adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
47,870 Commits 27 Branches 1,043 Tags
2e75f46d34bdcdde2f3c2ce5a25e59cd82253dd8
Commit Graph

1863 Commits

Author SHA1 Message Date
Brent Cook ae48ba635a Land #10417, Update check method of Hadoop exploit 2018-08-04 07:28:45 -05:00
Green-m d2c53e1c88 Update the check method. 2018-08-03 01:39:37 -04:00
Tim W 8785ec21b6 Land #9884, add linux ufo priv esc module 2018-08-02 17:53:36 +08:00
Tim W ff418afd1a add a default payload 2018-08-02 17:48:44 +08:00
Tim W cbe85acef5 fix bad link in bpf priv esc 2018-08-02 17:28:22 +08:00
Tim W 1c810249b1 ufo privesc is x64 only 2018-08-02 17:24:44 +08:00
William Vu 4eef9e64ea Implement dropper target in axis_srv_parhand_rce 2018-07-31 21:43:29 -05:00
Wei Chen bcfb3d099b Land #10255, Adding Micro Focus Secure Messaging Gateway RCE 2018-07-30 21:07:02 -05:00
Mehmet İnce 48a903f0b3 Fixing r and sql variables use same object issue 2018-07-31 00:57:32 +03:00
Brent Cook e78337d59a Land #10374, Net::SSH::CommandStream fixes 2018-07-25 18:21:39 -05:00
Wei Chen 6c2e8f2402 Land #10300, Add root exploit for Axis network cameras 2018-07-25 14:46:04 -05:00
Wei Chen f169afff6a Add documentation and a new reference 2018-07-25 14:44:44 -05:00
William Vu 60faddebbf Update authors with sinn3r 2018-07-25 14:35:09 -05:00
William Vu efacaef9df Clamp compatible payloads until we know better 2018-07-25 14:14:15 -05:00
William Vu 86d634cb64 Update module for MVP 2018-07-25 12:01:36 -05:00
Sonny Gonzalez f5ccdcfcd2 Net SSH CommandStream fixes implemented 
* Net::SSH::CommandStream typos fixed
* Net::SSH::CommandStream cleanup made more robust and refactored
* require 'net/ssh/command_stream' added to various modules
 2018-07-25 11:22:28 -05:00
Brent Cook 08290b81c0 Land #10282, Add support for running external modules outside of msfconsole 2018-07-18 17:38:40 -05:00
Brent Cook b90583d07c don't throw an exception in haraka checks if we cannot connect 2018-07-18 17:17:45 -05:00
Tim W 70a1df70a1 Land #9753, Linux BPF sign extension local privesc 2018-07-18 18:44:14 +08:00
Brendan Coles 6bf184dbcf Update tested versions 2018-07-17 06:24:16 +00:00
Jacob Robles 6e450973b9 Land #10295, Add QNAP Q'Center change_passwd Command Execution exploit 2018-07-14 10:09:46 -05:00
Jacob Robles 18e65abc54 Fix link 2018-07-14 10:03:01 -05:00
Brendan Coles 9bdec97b2e Fix bpf_sign_extension_priv_esc 2018-07-13 23:01:17 +00:00
Brendan Coles 4e72dff791 Update module references 2018-07-14 05:03:13 +10:00
William Vu c9001699cd Land #10027, Hadoop unauthed command execution 2018-07-12 21:58:49 -05:00
William Vu 50252c75d6 Clean up module 
With a little rubocop -a.
 2018-07-12 21:58:00 -05:00
William Vu 9080b38dcc Add Axis camera exploit (VDOO research) 2018-07-12 18:46:49 -05:00
Wei Chen e613b2570a Land #10299, Add 88 CVEs to various auxiliary and exploit modules 2018-07-12 18:26:07 -05:00
William Vu 3546286049 Add missed ARCH_CMD to top-level Arch array 
It's not necessary because of targets, but it's required for printing.
 2018-07-12 17:37:06 -05:00
asoto-r7 1a3a4ef5e4 Revised 88 aux and exploit modules to add CVEs / references 2018-07-12 17:34:52 -05:00
Brendan Coles 4b62f41369 Add QNAP Q'Center change_passwd Command Execution exploit 2018-07-12 20:00:17 +00:00
William Vu acb20e5a29 Land #9780, CouchDB auth bypass and RCE 2018-07-12 03:36:17 -05:00
William Vu f53080ee60 Fix exploit and do final cleanup 2018-07-12 02:13:30 -05:00
William Vu 167745c124 Selectively add RuboCop fixes 2018-07-11 22:49:46 -05:00
William Vu ccc3267166 Correct rubocop -a 
We'll update .rubocop.yml later.
 2018-07-11 22:49:46 -05:00
William Vu ca5e496b8f Run rubocop -a 2018-07-11 21:40:19 -05:00
Brent Cook 1af360d7e0 Land #10108, add IBM QRadar SIEM exploit 2018-07-10 11:52:32 -05:00
Adam Cammack 1fddbdb8ef Specify the command option external modules 2018-07-10 10:24:07 -05:00
Wei Chen 5fc5a47cd2 Update CVE references for exploit modules 
These are based on cross references by EDB, OSVDB, module short
name, blog post and BID.
 2018-07-08 18:46:04 -05:00
Brendan Coles f14d06b9d1 Fix ufo_privilege_escalation 2018-07-08 11:05:30 +00:00
Shelby Pace b5fb970aec Land #10133, Add HID discoveryd RCE exploit 2018-07-06 14:32:29 -05:00
Brent Cook 05a0d79be7 Land #10219, Add HP VAN SDN Controller exploit 2018-07-05 14:21:44 -05:00
William Vu 53d5d82498 Rename module to match new vector 2018-07-05 13:31:16 -05:00
William Vu 762b4b5e53 Simplify creds auth by checking X-Auth-Token alone 
It's a lot more direct than checking for the redirect.
 2018-07-05 13:20:27 -05:00
William Vu 2b069f45ca Clarify how we're using the auth token for creds 
In the service token's case, the service token *is* the auth token.
 2018-07-05 13:05:23 -05:00
Mehmet İnce a272dcabd7 Fix typos and additional updates regarding to review 2018-07-05 13:33:40 +01:00
Mehmet İnce 3b8149216f print a verbose error message 2018-07-04 23:20:58 +01:00
Mehmet İnce 4c1c2e9288 Adding Micro Focus Secure Messaging Gateway RCE 2018-07-04 17:47:13 +01:00
William Vu 41b0adad88 Use uninstall action command injection 2018-07-03 18:07:22 -05:00
William Vu a25a656d28 Add "E" to HP to make HPE for better searches 
We'll stick with calling it HP everywhere else.
 2018-07-03 10:29:09 -05:00