adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
22,996 Commits 27 Branches 1,043 Tags
0f620f5aba9bca34f3e12c9172bbd3f36facbfcd
Commit Graph

12145 Commits

Author SHA1 Message Date
sinn3r 0f620f5aba Fix Uninitialized Constant RequestError 
[SeeRM #8765] NameError uninitialized constant
 2014-02-12 00:23:23 -06:00
William Vu c67c0dde8f Land #2972, enum_system find/save logs/S[UG]ID 2014-02-11 15:45:27 -06:00
jvazquez-r7 1f0020a61c Land #2946, @jlee-r7's optimization of the x86 block_api code 2014-02-11 15:00:00 -06:00
Roberto Soares Espreto 68578c15a3 find command modified 2014-02-11 10:08:12 -02:00
Roberto Soares Espreto f181134ef8 Removed hard tabs 2014-02-10 23:16:04 -02:00
William Vu e6905837eb Land #2960, rand_text_alpha for amaya_bdo 2014-02-10 16:44:11 -06:00
Roberto Soares Espreto 2e720f8f0f Post::Linux - Added to search for files with setuid/setgid and logfiles 2014-02-10 19:24:51 -02:00
Tod Beardsley 1236a4eb07 Fixup on description and some option descrips 2014-02-10 14:41:59 -06:00
jvazquez-r7 3d4d5a84b6 Land #2957, @zeroSteiner's exploit for CVE-2013-3881 2014-02-10 13:59:45 -06:00
jvazquez-r7 502dbb1370 Add references 2014-02-10 13:55:02 -06:00
sinn3r 8a8bc74687 Land #2940 - DoliWamp 'jqueryFileTree.php' Traversal Gather Credentials 2014-02-10 13:49:02 -06:00
sinn3r 306b31eee3 Small changes before merging 2014-02-10 13:47:31 -06:00
jvazquez-r7 abb03d0bbe Fixing messages 2014-02-10 13:10:42 -06:00
jvazquez-r7 541bb6134e Change exploit filename 2014-02-10 13:06:23 -06:00
jvazquez-r7 2e130ce843 Make it work with Reader Sandbox 2014-02-10 13:04:13 -06:00
Tod Beardsley 7c43565ea8 Include missing require for powershell 2014-02-10 11:02:53 -06:00
jvazquez-r7 5672a4dae5 Land #2962, @Meatballs1 RequiredCmd property for ARCH_CMD win payloads 2014-02-10 09:51:08 -06:00
Spencer McIntyre 0ac1acda70 Upgrade toolchain to Visual Studio 2013 v120. 2014-02-10 09:35:07 -05:00
sinn3r c96116b193 Land #2949 - Add module Kloxo SQLi 2014-02-08 13:45:11 -06:00
Meatballs 93b07b0e48 Add missing RequiredCmds 2014-02-08 12:24:49 +00:00
David Maciejak 32c02dd56a Added some randomness 2014-02-08 11:27:25 +08:00
sinn3r 66cb97305c Land #2953 - KingScada kxClientDownload.ocx ActiveX Remote Code Exec 2014-02-07 17:41:35 -06:00
sinn3r bd23fcf4b7 Land #2936 - Windows Command Shell Upgrade (Powershell) 2014-02-07 17:39:06 -06:00
James Lee f0fd2f0598 Land #2944, add platforms to encoders 
This allows encoders to advertise compatibility with a particular
platform (or more accurately, non-compatibility with everything that
isn't that platform).

See also #2939
 2014-02-07 13:38:05 -06:00
sinn3r 63305025aa Land #2615 - Add Windows Gather Active Directory User Comments 2014-02-07 12:23:43 -06:00
sinn3r 9c76e7fb00 Handle multiple exceptions 2014-02-07 12:23:10 -06:00
sinn3r 40188e1eda RuntimeError exception should be handled. 2014-02-07 12:16:15 -06:00
jvazquez-r7 c679b1001b Make pring_warning verbose 2014-02-07 10:23:07 -06:00
Spencer McIntyre f686385349 Remove an unnecessary VS file and modify version check. 2014-02-07 08:45:51 -05:00
jvazquez-r7 a18de35fa7 Add module for ZDI-14-011 2014-02-06 18:25:36 -06:00
Spencer McIntyre cc32c877a9 Add CVE-2013-3881 win32k Null Page exploit 2014-02-06 17:23:38 -05:00
James Lee 4b37cc7243 Land #2927, PandoraFMS anyterm exploit 2014-02-06 15:22:23 -06:00
James Lee 4236abe282 Better SIGHUP handling 2014-02-06 15:21:54 -06:00
William Vu 19fff3c33e Land #2942, @jvennix-r7's Android awesomesauce 
Also, thanks to @jduck for testing!
 2014-02-06 11:53:11 -06:00
Joe Vennix 362e937c8d Forgot to push local changes. 2014-02-06 11:47:35 -06:00
Joe Vennix 0dc2ec5c4d Use BrowserExploitServer mixin. 
This prevents drive-by users on other browsers from ever receiving
the exploit contents.
 2014-02-06 11:32:42 -06:00
jvazquez-r7 ac52edabd5 Land #2801, Land @kicks4kittens IBM Sametime modules 2014-02-06 10:17:03 -06:00
jvazquez-r7 30c325c22e Make better json check 2014-02-06 10:16:26 -06:00
kicks4kittens 564f9bccc8 Correct print output 
Printing the room details is the purpose of the module.
Reinstated printing the table in non-verbose mode (users won't know it's there otherwise)
 2014-02-05 22:00:02 +01:00
kicks4kittens 445cd7be5a remove "on {peer} 
line already includes {peer} info
 2014-02-05 21:57:58 +01:00
kicks4kittens 4c0c9101aa Correct check, reinstate print 
Corrected JSON check (response is empty, but valid JSON on check success)
Reinstated print to warn user (not only in VERBOSE)
 2014-02-05 21:56:56 +01:00
kicks4kittens 60cf68f899 added default SSL 2014-02-05 21:54:02 +01:00
kicks4kittens 3560b41eb2 correct variable name 
body isn't valid, replaced with res.body and tested
 2014-02-05 21:51:55 +01:00
kicks4kittens 38add0ab50 alter print_status 
Altered print_status to print_good to differentiate when user is online easier
 2014-02-05 21:49:39 +01:00
jvazquez-r7 fdb954fdfb Report credentials 2014-02-05 14:37:33 -06:00
jvazquez-r7 631559a2e8 Add module for Kloco SQLi 2014-02-05 14:18:56 -06:00
James Lee 14aa8ffd5c Apply blockapi changes to bind_tcp and bind_tcp_rc4 2014-02-04 17:45:18 -06:00
Joe Vennix 553616b6cc Add URL for browser exploit. 2014-02-04 17:04:06 -06:00
Tod Beardsley 3a6626761b Land #2945, obsolete old modules 
Obsoletes:

modules/auxiliary/admin/scada/igss_exec_17.rb
modules/exploits/windows/http/sap_mgmt_con_osexec_payload.rb
modules/post/windows/gather/resolve_hosts.rb
modules/post/windows/manage/persistence.rb
 2014-02-04 15:11:25 -06:00
sinn3r bda93c2bbc Land #2811 - Add generate_war to jsp_shell payloads 2014-02-04 15:06:45 -06:00