metasploit-gs

Author	SHA1	Message	Date
Pedro Ribeiro	34fd858265	Update IBM DRM SSH module	2020-06-26 11:28:21 +07:00
Adam Galway	1a2bf98222	creates standard elog & updates exisiting usages	2020-06-22 12:48:39 +01:00
Pedro Ribeiro	1cb91dcb42	Address review comments Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update ibm_drm_a3user.md Update modules/exploits/linux/ssh/ibm_drm_a3user.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/exploits/linux/ssh/ibm_drm_a3user.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/exploits/linux/ssh/ibm_drm_a3user.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/exploits/linux/ssh/ibm_drm_a3user.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/exploits/linux/ssh/ibm_drm_a3user.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/exploits/linux/ssh/ibm_drm_a3user.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/exploits/linux/ssh/ibm_drm_a3user.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/exploits/linux/ssh/ibm_drm_a3user.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/exploits/linux/ssh/ibm_drm_a3user.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/exploits/linux/ssh/ibm_drm_a3user.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/exploits/linux/ssh/ibm_drm_a3user.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/exploits/linux/ssh/ibm_drm_a3user.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> use fail_with	2020-05-05 10:58:05 -05:00
Pedro Ribeiro	dbceec91af	add full disclosure URL	2020-05-01 21:00:49 +07:00
Pedro Ribeiro	4b6ef4cb9e	fix spaces at eol	2020-05-01 13:30:22 +07:00
Pedro Ribeiro	9d09b3a250	add cve	2020-05-01 10:18:26 +07:00
Pedro Ribeiro	c581cb390f	remove CVE for merge, will add later	2020-04-30 11:16:09 +07:00
Pedro Ribeiro	714c750c04	apply rubocop changes	2020-04-24 10:23:13 +07:00
Pedro Ribeiro	0bef1757d2	Create ibm_drm_a3user.rb	2020-04-22 12:17:34 +07:00
Brent Cook	8489bcdfd9	This fixes broken links to the community.rapid7.com blog Performed mechanically with sed, spot-checked that the new blog can consume these links.	2020-02-18 09:06:11 -06:00
William Vu	f31930748b	Remove RHOST from solarwinds_lem_exec This doubles as a test.	2019-12-11 13:42:41 -06:00
Rob Fuller	5eb90d758f	Update modules/exploits/linux/ssh/solarwinds_lem_exec.rb Co-Authored-By: bcoles <bcoles@gmail.com>	2019-12-11 13:44:37 -05:00
Rob Fuller	002b9e5b90	Fix typo and lacking RHOST Kinda need a RHOST to use a RCE...	2019-12-11 12:17:53 -05:00
William Vu	6f58981396	Land #12244 , cisco_ucs_scpuser exploit	2019-08-30 13:35:50 -05:00
Pedro Ribeiro	e36308e5bb	Add FD ref	2019-08-31 00:18:46 +07:00
Pedro Ribeiro	0c1f3f2d03	make some adjustments	2019-08-29 19:50:01 +07:00
Pedro Ribeiro	98efac5bfb	Add github link	2019-08-28 11:08:01 +07:00
Pedro Ribeiro	7fd56f5fb3	Add Cisco UCS scpuser exploit	2019-08-28 11:00:08 +07:00
William Vu	901943c90f	Move Ubiquiti AirOS exploit from SSH to HTTP	2019-08-22 17:58:20 -05:00
William Vu	32334c2386	Update all module splats from http:// to https://	2019-08-15 18:10:44 -05:00
William Vu	e69f006992	Remove CommandShell mixin in exploits This was cargo culting. Exploits use handler instead of start_session.	2018-12-12 15:43:13 -06:00
