adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,671 Commits 27 Branches 1,043 Tags
33e1c8ffdbda47d9d3ce684617ceba7f2e7fb577
Commit Graph

28309 Commits

Author SHA1 Message Date
Pedro Ribeiro 33e1c8ffdb Fix issues 2020-04-08 12:26:37 +07:00
Radek Domanski e2e69a5053 Adding exploit for tplink_archer_a7_c7_lan 2020-04-07 19:57:34 +02:00
Shelby Pace 7934d1de09 Land #13098, add Pandora FMS module 2020-04-06 11:42:24 -05:00
Shelby Pace a3c07b7cc1 use nospace opt, fix regex, iterate id_agente 2020-04-06 11:34:13 -05:00
bwatters-r7 9474b5fda1 Land #13187, Add LPE Exploit For CVE-2020-0796 (AKA: SMBGhost) (take2) 
Merge branch 'land-13187' into upstream-master
 2020-04-03 11:25:48 -05:00
bwatters-r7 182bd67287 Land #13187, Add LPE Exploit For CVE-2020-0796 (AKA: SMBGhost) 
Merge branch 'land-13187' into upstream-master
 2020-04-03 11:19:50 -05:00
Spencer McIntyre 94f18cc67a Add the AKA reference to CoronaBlue for accuracy 2020-04-03 11:01:43 -04:00
Spencer McIntyre bea42876ee Land #13067, PlaySMS template injection RCE 2020-04-03 10:22:35 -04:00
Spencer McIntyre bd835e8f2d Cleanup more status methods and move the module 2020-04-03 10:21:27 -04:00
Brent Cook 8451c1345b Land #10579, add sharphound post module, upstream updating tool 2020-04-03 09:10:40 -05:00
Spencer McIntyre 126b9e2172 Address PR comments for CVE-2020-0796 2020-04-03 08:56:53 -04:00
William Vu b343ac6452 Don't delay the session and update module doc 2020-04-02 17:34:20 -05:00
William Vu 79142cf445 Move module to unix/webapp 2020-04-02 17:22:34 -05:00
William Vu f9c8f62491 Fix PHP payload so we can get a session 
It's ENCODER, not ENCODE, so the payload wasn't being encoded, leaving
semicolons unencoded and causing a 500 error on the server.

Also preferred payload.encoded over payload.encode and removed a stray
brace that wasn't causing any issues.
 2020-04-02 17:16:19 -05:00
Spencer McIntyre 276475c308 Check compression in the check method for SMBGhost 2020-04-02 17:35:17 -04:00
Spencer McIntyre 3392fa18d4 Add the x64 LPE exploit for CVE-2020-0796 2020-04-02 17:22:00 -04:00
William Vu a375c18d77 Land #13123, VMware Fusion OS X LPE CVE-2020-3950 2020-04-02 11:53:43 -05:00
William Vu 5aab28a1a6 Fix command separator conflict 2020-04-02 11:30:59 -05:00
bwatters-r7 859eda92bb Land #12759, Apache Solr Remote Code Execution via Velocity Template 
Merge branch 'land-12759' into upstream-master
 2020-04-02 11:23:33 -05:00
William Vu 7ed37c2e77 Fix module and get it working on 10.1.6 2020-04-02 11:06:21 -05:00
Spencer McIntyre 3e166f2d3f Grammatical changes for docs and status updates 2020-04-02 10:26:50 -05:00
Adam Galway e8d134fc56 Land #12096, DNN cookie desrialization exploit 2020-04-02 15:57:46 +01:00
William Vu 23bc62dac3 Land #12818, Cable Haunt WebSocket DoS module 2020-03-31 15:57:03 -05:00
William Vu c147541777 Fix auxiliary/gather/chrome_debugger and doc 2020-03-31 12:23:19 -05:00
William Vu 8811c51644 Clean up module and update module doc 2020-03-31 12:23:19 -05:00
Adam Galway bc12db45cd Land #13172, bumps metasploit_payloads-mettle gem 2020-03-31 17:44:02 +01:00
h00die 954f123e7e remove extra lines 2020-03-30 22:25:16 -04:00
h00die 1b658aa85f 11.5.3 cleanup and reliability 2020-03-30 22:22:01 -04:00
Touhid M Shaikh b87ed645d9 Updated to use php payload 
Now, this module will work on the Windows platform also because it's not dependent on the OS now.
 2020-03-31 01:16:20 +05:30
William Vu 1e90c6117c Land #13152, IBM PA/TM1 CVE-2019-4716 exploit 2020-03-30 10:50:50 -05:00
Tim W def95c41ce update payload cached sizes 2020-03-30 16:12:42 +08:00
Pedro Ribeiro d904eed010 add badchars for various targets 2020-03-30 12:49:58 +07:00
ide0x90 861b79bce7 Added new targets and made documentation consistent 2020-03-29 00:33:24 +08:00
h00die 0291adf4c7 add 11.5.3 exploit 2020-03-28 11:55:55 -04:00
Pedro Ribeiro 59c2079aa4 split AIX and Linux cmd targets 2020-03-28 14:35:24 +07:00
Pedro Ribeiro 46286f8981 change to payload.encoded 2020-03-28 14:30:20 +07:00
Pedro Ribeiro 2ac177cb39 make changes for ARCH_CMD, add multiple targets 2020-03-28 14:22:21 +07:00
Pedro Ribeiro 6a6b99885d Add ARCH_CMD, tested and working 2020-03-28 13:55:09 +07:00
Pedro Ribeiro 5ac0145bb4 Update modules/exploits/multi/misc/ibm_tm1_unauth_rce.rb 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2020-03-28 11:04:31 +07:00
Green-m 92fb321f9f Satify the msftidy_docs. 2020-03-28 11:46:55 +08:00
Green-m 4b1762081f Renane module to redis_extension_cmd_exec. 
Fix #12143
 2020-03-28 11:37:18 +08:00
h00die a4e11fd311 spaces EOL SMH 2020-03-27 18:01:44 -04:00
h00die e9e142b573 shoutout 2020-03-27 18:01:43 -04:00
h00die 7bc30ecf39 add version check 2020-03-27 18:01:43 -04:00
h00die eda3653a51 tidy 2020-03-27 18:01:43 -04:00
h00die 4f6e2fe84e vmware fusion osx lpe 2020-03-27 18:01:43 -04:00
William Vu 8010da8c04 Land #13141, cmd/unix/reverse_tclsh payload 2020-03-27 14:34:40 -05:00
Shelby Pace 5f0c9942d2 Land #12756, add dlink dwl2600 exploit 2020-03-27 12:38:35 -05:00
Shelby Pace 8aa4d7a944 remove mixins, add CVE 2020-03-27 12:37:40 -05:00
Pedro Ribeiro c4f05fb566 Update modules/exploits/multi/misc/ibm_tm1_unauth_rce.rb 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2020-03-27 16:29:34 +07:00