adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
39,171 Commits 27 Branches 1,043 Tags
29a14f0147eae703d0c5045bd58deaac019e4607
Commit Graph

20567 Commits

Author SHA1 Message Date
Mehmet Ince 29a14f0147 Change References to EDB number and remove 4 space 2016-09-20 01:31:56 +03:00
Mehmet Ince 53d4162e7d Send payload with POST rather than custom header. 2016-09-17 23:11:16 +03:00
Mehmet Ince ba6c2117cf Fix msftidy issues 2016-09-02 18:18:43 +03:00
Mehmet Ince 144fb22c32 Add Kaltura PHP Remote Code Execution module 2016-09-02 18:09:53 +03:00
wchen-r7 c2c05a820a Force uripath and srvport options 2016-08-10 18:25:45 -05:00
wchen-r7 e56e801c12 Update ie_sandbox_findfiles.rb 2016-08-10 18:09:58 -05:00
Yorick Koster 87b27951cf Fixed some build errors 2016-08-09 20:46:49 +02:00
Yorick Koster 79a84fb320 Internet Explorer iframe sandbox local file name disclosure vulnerability 
It was found that Internet Explorer allows the disclosure of local file
names. This issue exists due to the fact that Internet Explorer behaves
different for file:// URLs pointing to existing and non-existent files.
When used in combination with HTML5 sandbox iframes it is possible to
use this behavior to find out if a local file exists. This technique
only works on Internet Explorer 10 & 11 since these support the HTML5
sandbox. Also it is not possible to do this from a regular website as
file:// URLs are blocked all together. The attack must be performed
locally (works with Internet zone Mark of the Web) or from a share.
 2016-08-09 20:35:42 +02:00
wchen-r7 de16a6d536 Land #7182, Nuuo / Netgear Surveillance admin password reset module 2016-08-08 16:10:30 -05:00
wchen-r7 c64e1b8fe6 Land #7181, NUUO NVRmini 2 / Crystal / NETGEAR ReadyNAS Surveillance 2016-08-08 16:04:33 -05:00
wchen-r7 cb04ff48bc Land #7180, Add exploit for CVE 2016-5674 / Nuuo / Netgear unauth RCE 2016-08-08 15:55:39 -05:00
wchen-r7 8654baf3dd Land #6880, add a module for netcore/netdis udp 53413 backdoor 2016-08-08 15:43:34 -05:00
wchen-r7 f98efb1345 Fix typos 2016-08-08 15:41:03 -05:00
Pedro Ribeiro 7ca7682d17 Fix whitespace error from msftidy 2016-08-08 17:57:03 +01:00
wchen-r7 3d1289dac3 Land #7185, Add VMware Host Guest Client Redirector DLL Hijack Exploit 2016-08-08 11:41:40 -05:00
wchen-r7 51c457dfb3 Update vmhgfs_webdav_dll_sideload 2016-08-08 11:40:03 -05:00
Pearce Barry ae59c4ae74 Land #6687, Fix meterpreter platform to include OS in the tuple for all meterpreters 2016-08-07 05:00:24 -05:00
Pedro Ribeiro 3b64b891a6 Update nuuo_nvrmini_unauth_rce.rb 2016-08-05 21:53:25 +01:00
Pedro Ribeiro 746ba4d76c Add bugtraq reference 2016-08-05 21:53:08 +01:00
Pedro Ribeiro 106f26587e Add bugtraq reference 2016-08-05 21:52:46 +01:00
Steven Seeley 230903562f Add Samsung Security Manager 1.5 ActiveMQ Broker exploit 2016-08-05 15:19:22 -05:00
Yorick Koster dae1679245 Fixed build warnings 2016-08-05 20:40:41 +02:00
Yorick Koster 02e065dae6 Fixed disclosure date format 2016-08-05 20:32:58 +02:00
Yorick Koster 97d11a7041 Exploit module for CVE-2016-5330 VMware Host Guest Client Redirector DLL hijack 2016-08-05 20:19:40 +02:00
Pedro Ribeiro 036d0502db Add github link 2016-08-04 17:38:45 +01:00
Pedro Ribeiro 2aca610095 Add github link 2016-08-04 17:38:31 +01:00
Pedro Ribeiro 7d8dc9bc82 Update nuuo_nvrmini_unauth_rce.rb 2016-08-04 17:38:14 +01:00
Pedro Ribeiro ec67db03f1 add exploit for CVE 2016-5676 2016-08-04 16:56:16 +01:00
Pedro Ribeiro b48518099c add exploit for CVE 2016-5674 2016-08-04 16:55:21 +01:00
Pedro Ribeiro 0deac80d61 add exploit for CVE 2016-5675 2016-08-04 16:54:38 +01:00
wchen-r7 14a387e4eb Land #7163, Add exploit payload delivery via SMB 2016-08-03 14:44:59 -05:00
wchen-r7 2f6e0fb58c Land #7172, Add exploit for CVE-2016-0189 (MSIE) 2016-08-03 14:14:16 -05:00
wchen-r7 e16c57ed07 Lower rank 2016-08-03 14:02:47 -05:00
wchen-r7 96dbf627ae Remove unwanted metadata for HttpServer 2016-08-03 13:55:58 -05:00
Jon Hart 554a0c5ad7 Deprecate nbname_probe, which duplicate nbname as of 77cd6dbc8b 2016-08-02 17:36:22 -07:00
William Webb be4f55aa2f forgot to update ranking 2016-08-02 13:30:12 -05:00
William Webb 4c15e5e33a Land #7171, Hint about incorrect RAILSVERSION 2016-08-01 15:40:27 -05:00
William Webb 160c49721b Land #7166, Fix empty output in nbns_response 2016-08-01 14:52:33 -05:00
Brent Cook abf435d6c2 Land #6960, Auth bypass for Polycom HDX video endpoints 2016-08-01 14:02:50 -05:00
Brent Cook 5309f2e4fb endpoints, not end points 2016-08-01 14:02:17 -05:00
Brent Cook b34201e65c restore session as an instance variable 2016-08-01 13:58:54 -05:00
William Webb ba0da52274 msftidy cleanup 2016-08-01 13:36:05 -05:00
William Webb 21e6211e8d add exploit for cve-2016-0189 2016-08-01 13:26:35 -05:00
William Vu 3b13adba70 Hint about incorrect RAILSVERSION 
If the secret doesn't match, you might have set the wrong RAILSVERSION.
The difference is secret_token (Rails 3) vs. secret_key_base (Rails 4).
 2016-08-01 09:36:25 -07:00
William Vu e699d3f05b Fix empty output in nbns_response 
Normally, the module prints nothing unless VERBOSE is true. In practice,
we at least want to see responded-to hosts. We leave details to be
printed when VERBOSE is set.
 2016-07-31 09:47:19 -07:00
James Lee d46c3a1d8c Collector looks like hex, store it as a string 2016-07-29 21:57:51 -05:00
Andrew Smith 1d6fa11c4f Addition of SMB delivery module 2016-07-29 14:58:30 -04:00
wchen-r7 1e1866f583 Fix #7158, tiki_calendar_exec incorrectly reports successful login 
Fix #7158
 2016-07-28 17:03:31 -05:00
Pearce Barry 6c7cc061ea Minor formatting tweaks. 2016-07-28 16:29:42 -05:00
Robert Kugler ef2899dfd4 msftidy updates 2016-07-28 16:29:42 -05:00