adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
38,732 Commits 27 Branches 1,043 Tags
0fd83b50d13fc4bd2a4ebe4e9f4cdb3d9bef8fb4
Commit Graph

706 Commits

Author SHA1 Message Date
wchen-r7 de5152401a Land #6992, Add tiki calendar exec exploit 2016-06-22 11:18:14 -05:00
wchen-r7 8697d3d6fb Update tiki_calendar_exec module and documentation 2016-06-22 11:17:45 -05:00
h00die 9cb57d78d7 updated check and docs that 14.2 may not be vuln 2016-06-21 16:48:09 -04:00
h00die 15a3d739c0 fix per wchen 2016-06-20 17:57:10 -04:00
h00die 6fe7698b13 follow redirect automatically 2016-06-19 20:24:54 -04:00
h00die 3f25c27e34 2 void-in fixes of 3 2016-06-19 14:35:27 -04:00
h00die ddfd015310 functionalized calendar call, updated docs 2016-06-19 08:53:22 -04:00
h00die 3feff7533b tiki calendar 2016-06-18 13:11:11 -04:00
Brendan Watters 9ea0b8f944 Land #6934, Adds exploit for op5 configuration command execution 2016-06-16 14:36:10 -05:00
William Vu ea988eaa72 Add setsid to persist the shell 
Prevents the watchdog from killing our session.
 2016-06-16 11:31:35 -05:00
h00die cfb034fa95 fixes all previously identified issues 2016-06-15 20:58:04 -04:00
h00die 81fa068ef0 pulling out the get params 2016-06-15 12:27:31 -04:00
h00die 52db99bfae vars_post for post request 2016-06-15 07:24:41 -04:00
h00die 625d60b52a fix the other normalize_uri 2016-06-14 15:03:07 -04:00
h00die bd4dacdbc3 added Rank 2016-06-13 19:04:06 -04:00
h00die 72ed478b59 added exploit rank 2016-06-13 18:56:33 -04:00
h00die f63273b172 email change 2016-06-11 21:05:34 -04:00
William Vu ec1248d7af Convert to CmdStager 2016-06-10 20:42:01 -05:00
William Vu 46239d5b0d Add Apache Continuum exploit 2016-06-09 22:35:38 -05:00
h00die d63dc5845e wvu-r7 comment fixes 2016-06-09 21:52:21 -04:00
h00die 6f5edb08fe pull uri from datastore consistently 2016-06-08 20:28:36 -04:00
Brendan Watters c4aa99fdac Land #6925, ipfire proxy exec 2016-06-07 10:24:59 -05:00
Brendan Watters 7e84c808b2 Merge remote-tracking branch 'upstream/pr/6924' into dev 2016-06-07 09:24:25 -05:00
h00die c2699ef194 rubocop fixes 2016-06-03 17:43:11 -04:00
h00die 2f837d5d60 fixed EDB spelling 2016-06-03 17:17:36 -04:00
h00die 8d76bdb8af fixed EDB reference 2016-06-03 17:13:36 -04:00
Brendan Watters d7cd10f586 Suggested updates for style and clarity 2016-06-03 14:04:58 -05:00
Brendan Watters 91658d2a61 Changes per rubocop and sinn3r 2016-06-03 12:42:38 -05:00
h00die 68d647edf1 Merge branch 'master' of https://github.com/rapid7/metasploit-framework into op5 2016-06-01 18:05:18 -04:00
h00die 52d5028548 op5 config exec 2016-06-01 15:07:31 -04:00
h00die 8ce59ae330 travis fixes 2016-05-31 05:46:20 -04:00
h00die 057947d7e8 ipfire proxy exec 2016-05-30 10:24:17 -04:00
h00die 9b5e3010ef doc/module cleanup 2016-05-30 06:33:48 -04:00
h00die df55f9a57c first add of ipfire shellshock 2016-05-29 20:40:12 -04:00
Nicholas Starke 4b23d2dc58 Adjusting exception handling 
This commit adjusts the error handling to close the socket before
calling fail_with and adds specific exceptions to catch
 2016-05-11 17:18:51 -05:00
Nicholas Starke 32ae3e881e Adding save_cred and exception handling to module 
This commit adds a save_cred method for saving off the credentials
upon a successful login attempt.  Also, exception handling surrounding
the opening of the telnet socket has been added to avoid any accidental
resource leaking.
 2016-05-10 20:54:44 -05:00
Nicholas Starke 8eb3193941 Adding TP-Link sc2020n Module 
This module exploits a command injection vulnerability in
TP-Link sc2020n network video cameras in order to start the
telnet daemon on a random port.  The module then connects to
the telnet daemon, which returns a root shell on the device.
 2016-05-08 14:02:50 -05:00
wchen-r7 df44dc9c1c Deprecate exploits/linux/http/struts_dmi_exec 
Please use exploits/multi/http/struts_dmi_exec, which supports
Windows and Java targets.
 2016-05-02 15:03:25 -05:00
join-us 6a00f2fc5a mv exploits/linux/http/struts_dmi_exec.rb to exploits/multi/http/struts_dmi_exec.rb 2016-05-01 00:00:29 +08:00
join-us ec66410fab add java_stager / windows_stager | exploit with only one http request 2016-04-30 23:56:56 +08:00
wchen-r7 d6a6577c5c Default payload to linux/x86/meterpreter/reverse_tcp_uuid 
Default to linux/x86/meterpreter/reverse_tcp_uuid for now because
of issue #6833
 2016-04-29 11:52:50 -05:00
wchen-r7 97061c1b90 Update struts_dmi_exec.rb 2016-04-29 11:13:25 -05:00
wchen-r7 e9535dbc5b Address all @FireFart's feedback 2016-04-29 11:03:15 -05:00
wchen-r7 6f6558923b Rename module as struts_dmi_exec.rb 2016-04-29 10:34:48 -05:00
wchen-r7 102d28bda4 Update atutor_filemanager_traversal 2016-03-22 14:44:07 -05:00
wchen-r7 9cb43f2153 Update atutor_filemanager_traversal 2016-03-22 14:42:36 -05:00
Steven Seeley 3842009ffe Add ATutor 2.2.1 Directory Traversal Exploit Module 2016-03-22 12:17:32 -05:00
James Lee 1375600780 Land #6644, datastore validation on assignment 2016-03-17 11:16:12 -05:00
Adam Cammack 05f585157d Land #6646, add SSL SNI and unify SSLVersion opts 2016-03-15 16:35:22 -05:00
Christian Mehlmauer 3123175ac7 use MetasploitModule as a class name 2016-03-08 14:02:44 +01:00