adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
18,206 Commits 27 Branches 1,043 Tags
154894bda6ef76d4eb2bec80e861ba94de97e4a5
Commit Graph

9100 Commits

Author SHA1 Message Date
Dejan Lukan 154894bda6 Added comments and merged jvazquez-r7-miniupnp_dos_clean branch. 2013-06-10 10:18:26 +02:00
jvazquez-r7 ec52795182 Clean for miniupnp_dos.rb 2013-06-06 11:19:26 -05:00
Dejan Lukan 2fe704ce38 Deleted undeeded comments and spaces. 2013-06-04 09:00:53 +02:00
Dejan Lukan 217b263af7 Moved the module to different location and make it msftidy.rb compliant. 2013-06-03 10:35:10 +02:00
Dejan Lukan 945dde3389 Added CVE-2013-0229 for MiniUPnPd < 1.4 2013-05-17 13:58:32 +02:00
James Lee 42d8173d17 Land #1837, broken references 2013-05-16 14:32:46 -05:00
James Lee 3009bdb57e Add a few more references for those without 2013-05-16 14:32:02 -05:00
jvazquez-r7 d9bdf3d52e Do final cleanup for sap_smb_relay 2013-05-16 14:25:10 -05:00
jvazquez-r7 9dd582c526 Land #1656, @nmonkee's module for SMB Relay attacks against SAP 2013-05-16 14:23:39 -05:00
h0ng10 ccef6e12d2 changed to array in array 2013-05-16 19:03:47 +02:00
h0ng10 460542506d changed to array 2013-05-16 19:01:20 +02:00
h0ng10 378f0fff5b added missing comma 2013-05-16 18:59:46 +02:00
jvazquez-r7 c21035c0b9 Add final cleanup for sap_ctc_verb_tampering_user_mgmt 2013-05-16 10:42:09 -05:00
jvazquez-r7 7823df0478 Change module filename 2013-05-16 10:41:25 -05:00
jvazquez-r7 f3f0272395 Land #1652, @nmonkee's SAP CTC Verb Tampering for User Mgmt module 2013-05-16 10:40:17 -05:00
nmonkee 11286630d5 modifications to CLBA_ SOAP requests to fix XML kernel processor error 2013-05-16 11:24:29 +01:00
jvazquez-r7 c82bb73347 Avoid super verbose output 2013-05-15 17:45:37 -05:00
James Lee 61afe1449e Landing #1275, bash cmdstager 
Conflicts:
	lib/rex/exploitation/cmdstager.rb

Conflict was just the $Id$ tag, which is no longer used anyway.
 2013-05-15 10:44:05 -05:00
James Lee 2504aa4550 Land #1812, mailvelope chrome extension key grabber 2013-05-15 10:10:36 -05:00
jvazquez-r7 649a8829d3 Add modules for Mutiny vulnerabilities 2013-05-15 09:02:25 -05:00
jvazquez-r7 c410a54d44 Merge SAP SMB Relay abuses in just one module 2013-05-14 20:53:08 -05:00
jvazquez-r7 357ef001cc Change module filename 2013-05-14 20:52:33 -05:00
sinn3r e1111928c2 Adds patch info for ie_cgenericelement_uaf 
This one is MS13-038
 2013-05-14 14:55:02 -05:00
sinn3r 41e9f35f3f Landing #1819 - Convert sap_mgmt_con_osexec_payload to multi platform 2013-05-14 14:48:16 -05:00
sinn3r 5e925f6629 Description update 2013-05-14 14:20:27 -05:00
jvazquez-r7 42cfa72f81 Update data after test kloxo 6.1.12 2013-05-13 19:09:06 -05:00
jvazquez-r7 58f2373171 Added module for EDB 25406 2013-05-13 18:08:23 -05:00
sinn3r 5e997aaf80 Landing #1816 - lists essential information about CouchDB 2013-05-13 16:46:20 -05:00
sinn3r cba045a604 Make additional changes to the module 2013-05-13 16:42:33 -05:00
Tod Beardsley e3384439ed 64-bit, not '64 bits' 2013-05-13 15:40:17 -05:00
jvazquez-r7 e71e0c1c28 Land #1822, @wchen-r7's module for Coldfusion HTP disclosed exploit 2013-05-13 12:41:54 -05:00
jvazquez-r7 f04ca17bb9 Fix default action 2013-05-13 11:56:02 -05:00
jvazquez-r7 5b64379553 Add Coldfusion 9 target, OSVDB ref and review 2013-05-13 11:55:11 -05:00
sinn3r 60299c2adb Add EDB-25305 - That ColdFusion 10 sub0 0day stuff 
This is just an aux module that extract passwords from
password.properties. Yes, this can leverage a shell too, but
obviously that's best implemented in #1737, or as a new exploit.
We'll see.
 2013-05-12 21:23:53 -05:00
jvazquez-r7 feac292d85 Clean up for dlink_dsl320b_password_extractor 2013-05-12 17:35:59 -05:00
jvazquez-r7 ee46771de5 Land #1799, @m-1-k-3's auth bypass module for Dlink DSL320 2013-05-12 17:34:08 -05:00
jvazquez-r7 ce594a3ba2 Deprecate modules/exploits/windows/http/sap_mgmt_con_osexec_payload 2013-05-12 08:46:40 -05:00
jvazquez-r7 495f1e5013 Add multi platform module for SAP MC exec exploit 2013-05-12 08:46:00 -05:00
sinn3r 7fcf20201b Ranking should be the same (to GoodRanking) 2013-05-11 09:19:25 -05:00
Roberto Soares Espreto a94d078bfd Added the statement return to condition: if res.nil? 2013-05-11 00:59:05 -03:00
Roberto Soares Espreto 18ee9af59f Added couchdb_enum.rb to list essential information about CouchDB 2013-05-10 23:18:48 -03:00
James Lee 55fc1458de Simplify and clean up some 
I'd really love to make this work on Linux as well, since it's really
just a file grabber/parser. Unfortunately, the Post API for enumerating
users and homedirs isn't great for cross-platform stuff like this.

A few small changes, all verified on Windows 7:

* Reuse the key storing code instead of copy-paste with minor changes

* Use binary mode when opening the stored prefs

* Don't bother checking for incognito since we're using `steal_token`
  anyway

* Check for existence of directories instead of guessing based on OS
  match
 2013-05-10 16:58:35 -05:00
Rob Fuller 84ff72eb92 use file_exist? instead of fs.file.stat 2013-05-10 11:17:42 -04:00
Rob Fuller 25f7af43b4 use gsub instead of split/join 2013-05-10 11:12:56 -04:00
jvazquez-r7 d37d211ecc Fix short escape sequences error 2013-05-09 17:29:55 -05:00
jvazquez-r7 4147a27216 Land #1667, @nmonkee's sap_soap_rfc_sxpg_command_exec exploit 2013-05-09 17:00:11 -05:00
jvazquez-r7 6842432abb Land #1678, @nmonkee's sap_soap_rfc_sxpg_call_system_exec exploit 2013-05-09 16:52:01 -05:00
jvazquez-r7 cf05602c6f Land #1661, @nmonkee's sap_soap_rfc_eps_get_directory_listing module 2013-05-09 16:46:13 -05:00
jvazquez-r7 b18a98259b Modify default rport 2013-05-09 16:24:54 -05:00
jvazquez-r7 3e1d1a3f98 Land #1659, @nmonkee's sap_soap_rfc_eps_delete_file module 2013-05-09 16:22:54 -05:00