adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
43,178 Commits 27 Branches 1,043 Tags
0ac19087cd6015e596fff45a4ca1bed65afcc8ef
Commit Graph

491 Commits

Author SHA1 Message Date
Brent Cook 6300758c46 use https for metaploit.com links 2017-07-24 06:26:21 -07:00
g0tmi1k 524373bb48 OCD - Removed un-needed full stop 2017-07-21 07:41:51 -07:00
g0tmi1k b8d80d87f1 Remove last newline after class - Make @wvu-r7 happy 2017-07-19 11:19:49 +01:00
g0tmi1k a008f8e795 BruteForce - > Brute Force 2017-07-19 10:39:58 +01:00
g0tmi1k 4720d1a31e OCD fixes - Spaces 2017-07-14 08:46:59 +01:00
g0tmi1k fd843f364b Removed extra lines 2017-07-14 08:17:16 +01:00
g0tmi1k 424522147e OCD fixes - Start of *.rb files 2017-07-13 23:53:59 +01:00
William Vu 64452de06d Fix msf/core and self.class msftidy warnings 
Also fixed rex requires.
 2017-05-03 15:44:51 -05:00
William Webb e96013cd0f Land #7781, IBM Websphere Java Deserialization RCE 2017-03-14 17:21:18 -05:00
wizard32 78ff7a8865 Module renamed 
Renamed from websphere_java_deserialize.rb to ibm_websphere_java_deserialize.rb
 2017-03-13 08:22:24 +02:00
wchen-r7 5d0b532b20 Fix #8002, Use post/windows/manage/priv_migrate instead of migrate -f 
Because migrate -f uses a meterpreter script, and meterpreter scripts
are deprecated, we should be replacing with a post module

Fix #8002
 2017-02-23 17:04:36 -06:00
William Webb dd60fc3598 move cisco_webex_ext to exploits/windows/browser/ 2017-01-27 16:59:20 -06:00
William Webb 94f9971300 add module doc and remove the word EXPLOIT from document title 2017-01-26 13:36:18 -06:00
William Webb d87cb4b085 nfi why i didnt set ssl by default 2017-01-25 21:02:34 -06:00
William Webb ad0e2c7d95 remove extraneous warning alerts 2017-01-25 18:53:54 -06:00
William Webb d2bc8c7f7e msftidy complaints 2017-01-25 18:24:10 -06:00
William Webb 10066e0c16 get your targets straight son 2017-01-25 18:21:58 -06:00
William Webb d4b18bb3b9 initial commit of webex rce mod 2017-01-25 18:03:19 -06:00
wizard32 467a476598 Update websphere_java_deserialize.rb 2017-01-08 13:33:01 +02:00
wizard32 829f7da7e0 Update websphere_java_deserialize.rb 2017-01-06 18:39:04 +02:00
wizard32 538a1bf21d 'WfsDelay' Option added 
20sec added on 'WfsDelay' Option for first time exploit run due to the delay of powershell to load all the available modules.
 2017-01-06 18:11:48 +02:00
wizard32 c55e2e58f0 'raw_headers' Updated 2017-01-05 15:19:17 +02:00
wizard32 1d82ee0470 'raw_headers' field Updated 2017-01-05 15:17:17 +02:00
wizard32 c29a9ac00f Show Info updated 2017-01-05 14:18:38 +02:00
wizard32 1a38caa230 Encode - Decode code Updated 2017-01-05 13:07:34 +02:00
wizard32 9f4be89391 Update websphere_java_deserialize.rb 
Update information "Options" field
 2017-01-05 12:38:54 +02:00
wizard32 82e49fb27e Update websphere_java_deserialize.rb 2017-01-04 10:23:48 +02:00
wizard32 b06c5bac2f Invalid CVE format and Spaces at EOL fixed 2017-01-03 21:45:22 +02:00
wizard32 0722944b47 Invalid CVE format fixed 2017-01-03 21:38:32 +02:00
wizard32 8534fde50f Websphere Java Deserialization (RCE) 
This module exploits a vulnerability in IBM's WebSphere Application Server. An unsafe deserialization call of unauthenticated Java objects exists to the Apache Commons Collections (ACC) library, which allows remote arbitrary code execution. Authentication is not required in order to exploit this vulnerability.
 2017-01-03 16:04:51 +02:00
Brent Cook 005d34991b update architecture 2016-11-20 19:09:33 -06:00
OJ 57eabda5dc Merge upstream/master 2016-10-29 13:54:31 +10:00
OJ 1d617ae389 Implement first pass of architecture/platform refactor 2016-10-28 07:16:05 +10:00
David Maloney 6b77f509ba fixes bad file refs for cmdstagers 
when moving to the rex-exploitation gem some of the
file references were missed, partially due to silly differences
between how each file was referenced

Fixes #7466
 2016-10-21 12:31:18 -05:00
Spencer McIntyre bd110430e9 Remove unnecessary require statements 2016-10-11 15:35:49 -04:00
Spencer McIntyre bbdb58eb00 Add an HTA server module using powershell 2016-10-06 19:25:22 -04:00
wchen-r7 51c457dfb3 Update vmhgfs_webdav_dll_sideload 2016-08-08 11:40:03 -05:00
Yorick Koster dae1679245 Fixed build warnings 2016-08-05 20:40:41 +02:00
Yorick Koster 02e065dae6 Fixed disclosure date format 2016-08-05 20:32:58 +02:00
Yorick Koster 97d11a7041 Exploit module for CVE-2016-5330 VMware Host Guest Client Redirector DLL hijack 2016-08-05 20:19:40 +02:00
Brent Cook b08d1ad8d8 Revert "Land #6812, remove broken OSVDB references" 
This reverts commit 2b016e0216, reversing
changes made to 7b1d9596c7.
 2016-07-15 12:00:31 -05:00
Brent Cook 2b016e0216 Land #6812, remove broken OSVDB references 2016-07-11 22:59:11 -05:00
Trenton Ivey 3a39d8020d Moving back to PSH option only 2016-06-13 12:44:21 -05:00
Trenton Ivey 52bbd22a81 Moving back to PSH option only 2016-06-13 12:10:48 -05:00
Trenton Ivey 8c7796c6d3 Module Cleanup 2016-06-11 18:12:42 -05:00
Trenton Ivey 46eff4c96d Added command option 2016-06-11 18:07:24 -05:00
Trenton Ivey 6af3c4ab99 Added zero to Run method to prevent popup 2016-06-10 14:52:02 -05:00
Trenton Ivey 17974d74e2 Removing space at end of line 2016-06-09 21:49:24 -05:00
Trenton Ivey 6cd1da414f Regsvr32.exe Application Whitelist Bypass Server 2016-06-09 21:15:07 -05:00
wwebb-r7 ab27c1b701 Merge pull request #6940 from samvartaka/master 
Exploit for previously unknown stack buffer overflow in Poison Ivy versions 2.1.x (possibly present in older versions too)
 2016-06-08 11:25:51 -05:00