adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

6278 Commits

Author SHA1 Message Date
Grant Willcox 863417fca7 Second round of updates and some rubocop changes to conform to standards. 2021-01-06 01:30:40 -06:00
Grant Willcox 81ee149ea2 Add check code support to module and update the documentation accordingly, plus rework the module description 2021-01-06 01:06:08 -06:00
Shelby Pace 7cab5568ab Land #14568, add total upkeep backup download 2021-01-05 14:01:04 -06:00
bwatters 54f5e565fa Land #14330, SpamTitan Gateway Remote Code Execution 
Merge branch 'land-14330' into upstream-master
 2021-01-04 12:14:12 -06:00
Spencer McIntyre 2f58d246e7 Add documentation for the new VSS module 2021-01-04 12:25:41 -05:00
h00die 73b515707e abandoned cart sqli 2021-01-03 17:15:17 -05:00
h00die 97947062b2 standardize language 2021-01-03 16:25:39 -05:00
h00die e2a605de19 add sqlmap reference 2021-01-03 16:20:58 -05:00
h00die 41aff572c0 chopslider 2021-01-02 14:19:30 -05:00
h00die d8c55501a5 ait csv improter exploit 2021-01-01 12:14:52 -05:00
h00die c64d0038ab review step 1 2020-12-31 12:54:33 -05:00
h00die ff3dd7b73a first go of wp_total_upkeep 2020-12-30 16:34:12 -05:00
Spencer McIntyre 8701a2e6e8 Remove the deprecated SOCKS modules in favor of the new unified one 2020-12-29 13:33:06 -05:00
k0pak4 fcf0a3fc65 Update documentation to be msftidy 2020-12-23 13:22:58 -05:00
Grant Willcox 7de662c807 Land #14521, Struts2 Multi Eval OGNL RCE 2020-12-23 11:40:16 -06:00
k0pak4 ea28e9d71d Add version info to documentation 2020-12-23 12:02:06 -05:00
k0pak4 9ac75e492e Add documentation and clean up 2020-12-23 11:59:47 -05:00
Grant Willcox 70f8ff31f8 Update documentation to include missing extra options I forgot to document, edit the wording on the module to match the documentation, and do final touch ups. 2020-12-23 10:50:22 -06:00
Grant Willcox 799b451324 Add in updates to documentation to fix spelling mistakes and to also add in missing documentation for some options, plus to make some explanations a bit clearer. 2020-12-22 17:33:40 -06:00
bwatters d2ca5d331d Add documentation 2020-12-22 14:14:20 -06:00
Grant Willcox 4a449f97d3 Land #14522, Replace hard-coded Shiro default key with ENC_KEY 2020-12-22 09:26:49 -06:00
Grant Willcox 24e8aeffe5 Incorporate review feedback and update the associated documentation. 2020-12-21 17:29:21 -06:00
Grant Willcox 2c66beac17 Land #14429, Create shodan_host.rb, a module to grab ports from a given IP using Shodan 2020-12-21 15:58:17 -06:00
Grant Willcox 12277d3020 Apply RuboCop changes to the exploit module and also make final adjustments to the exploit code to handle some edge cases and fix review comments 2020-12-21 15:26:48 -06:00
William Vu 39110d04f0 Add note about needing an Oracle account 2020-12-18 21:20:29 -06:00
William Vu 4d85602fae Fix incorrect scenario header in module doc 
I retested in VirtualBox and updated the output but not the header.
 2020-12-18 21:15:05 -06:00
C4ssandre 57c57a398d Adding new check to filter out Windows 7 and Windows XP. Indeed, lab experiments has shown that BITS does not attempt to connect to WinRM port, making those systems not vulnerable. 2020-12-19 02:51:48 +01:00
Spencer McIntyre 11faafa4e9 Land #14474, Wordpress 2-day: easy-wp-smtp arbitrary wordpress user password reset 2020-12-18 17:07:46 -05:00
Spencer McIntyre 764efbeac3 Fixup a typo, an unnecessary statement and clarify a statement 2020-12-18 17:07:16 -05:00
h00die 3cb39c2fca Land #14497, wordpress uplicator plugin arbitrary file read 2020-12-18 17:05:40 -05:00
Christophe De La Fuente dc6b67f4c6 Land #14509, Fixes for Solr RCE 2020-12-18 21:51:06 +01:00
h00die 9e6d20a83c create aggressive mode and some review 2020-12-18 15:30:45 -05:00
Spencer McIntyre 9b8b4621df Land #14368, Pulse Connect Secure gzip RCE: cve-2020-8260 2020-12-17 17:43:55 -05:00
h00die a1702e8b53 rubocop and minor adjustments 2020-12-17 06:39:43 -05:00
Spencer McIntyre 87dacce2cd Land #14446, Add Oracle Solaris SunSSH PAM parse_user_name() exploit (CVE-2020-14871) 2020-12-16 16:01:32 -05:00
RAMELLA Sébastien 08e9d0bea2 update module documentation 2020-12-16 19:43:45 +04:00
Christophe De La Fuente c586bde50d Update documentation to add SNMPPORT option description 2020-12-16 15:20:10 +01:00
Christophe De La Fuente 60bcc95edc Fix documentation 2020-12-16 15:15:27 +01:00
Christophe De La Fuente 298deae709 Add documentation 2020-12-16 15:15:27 +01:00
RAMELLA Sébastien 483282b05e fix. spelling typo 2020-12-16 09:01:33 +04:00
Spencer McIntyre 3d7ed70cec Tweak the check method and add module docs 2020-12-15 19:49:29 -05:00
RAMELLA Sébastien e3178c48c4 add. fortios path traversal (cve-2018-13379) 2020-12-15 19:09:37 +04:00
Spencer McIntyre 246c455c96 Reformat the struts2_namespace_ognl module docs 2020-12-15 09:13:06 -05:00
Natto fc96ae0583 Create shodan_host.md 2020-12-15 10:30:58 +08:00
Tim W a30cdfc892 Fix #14254, Add CVE-2020-1054, win32k DrawIconEx OOB Write LPE 2020-12-14 14:54:54 +00:00
Christophe De La Fuente 98d6364248 Land #14482, Use CVE-2020-5752 path traversal bypass for CVE-2019-3999 2020-12-14 15:10:09 +01:00
SunCSR Team 910463b492 Update wp_duplicator_file_read.md 2020-12-13 21:13:33 -05:00
James Lee f255724e01 Changes to support older Solr (tested 5.3.0) 
Use a new parameter instead of a header because older versions don't
have access to the request object.

There was an issue where the exploit would fail if the exec returned -1
despite the payload otherwise working, fixed by not trying to return
output in that case.

Also updates the documentation to reflect that we have a Java target now
and quoting is no longer a concern.
 2020-12-13 19:05:47 -06:00
SunCSR Team cbc99363e9 Update wp_duplicator_file_read.md 2020-12-12 22:55:44 +07:00
SunCSR Team d35d5f1061 Update wp_duplicator_file_read.md 2020-12-12 21:30:56 +07:00