adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
40,020 Commits 27 Branches 1,043 Tags
2c2729f0b20e1c6b15a2a912c83f291f8595387d
Commit Graph

1216 Commits

Author SHA1 Message Date
Brendan dae1f26313 Land #7521, Modernize TLS protocol configuration for SMTP / SQL Server 2016-11-03 12:56:50 -05:00
William Vu eca4b73aab Land #7499, check method for pkexec exploit 2016-11-03 10:59:06 -05:00
William Vu 1c746c0f93 Prefer CheckCode::Detected 2016-11-03 11:14:48 +01:00
William Vu 2cdff0f414 Fix check method 2016-11-03 11:14:48 +01:00
William Webb 31b593ac67 Land #7402, Add Linux local privilege escalation via overlayfs 2016-11-01 12:46:40 -05:00
Brent Cook f8912486df fix typos 2016-11-01 05:43:03 -05:00
Alex Flores 45d6012f2d fix check method 2016-10-30 14:57:42 -04:00
Julien (jvoisin) Voisin 23ab4f1fc1 Remove one last tab 2016-10-27 12:32:40 +02:00
Julien (jvoisin) Voisin d9f07183bd Please h00die ;) 2016-10-27 12:18:33 +02:00
Julien (jvoisin) Voisin 2ac54f5028 Add a check for the linux pkexec module 2016-10-27 10:28:13 +02:00
h00die 0d1fe20ae5 revamped 2016-10-15 20:57:31 -04:00
William Webb 5e7d546fa2 Land #7094, OpenNMS Java Object Deserialization RCE Module 2016-10-14 13:19:11 -05:00
Brent Cook cfddc734a8 Land #7286, WiFi pineapple preconfig command injection module 2016-10-14 12:57:42 -05:00
Brent Cook e05a325786 Land #7285, WiFi pineapple command injection via authentication bypass 2016-10-14 12:57:05 -05:00
h00die 12493d5c06 moved c code to external sources 2016-10-13 20:37:03 -04:00
Pearce Barry 7b84e961ed Minor output correction. 2016-10-09 19:01:06 -05:00
h00die 2dfebe586e working cve-2014-0038 2016-10-08 23:58:09 -04:00
h00die 27cf5c65c4 working module 2016-10-04 23:21:53 -04:00
jvoisin 2272e15ca2 Remove some anti-patterns, in the same spirit than #7372 2016-09-29 00:15:01 +02:00
William Vu 988471b860 Land #7372, useless use of cat fix 
Obligatory: modules/exploits/linux/local/kloxo_lxsuexec.rb.
 2016-09-28 16:37:11 -05:00
William Vu 3033c16da6 Add missing rank 2016-09-28 16:37:04 -05:00
jvoisin b46073b34a Replace cat with Ruby's read_file 
Thanks to wvu-r7 for the comment
 2016-09-28 23:22:19 +02:00
William Vu 45ee59581b Fix inverted logic in Docker exploit 
Positive condition should be tested first, imo. Confusing otherwise. My
bad, though.

Credit to @fslavin-r7.
 2016-09-28 15:36:09 -05:00
Julien (jvoisin) Voisin dbb2abeda1 Remove the cat $FILE | grep $PATTERN anti-pattern 
The `kloxo_lxsuexec.rb` and `netfilter_pvi_esc.rb` exploits
were using the infamous `cat+grep` anti-pattern, this commit
replaces it with `cat` and Ruby's `.include?` method.
 2016-09-28 13:41:25 +02:00
Pearce Barry 6382fffc75 Land #7326, Linux Kernel Netfilter Privesc 2016-09-26 12:38:50 -05:00
h00die 23e5556a4c binary drops work! 2016-09-24 21:31:00 -04:00
h00die 7646771dec refactored for live compile or drop binary 2016-09-22 20:07:07 -04:00
Brent Cook 88cef32ea4 Land #7339, SSH module fixes from net:ssh updates 2016-09-22 00:27:32 -05:00
Brendan 04f8f7a0ea Land #7266, Add Kaltura Remote PHP Code Execution 2016-09-21 17:14:49 -05:00
Mehmet Ince 2d3c167b78 Grammar changes again. 2016-09-20 23:51:12 +03:00
Mehmet Ince 0f16393220 Yet another grammar changes 2016-09-20 19:48:40 +03:00
Mehmet Ince fb00d1c556 Another minor grammer changes 2016-09-20 19:23:28 +03:00
Brendan 251421e4a7 Minor grammar changes 2016-09-20 10:37:39 -05:00
Mehmet Ince 385428684f Move module and docs under the exploit/linux/http folder 2016-09-20 12:45:23 +03:00
David Maloney e315ec4e73 Merge branch 'master' into bug/7321/fix-ssh-modules 2016-09-19 15:27:37 -05:00
h00die edd1704080 reexploit and other docs and edits added 2016-09-18 09:01:41 -04:00
h00die 4f85a1171f reexploit and other docs and edits added 2016-09-18 08:51:27 -04:00
Thao Doan d2100bfc4e Land #7301, Support URIHOST for exim4_dovecot_exec for NAT 2016-09-16 12:49:57 -07:00
Thao Doan 7c396dbf59 Use URIHOST 2016-09-16 12:48:54 -07:00
William Vu 4d0643f4d1 Add missing DefaultTarget to Docker exploit 2016-09-16 13:09:00 -05:00
William Vu da516cb939 Land #7027, Docker privesc exploit 2016-09-16 12:44:21 -05:00
William Vu e3060194c6 Fix formatting in ubiquiti_airos_file_upload 
Also add :config and :use_agent options.
 2016-09-16 12:27:09 -05:00
h00die 4be4bcf7eb forgot updates 2016-09-16 02:08:09 -04:00
h00die 2e42e0f091 first commit 2016-09-16 01:54:49 -04:00
David Maloney dfcd5742c1 some more minor fixes 
some more minor fixes around broken
ssh modules

7321
 2016-09-15 14:25:17 -05:00
David Maloney e10c133eef fix the exagrid exploit module 
split the exagrid exploit module up and
refactor to be able to easily tell if the
key or the password was used

7321
 2016-09-15 11:44:19 -05:00
William Vu c6214d9c5e Fix and clean module 2016-09-14 14:36:29 -05:00
Brent Cook 7352029497 first round of SSL damage fixes 2016-09-13 17:42:31 -05:00
aushack 11342356f8 Support LHOST for metasploit behind NAT 2016-09-13 11:23:49 +10:00
catatonic c06ee991ed Adding WiFi pineapple command injection via authenticaiton bypass. 2016-09-06 17:22:25 -07:00