adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
38,732 Commits 27 Branches 1,043 Tags
0fd83b50d13fc4bd2a4ebe4e9f4cdb3d9bef8fb4
Commit Graph

2232 Commits

Author SHA1 Message Date
Tod Beardsley 08d08d2c95 Fix Java payload generator 2016-06-23 14:51:26 -05:00
Tod Beardsley 464808d825 First, put the RC data in the module proper 2016-06-23 14:43:37 -05:00
Tod Beardsley 92c70dab6f Real array, and fix PHP 2016-06-23 13:22:21 -05:00
Tod Beardsley ffabf26593 No Automatic target. 2016-06-23 12:50:23 -05:00
Tod Beardsley 7a36d03fe3 Trying multi arch 2016-06-23 12:34:51 -05:00
Scott Lee Davis 47674c77ad chmod 644 swagger_param_inject.rb 2016-06-23 11:49:16 -04:00
Scott Lee Davis fbd0bc4308 updated as per @egypt & @todb-r7 recommendations. 2016-06-23 11:41:54 -04:00
Tod Beardsley fc79f3a2a9 Modify for only NodeJS 
Not sure if we can do multiple arch's in the same module. Doesn't look
like it's possible today.

See rapid7#7015
 2016-06-23 10:14:57 -05:00
Scott Davis 579a3bcf7c default payload is NOT text based, so do nothing with it. 2016-06-23 07:00:14 -07:00
Scott Davis 47e4321424 CVE-2016-5641 2016-06-23 06:09:37 -07:00
wchen-r7 7cdadca79b Land #6945, Add struts_dmi_rest_exec exploit 2016-06-08 23:16:46 -05:00
Vex Woo e4c55f97db Fix module desc 2016-06-06 10:40:36 -05:00
Vex Woo 9f19d2c210 add apache struts2 S2-033 rce module 2016-06-06 05:07:48 -05:00
wchen-r7 f333481fb8 Add vendor patch info 2016-06-02 16:41:06 -05:00
wchen-r7 7c9227f70b Cosmetic changes for magento_unserialize to pass msftidy & guidelines 2016-06-02 16:34:41 -05:00
mr_me 4f42cc8c08 Added module 2016-06-02 09:24:10 -05:00
William Webb 028b1ac251 Land #6816 Oracle Application Testing Suite File Upload 2016-05-24 18:27:10 -05:00
Brent Cook 5bf8891c54 Land #6882, fix moodle_cmd_exec HTML parsing to use REX 2016-05-23 23:25:22 -05:00
wchen-r7 506356e15d Land #6889, check #nil? and #empty? instead of #empty? 2016-05-19 19:23:04 -05:00
wchen-r7 99a573a013 Do unless instead "if !" to follow the Ruby guideline 2016-05-19 19:21:45 -05:00
Vex Woo 41bcdcce61 fix struts_code_exec_exception_delegator - NoMethodError undefined method 'empty?' for nil:NilClass 2016-05-18 00:11:57 -05:00
Vex Woo bc257ea628 fix struts_code_exec - NoMethodError undefined method 'empty?' for nil:NilClass 2016-05-18 00:10:32 -05:00
wchen-r7 e8ac568352 doesn't look like we're using the tcp mixin 2016-05-17 03:15:26 -05:00
wchen-r7 08394765df Fix #6879, REXML::ParseException No close tag for /div 2016-05-17 03:14:00 -05:00
Brent Cook cf0176e68b Land #6867, Add Dell SonicWALL Scrutinizer 11.0.1 MethodDetail SQL Injection 2016-05-16 19:00:10 -05:00
wchen-r7 8f9762a3e5 Fix some comments 2016-05-12 00:19:18 -05:00
wchen-r7 da293081a9 Fix a typo 2016-05-11 22:48:23 -05:00
wchen-r7 9d128cfd9f Add Dell SonicWALL Scrutinizer 11.0.1 MethodDetail SQL Injection 2016-05-11 22:27:18 -05:00
HD Moore 32e1a19875 Fix up the disclosure date 2016-05-11 00:18:22 -05:00
HD Moore ded79ce1ff Fix CVE syntax 2016-05-10 23:18:45 -05:00
HD Moore 4a5d150716 Fixups to continue supporting Rails 4.2.x 2016-05-10 23:12:48 -05:00
HD Moore 04bb493ccb Small typo fixed 2016-05-10 23:07:51 -05:00
HD Moore 7c6958bbd8 Rework rails_web_console_v2_code_exec to support CVE-2015-3224 2016-05-10 11:08:02 -05:00
William Vu 2abb062070 Clean up module 2016-05-06 11:51:29 -05:00
Louis Sato 8dc7de5b84 Land #6838, add Rails web-console module 2016-05-05 15:53:52 -05:00
HD Moore 779a7c0f68 Switch to the default rails server port 2016-05-03 02:06:58 -05:00
HD Moore 8b04eaaa60 Clean up various whitespace 2016-05-03 02:06:37 -05:00
wchen-r7 df44dc9c1c Deprecate exploits/linux/http/struts_dmi_exec 
Please use exploits/multi/http/struts_dmi_exec, which supports
Windows and Java targets.
 2016-05-02 15:03:25 -05:00
HD Moore 3300bcc5cb Make msftidy happier 2016-05-02 02:33:06 -05:00
HD Moore 67c9f6a1cf Add rails_web_console_v2_code_exec, abuse of a debug feature 2016-05-02 02:31:14 -05:00
join-us 6a00f2fc5a mv exploits/linux/http/struts_dmi_exec.rb to exploits/multi/http/struts_dmi_exec.rb 2016-05-01 00:00:29 +08:00
William Vu c16a02638c Add Oracle Application Testing Suite exploit 2016-04-26 15:41:27 -05:00
William Vu 0cb555f28d Fix typo 2016-04-26 15:26:22 -05:00
Brent Cook 57cb8e49a2 remove overwritten keys from hashes 2016-04-20 07:43:57 -04:00
thao doan fd603102db Land #6765, Fixed SQL error in lib/msf/core/exploit/postgres 2016-04-18 10:44:20 -07:00
Pedro Ribeiro 8dfe98d96c Add bugtraq reference 2016-04-14 10:23:53 +01:00
Pedro Ribeiro 2dc4539d0d Change class name to MetasploitModule 2016-04-10 23:27:40 +01:00
Pedro Ribeiro 1fa7c83ca1 Create file for CVE-2016-1593 2016-04-10 23:17:07 +01:00
wchen-r7 6b4dd8787b Fix #6764, nil SQL error in lib/msf/core/exploit/postgres 
Fix #6764
 2016-04-08 15:20:04 -05:00
wchen-r7 28875313be Change class name to MetasploitModule 2016-04-08 14:27:52 -05:00