adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
40,756 Commits 27 Branches 1,043 Tags
38382bb61a8be2effe64c8d55eacec39bfd39dba
Commit Graph

9975 Commits

Author SHA1 Message Date
bwatters_r7 64550a188a Land #7797, Add module for DiskBoss Enterprise (EDB-40869) 2017-01-13 08:55:24 -06:00
Gabor Seljan 483865b815 Fix reference 2017-01-11 23:28:23 +01:00
wchen-r7 abab1f17c9 Merge master to cisco_cve_2016_6433 and make sure I have the latest 2017-01-11 14:39:52 -06:00
Brent Cook 2585c8c8b5 Land #7461, convert futex_requeue (towelroot) module to use targetting and core_loadlib 2017-01-11 13:24:25 -06:00
Gabor Seljan 24014d8465 Minor code formatting 2017-01-10 22:59:42 +01:00
wchen-r7 74cea5dd04 Use Linux payloads instead of cmd/unix/interact 
As of now, cmd/unix/interact causes msfconsole to freeze, so
we can't use this.
 2017-01-09 11:11:17 -06:00
Gabor Seljan 9162374ae3 Add automatic targeting 2017-01-08 11:23:18 +01:00
Gabor Seljan d2472712f3 Add module for DiskBoss Enterprise (EDB-40869) 2017-01-07 19:44:38 +01:00
wchen-r7 e331066d6d Add CVE-2016-6433 Cisco Firepower Management Console UserAdd Exploit 2017-01-06 17:05:25 -06:00
William Vu 19319f15d4 Land #7626, Eir D1000 modem exploit 2017-01-04 17:02:39 -06:00
William Vu b0e79076fe Switch to wget CmdStager and tune timing 
We don't want to trample the device with requests.
 2017-01-04 16:42:53 -06:00
William Vu 94d76cfb06 Merge remote-tracking branch 'upstream/master' into tr-069-ntpserver-command-injection 2017-01-03 17:04:04 -06:00
Brent Cook 7585999e18 Land #7782, Update themoon exploit to use wget command stager 2017-01-03 16:30:12 -06:00
wchen-r7 ed74b239e3 Land #7768, PHPMailer Sendmail Argument Injection exploit 2017-01-03 16:04:05 -06:00
wchen-r7 3155af679a Fix a typo 2017-01-03 16:03:45 -06:00
Adam Cammack fe0a3c8669 Update themoon exploit to use wget command stager 2017-01-03 15:50:57 -06:00
Spencer McIntyre cd90fd3b1c Fix PHPMailer targets since 5.2.20 is not affected 2016-12-30 15:31:15 -05:00
Spencer McIntyre 1eab4b3a7d Add an optional explicit triggeruri for phpmailer 2016-12-30 14:24:07 -05:00
Spencer McIntyre 64037b0d6e Use a proper target instead of VERSION 2016-12-29 17:37:16 -05:00
Spencer McIntyre c9dd7a50b6 Add the PHPMailer Argument Injection exploit 2016-12-29 17:17:06 -05:00
William Vu 9d0ada9b83 Land #7749, make drb_remote_codeexec great again 2016-12-28 06:11:48 -06:00
William Vu cfca4b121c Clean up module 2016-12-28 06:10:46 -06:00
William Vu afd8315e1d Remove apache_continuum_cmd_exec CmdStager flavor 
It is inferred from the platform, and we don't want to override it
needlessly. :bourne is what worked during testing, but it won't always
work. Now we can override the flavor with CMDSTAGER::FLAVOR.
 2016-12-27 16:24:16 -06:00
Brent Cook 57e4bcbf71 Land #7454, add CVE-2013-6282, put_user/get_user exploit for Android 2016-12-24 14:44:34 -06:00
joernchen of Phenoelit 679ebf31bd Minor fix to make dRuby great again 2016-12-23 15:12:22 +01:00
joernchen of Phenoelit d69acd116d Make dRuby great again 2016-12-22 15:37:16 +01:00
William Vu 934b05e736 Land #7310, at(1) persistence module 2016-12-22 03:33:58 -06:00
William Vu b65a62ba93 Clean up module 2016-12-22 03:33:08 -06:00
Tim 25a8283af3 fork early and use WfsDelay 2016-12-20 00:59:27 +08:00
Tim f1efa760df more fixes 2016-12-20 00:52:11 +08:00
Tim 7ac3859393 convert futex_requeue module to use targetting and core_loadlib 2016-12-20 00:52:11 +08:00
Tim c2dc350378 better fix for session compatibility 2016-12-15 17:41:44 +08:00
Brent Cook fa016de78a Land #7634, Implement universal HTTP/S handlers for Meterpreter payloads 2016-12-13 18:13:22 -06:00
Tim fe9972cc25 fork early and use WfsDelay 2016-12-13 17:02:23 +08:00
Tim 7b7deb0588 better library cleanup 2016-12-13 17:02:23 +08:00
Tim 96b01effa7 cleanup library after use 2016-12-13 17:02:23 +08:00
Tim 909773120c typos 2016-12-13 17:02:23 +08:00
Tim ebf7ae0739 add CVE-2013-6282, put_user/get_user exploit for Android 2016-12-13 17:02:23 +08:00
Tod Beardsley a4f681ae35 Add quoted hex encoding 2016-12-06 09:05:35 -06:00
Tod Beardsley d549c2793f Fix module filename to be TR-064 2016-12-02 08:49:21 -06:00
Tod Beardsley 9e4e9ae614 Add a reference to the TR-064 spec 2016-12-02 08:48:09 -06:00
Tod Beardsley ddac5600e3 Reference TR-064, not TR-069 2016-12-02 08:45:15 -06:00
wchen-r7 41355898fa Remove extra def report_cred in vbulletin_vote_sqli_exec 2016-12-01 15:31:24 -06:00
wchen-r7 174cd74900 Land #7532, Add bypass UAC local exploit via Event Viewer module 2016-12-01 11:16:49 -06:00
wchen-r7 1e9d80c998 Fix another typo 2016-12-01 11:16:06 -06:00
wchen-r7 b8243b5d10 Fix a typo 2016-12-01 11:15:26 -06:00
William Vu 1d6ee7192a Land #7427, new options for nagios_xi_chained_rce 2016-11-30 17:11:02 -06:00
William Vu 3e8cdd1f36 Polish up USER_ID and API_TOKEN options 2016-11-30 17:10:52 -06:00
OJ ebf5121359 Merge branch 'upstream/master' into add-bypassuac-eventvwr 2016-12-01 07:58:16 +10:00
OJ 6890e56b30 Remove call to missing function 2016-12-01 07:57:54 +10:00