William Vu	90b9204703	Update DisclosureDate to ISO 8601 in my modules Basic msftidy fixer: diff --git a/tools/dev/msftidy.rb b/tools/dev/msftidy.rb index 9a21b9e398..e9ff2b21e5 100755 --- a/tools/dev/msftidy.rb +++ b/tools/dev/msftidy.rb @@ -442,6 +442,8 @@ class Msftidy # Check disclosure date format if @source =~ /["']DisclosureDate["'].\=\>[\x0d\x20]['\"](.+?)['\"]/ d = $1 #Captured date + File.write(@full_filepath, @source.sub(d, Date.parse(d).to_s)) + fixed('Probably updated traditional DisclosureDate to ISO 8601') # Flag if overall format is wrong if d =~ /^... (?:\d{1,2},? )?\d{4}$/ # Flag if month format is wrong	2018-11-16 12:18:28 -06:00
William Vu	6df235062b	Land #10505 , post-auth and default creds info	2018-08-24 18:08:15 -05:00
William Vu	60c0272270	Make style consistent	2018-08-15 21:27:40 -05:00
Kevin Kirsche	cd01f11fd2	Remove verifying host keys for all exploits	2018-08-15 14:54:41 -07:00
Wei Chen	d9fc99ec4a	Correct false negative post_auth? status	2018-08-09 23:34:03 -05:00
Sonny Gonzalez	f5ccdcfcd2	Net SSH CommandStream fixes implemented * Net::SSH::CommandStream typos fixed * Net::SSH::CommandStream cleanup made more robust and refactored * require 'net/ssh/command_stream' added to various modules	2018-07-25 11:22:28 -05:00
asoto-r7	1a3a4ef5e4	Revised 88 aux and exploit modules to add CVEs / references	2018-07-12 17:34:52 -05:00
Brent Cook	b1d0529161	prefer 'shell' channels over 'exec' channels for ssh If a command is not specified to CommandStream, request a "shell" session rather than running exec. This allows targets that do not have a true "shell" which supports exec to instead return a raw shell session.	2018-02-08 02:21:16 -06:00
Brent Cook	1225555125	remove unnecessary require	2017-08-20 17:37:42 -05:00
Brent Cook	840c0d5f56	Land #7808 , add exploit for VMware VDP with known ssh private key (CVE-2016-7456)	2017-08-20 17:36:45 -05:00
Brent Cook	4395f194b1	fixup style warnings in f5 bigip privkey exploit	2017-08-01 14:45:05 -05:00
1cph93	9c930aad6e	Add space after comma in f5_bigip_known_privkey module to coincide with Ruby style guide	2017-07-25 19:43:29 -04:00
Brent Cook	6300758c46	use https for metaploit.com links	2017-07-24 06:26:21 -07:00
g0tmi1k	ef826b3f2c	OCD - print_good & print_error	2017-07-19 12:48:52 +01:00
g0tmi1k	b8d80d87f1	Remove last newline after class - Make @wvu-r7 happy	2017-07-19 11:19:49 +01:00
g0tmi1k	4720d1a31e	OCD fixes - Spaces	2017-07-14 08:46:59 +01:00
William Vu	3e20296cf5	Add service_details for SSH	2017-06-08 13:28:29 -05:00
William Vu	e22334343e	Use store_valid_credential in my modules I used report_note because using the creds API was a pain in the ass.	2017-06-08 00:57:51 -05:00
William Vu	64452de06d	Fix msf/core and self.class msftidy warnings Also fixed rex requires.	2017-05-03 15:44:51 -05:00
William Vu	f60807113b	Clean up module	2017-04-26 01:37:49 -05:00
Jonathan Claudius	f5430e5c47	Revert Msf::Exploit::Remote::Tcp	2017-04-18 19:27:35 -04:00
Jonathan Claudius	9a870a623d	Make use of Msf::Exploit::Remote::Tcp	2017-04-18 19:17:48 -04:00
Jonathan Claudius	03e3065706	Fix MSF tidy issues	2017-04-18 18:56:42 -04:00
Jonathan Claudius	32f0b57091	Fix new line issues	2017-04-18 18:52:53 -04:00
Jonathan Claudius	bfca4da9b0	Add mercurial ssh exec	2017-04-18 16:33:23 -04:00
dmohanty-r7	c445a1a85a	Wrap ssh.loop with begin/rescue	2017-03-31 11:16:10 -05:00
Mehmet Ince	d37966f1bb	Remove old file	2017-03-23 12:53:08 +03:00
Mehmet Ince	8a43a05c25	Change name of the module	2017-03-23 12:49:31 +03:00
Mehmet Ince	6aa42dcf08	Add solarwinds default ssh user rce	2017-03-17 21:54:35 +03:00

1 2 3

122 Commits