adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
35,959 Commits 27 Branches 1,043 Tags
0ae2e64bc56dd8543a97cc4ebc94de4738376488
Commit Graph

8954 Commits

Author SHA1 Message Date
Louis Sato 57304a30a8 Land #6139, remove bad ref links 2015-10-29 16:00:43 -05:00
wchen-r7 95920b7ff6 Bring back more working links 2015-10-29 15:57:16 -05:00
wchen-r7 da52c36687 Put back some links 2015-10-29 15:48:47 -05:00
wchen-r7 5b86d2ef95 Fix #6133, update description, authors and references 
Fix #6133

Thank you @japp-0xlabs
 2015-10-27 14:38:18 -05:00
wchen-r7 154fb585f4 Remove bad references (dead links) 
These links are no longer available. They are dead links.
 2015-10-27 12:41:32 -05:00
William Vu 74353686a3 Land #6136, rescue SMB error for psexec 2015-10-27 09:31:37 -05:00
jvazquez-r7 b2e3ce1f8a Allow to finish when deletion fails 2015-10-26 16:40:36 -05:00
wchen-r7 9adfd296a0 Land #6128, Th3 MMA mma.php Backdoor Arbitrary File Upload 2015-10-26 15:26:06 -05:00
wchen-r7 0d9ebe13a1 Modify check 2015-10-26 15:25:38 -05:00
wchen-r7 f4abc16c66 Land #6102, Add rsh/libmalloc privilege escalation exploit module 2015-10-26 10:54:05 -05:00
JT 4f244c54f8 Update mma_backdoor_upload.rb 2015-10-26 23:01:38 +08:00
Sam H 5fcc70bea4 Fixed issue w/ msf payloads + added timeout rescue 
Apparently when OS X payload shells get a sudo command, it requires a full path (even though it clearly has $PATH defined in its env...) to that file. The updates here take that into account. Also, the script more directly catches a timeout error when the maximum time for sudoers file to change has passed.
 2015-10-25 23:38:48 -07:00
JT ad80f00159 Update mma_backdoor_upload.rb 2015-10-24 11:16:49 +08:00
JT f461c4682b Update mma_backdoor_upload.rb 2015-10-24 11:15:26 +08:00
JT be89cb32c9 Th3 MMA mma.php Backdoor Arbitrary File Upload 2015-10-23 08:47:40 +08:00
wchen-r7 360f40249c Land #6122, user-assisted Safari applescript:// module (CVE-2015-7007) 2015-10-22 15:07:42 -05:00
wchen-r7 9d2e2df1f1 Update description 2015-10-22 15:07:11 -05:00
joev 35578c7292 Add refs. 2015-10-22 09:48:11 -05:00
joev 6a87e7cd77 Add osx safari cmd-R applescript exploit. 2015-10-22 09:46:56 -05:00
Sam H 348a0f9e3d Cleaned up "cleanup" method and crontab check 
The script now searches for the full line "ALL ALL=(ALL) NOPASSWD: ALL" written in the crontab file to ensure that it is successful rather than just "NOPASSWD". Additionally, the required argument used in the cleanup method was removed and simply turned into an instance method so it could be accessed without needing to call it with any arguments.
 2015-10-21 22:53:32 -07:00
William Vu 997e8005ce Fix nil http_method in php_include 2015-10-21 13:22:09 -05:00
William Vu 129544c18b Land #6112, splat for ZPanel exploit 2015-10-21 13:07:51 -05:00
Boumediene Kaddour e188bce4c9 Update minishare_get_overflow.rb 2015-10-21 16:48:31 +02:00
wchen-r7 f06d7591d6 Add header for zpanel_information_disclosure_rce.rb 2015-10-20 16:19:44 -05:00
wchen-r7 70b005de7f Land #6041, Zpanel info disclosure exploit 2015-10-20 16:08:16 -05:00
wchen-r7 728fd17856 Make code changes for zpanel_information_disclosure_rce.rb 
Use Nokogiri and URI, as well as indent fixes and other things
 2015-10-20 16:07:02 -05:00
Sam H 712f9f2c83 Deleted extra reference to exploit DB 2015-10-18 19:10:47 -07:00
Sam Handelman b03c3be46d Fixed some styling errors in the initializer. Switched the calls to sleep(1) to use the Rex API (Rex.sleep(1) instead). 2015-10-18 02:13:03 -07:00
Sam Handelman 3757f2e8de Changed my author name to make sure it matches my GitHub username inside the module information. 2015-10-16 14:54:34 -07:00
Sam Handelman 95d5e5831e Adding the updated version of the module to submit a pull request. Changes were made to ensure that the OS version check correctly determines which systems are vulnerable, giving only a warning message if not. 2015-10-16 14:39:07 -07:00
wchen-r7 c399d7e381 Land #5959, Add Nibbleblog File Upload Vuln 2015-10-16 15:30:13 -05:00
wchen-r7 9666660c06 Enforce check and add another error message 2015-10-16 15:29:12 -05:00
William Vu f14776ab63 Land #6092, refs for arkeia_agent_exec 2015-10-15 22:50:57 -05:00
William Vu 8cb6cc57b5 Land #6094, refs for another ManageEngine module 2015-10-15 22:49:05 -05:00
William Vu 86dfbf23e8 Fix whitespace 2015-10-15 22:48:53 -05:00
xistence 018b515150 Add CVE/URL references to manageengine_eventlog_analyzer_rce 2015-10-16 10:41:39 +07:00
xistence b1f2e40b98 Add CVE/URL references to module manage_engine_opmanager_rce 2015-10-16 10:36:13 +07:00
xistence 6a1553ae63 Add EDB/CVE/URL references to arkeia_agent_exec 2015-10-16 10:23:20 +07:00
William Vu bf9530d5ba Land #5941, X11 keyboard exec module 2015-10-14 11:38:47 -05:00
Brent Cook 30d2a3f2a9 Land #5999, teach PSH web delivery to use a proxy 2015-10-14 11:05:45 -05:00
HD Moore d67b55d195 Fix autofilter values for aggressive modules 2015-10-13 15:56:18 -07:00
William Vu a4f0666fea Land #6081, DLink -> D-Link 2015-10-12 18:05:52 -05:00
Tod Beardsley 185e947ce5 Spell 'D-Link' correctly 2015-10-12 17:12:01 -05:00
Tod Beardsley 336c56bb8d Note the CAPTCHA exploit is good on 1.12. 2015-10-12 17:09:45 -05:00
HD Moore 6f3bd81b64 Enable 64-bit payloads for MSSQL modules 2015-10-11 12:52:46 -05:00
jvazquez-r7 ed0b9b0721 Land #6072, @hmoore-r7's lands Fix #6050 and moves RMI/JMX mixin namespace 2015-10-10 00:24:12 -05:00
jvazquez-r7 b9b488c109 Deleted unused exception handling 2015-10-09 23:38:52 -05:00
jvazquez-r7 c60fa496c7 Delete extra spaces 2015-10-09 23:37:11 -05:00
jvazquez-r7 e6fbca716c Readd comment 2015-10-09 23:29:23 -05:00
jvazquez-r7 af445ee411 Re apply a couple of fixes 2015-10-09 23:24:51 -05:00