-13 13:19:34 -05:00
Pearce Barry 59de7d3635 Land #8671, Add a module for CVE-2017-7615 2017-07-12 14:58:02 -05:00
Corey Harding 6cb956ea81 Update rfpwnon.md 2017-07-09 05:07:36 -04:00
jvoisin f10cf75ae0 Fix some stuff 2017-07-09 10:45:15 +02:00
jvoisin e1b9330136 Add some documentation 2017-07-09 02:25:11 +02:00
Pearce Barry e3f95954ba Minor doc update. 2017-07-07 16:54:56 -05:00
Brendan Coles 95ba5d61ce Move documentation to correct folder 2017-07-07 16:54:56 -05:00
Brendan Coles 8e2ff7a4c5 Add command stager and code cleanup 2017-07-07 16:54:56 -05:00
dmohanty-r7 8f464e17a1 Land #8658, Add Gather PDF Authors auxiliary module 2017-07-07 16:20:29 -05:00
Brendan Coles afc704aea5 Ad documentation 2017-07-07 18:54:48 +00:00
Brent Cook f4820d24fb add a few more AKA references 2017-07-06 22:43:46 -05:00
Brent Cook b0c5d734ee s/swith/switch/ - ok @bcoles 2017-07-06 07:03:06 -05:00
Brendan Coles baff473cae Add Metasploit RPC Console Command Execution module 2017-07-05 08:48:35 +00:00
dmohanty-r7 aa387e96a7 Land #8577, Add SurgeNews User Credentials scanner 2017-07-03 10:14:03 -05:00
Pearce Barry a2602bf514 Land #8600, Add GoAutoDial 3.3 RCE Command Injection / SQL injection module 2017-06-30 17:32:51 -05:00
Pearce Barry 3d4d03c9b4 Land #8575, Cerberus Helpdesk hash disclosure 2017-06-30 16:02:53 -05:00
Pearce Barry 71b2ddaa2c Minor doc tweaking. 2017-06-30 15:53:27 -05:00
Brent Cook 796fe99744 update docs to note that cluster mode is not necessary to exploit 2017-06-30 11:26:35 -04:00
Brent Cook 40f0d36f6b Land #8615, add @artkond's DoS module for Cisco CVE-2017-3881 2017-06-30 11:17:09 -04:00
William Webb 6349026134 Land #8442, Exploit module for Backup Exec Windows Agent UaF 2017-06-28 10:39:28 -05:00
Brent Cook 0d9f57ad7c add @artkond's DoS module for Cisco CVE-2017-3881 
This makes a few improvements, adds module docs.
 2017-06-27 01:53:23 -05:00
Brent Cook 05c72214ae Land #8205, Add Satel SenNet Command Exec Module 2017-06-25 18:01:44 -05:00
Rob Fuller 2918b3af13 Land #8599, Dynamic DNS updater module 2017-06-25 15:08:22 -05:00
Rob Fuller 24fe6ac0fe Update dns_dyn_update.md 2017-06-24 17:07:56 -05:00
h00die cc9326d946 bcoles updates and table printing 2017-06-24 13:01:39 -04:00
dmohanty-r7 18410d8230 Land #8540, Add Symantec Messaging Gateway RCE 2017-06-22 19:00:32 -05:00
Brent Cook 5e48a11e60 handle specific exceptions, update docs 2017-06-22 18:01:52 -05:00
Brent Cook 6a261b172f move from scanner to admin 2017-06-22 17:47:04 -05:00
Brent Cook cdf0091962 fixup docs 2017-06-22 16:07:34 -05:00
KINGSABRI 2410a3232f Adding DNS Server Dynamic Update Record Injection module 2017-06-22 15:41:25 -05:00
Brent Cook 4fdd77f19a Land #8051, Add Netgear DGN2200v1/v2/v3/v4 Command Injection Module 2017-06-22 11:46:40 -05:00
Pearce Barry 24d9bec0ae Land #8260, OpManager Version Check 2017-06-20 17:58:10 -05:00
Pearce Barry 700d392106 Add markdown docs. 2017-06-20 17:45:44 -05:00
Pearce Barry 3cd28b28e2 Land #8569, Add ability to specify API token instead of password 2017-06-19 17:42:35 -05:00
Pearce Barry 58cd432120 Added docs, minor code tweak to remove duplication. 2017-06-19 17:35:41 -05:00
h00die 071dc09b1f fix spelling 2017-06-19 10:31:24 -05:00
mccurls 19ceb53304 Modified payload handling and uploaded documentation 2017-06-18 02:04:22 +10:00
Brendan Coles b82051757d Add SurgeNews User Credentials scanner module 2017-06-17 01:49:47 +00:00