adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
40,898 Commits 27 Branches 1,043 Tags
3ced5aece1663aec630efc1f0a76184f23673f8c
Commit Graph

21393 Commits

Author SHA1 Message Date
Louis Sato 1c6d7ee33e additional changes for Nexpose XXE Arbitrary File Read 2017-01-25 10:29:58 -06:00
Brent Cook 9414b8ff4e update payload sizes 2017-01-25 03:47:44 -06:00
William Vu 48ed8a72c2 Add helpful comment 2017-01-24 20:03:39 -06:00
William Vu ec8add6caa Always check and print status 2017-01-24 20:00:17 -06:00
William Vu 42a8e2a113 Remove extraneous variable 2017-01-24 19:50:31 -06:00
William Vu 97050a6c47 Fix nil bug in scan 2017-01-24 19:49:23 -06:00
wchen-r7 f4db90edeb Land #7852, Firefox nsSMILTimeContainer::NotifyTimeChange() rce 2017-01-23 11:56:01 -06:00
wchen-r7 04648888b3 Be conservative and do NormalRanking 2017-01-23 11:55:30 -06:00
Brent Cook ff2b8dcf99 Revert "Land #7605, Mysql privilege escalation, CVE-2016-6664" - premature merge 
This reverts commit 92a1c1ece4, reversing
changes made to 9b16cdf602.
 2017-01-22 19:16:33 -06:00
Brent Cook 92a1c1ece4 Land #7605, Mysql privilege escalation, CVE-2016-6664 2017-01-22 17:17:28 -06:00
Brent Cook 15a4ec629b remove TRUE 2017-01-22 10:20:03 -06:00
Brent Cook 836da6177f Cipher::Cipher is deprecated 2017-01-22 10:20:03 -06:00
Brent Cook f69b4a330e handle Ruby 2.4 Fixnum/Bignum -> Integer deprecations 2017-01-22 10:20:03 -06:00
h00die 12a4a62737 Land #7848, a Disk Savvy Enterprise bof 2017-01-21 09:11:43 -05:00
Gabor Seljan bda464fd6b Increase output 2017-01-21 10:51:58 +01:00
Gabor Seljan e3043b0889 Use random string as egg 2017-01-21 10:28:47 +01:00
Gabor Seljan c47f087c83 Fix check code 2017-01-21 09:39:09 +01:00
William Webb 0eb5342d83 disclosure date 2017-01-20 11:57:50 -06:00
William Webb d8f04ccc18 address msftidy complaints 2017-01-20 11:56:11 -06:00
William Webb fb74b2d8f3 initial commit of finished product 2017-01-20 11:01:36 -06:00
Jin Qian b4d3e9da8d This closes #7849 on the confusing message. 
Use result.proof which has the right message. Thanks to Wei for pointing it
 2017-01-19 15:39:10 -06:00
Gabor Seljan 905213cc41 Add module for DiskSavvy Enterprise (EDB-40854) 2017-01-19 20:34:00 +01:00
wchen-r7 b5f41b2915 Update advantech_webaccess_dbvisitor_sqli name 2017-01-18 11:09:52 -06:00
wchen-r7 dd60e1a113 Land #7833, update tomcat_administration module documentation 2017-01-17 13:46:37 -06:00
bwatters_r7 4035dd7485 Land #7796, Improve zip module windows script fallback 2017-01-17 10:59:04 -06:00
h00die c31d398549 more description 2017-01-16 09:46:56 -05:00
bwatters_r7 bcbb7b86d6 Changed encoding on jscript contents before uploading it 2017-01-13 16:19:58 -06:00
bwatters_r7 64550a188a Land #7797, Add module for DiskBoss Enterprise (EDB-40869) 2017-01-13 08:55:24 -06:00
Gabor Seljan 483865b815 Fix reference 2017-01-11 23:28:23 +01:00
wchen-r7 abab1f17c9 Merge master to cisco_cve_2016_6433 and make sure I have the latest 2017-01-11 14:39:52 -06:00
Brent Cook 2585c8c8b5 Land #7461, convert futex_requeue (towelroot) module to use targetting and core_loadlib 2017-01-11 13:24:25 -06:00
Brent Cook 43493e310e update payload sizes 2017-01-10 16:54:31 -06:00
Gabor Seljan 24014d8465 Minor code formatting 2017-01-10 22:59:42 +01:00
wchen-r7 18347a8de7 Land #7774, Fix pivoting of UDP sockets in scanners 2017-01-10 13:57:28 -06:00
wchen-r7 74cea5dd04 Use Linux payloads instead of cmd/unix/interact 
As of now, cmd/unix/interact causes msfconsole to freeze, so
we can't use this.
 2017-01-09 11:11:17 -06:00
Gabor Seljan 9162374ae3 Add automatic targeting 2017-01-08 11:23:18 +01:00
Gabor Seljan d2472712f3 Add module for DiskBoss Enterprise (EDB-40869) 2017-01-07 19:44:38 +01:00
Brent Cook cdcf4cce7d improve zip module windows script fallback 
- handle non-English locales
 - wait more reliably, handle network paths where FS info gets stale
 - use absolute paths correctly
 2017-01-07 12:27:03 -06:00
wchen-r7 e331066d6d Add CVE-2016-6433 Cisco Firepower Management Console UserAdd Exploit 2017-01-06 17:05:25 -06:00
dmohanty-r7 5cba9b0034 Land #7747, Add LoginScanner module for BAVision IP cameras 2017-01-06 16:25:44 -06:00
William Vu 19319f15d4 Land #7626, Eir D1000 modem exploit 2017-01-04 17:02:39 -06:00
William Vu b0e79076fe Switch to wget CmdStager and tune timing 
We don't want to trample the device with requests.
 2017-01-04 16:42:53 -06:00
William Vu 94d76cfb06 Merge remote-tracking branch 'upstream/master' into tr-069-ntpserver-command-injection 2017-01-03 17:04:04 -06:00
Brent Cook 7585999e18 Land #7782, Update themoon exploit to use wget command stager 2017-01-03 16:30:12 -06:00
wchen-r7 ed74b239e3 Land #7768, PHPMailer Sendmail Argument Injection exploit 2017-01-03 16:04:05 -06:00
wchen-r7 3155af679a Fix a typo 2017-01-03 16:03:45 -06:00
Adam Cammack fe0a3c8669 Update themoon exploit to use wget command stager 2017-01-03 15:50:57 -06:00
Brent Cook 04a026e786 remove lies from module, this is a bound socket 2017-01-02 09:47:18 -06:00
Brent Cook fdca963b61 check if the socket exists before closing 2016-12-30 14:59:31 -06:00
Spencer McIntyre cd90fd3b1c Fix PHPMailer targets since 5.2.20 is not affected 2016-12-30 15:31:15 -05:00