adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

2409 Commits

Author SHA1 Message Date
kalba-security dc34acd070 Push to test autocheck issue 2020-07-09 16:43:18 -04:00
kalba-security 6bb20f41d8 Code review changes 2020-07-09 15:21:13 -05:00
kalba-security 36397a3e8f Add cmdstager support 2020-07-09 15:21:12 -05:00
kalba-security 3ac3dcb3cf Incorporate suggestios from code review 2020-07-09 15:21:12 -05:00
kalba-security c2abb40890 Fix HTTP timeout 2020-07-09 15:21:12 -05:00
kalba-security 3eceeca911 Add Pandora FMS Events Remote Code Execution module and docs 2020-07-09 15:21:12 -05:00
William Vu 398c13a1b2 Add Mikhail Klyuchnikov's writeup as a reference 2020-07-08 14:36:42 -05:00
William Vu ee240393f4 Credit Mikhail Klyuchnikov for CVE-2019-19781 2020-07-08 14:35:16 -05:00
William Vu d726a2cdcb Fix a few final things 2020-07-07 12:06:05 -05:00
William Vu c8176b803a Add version information to the description 2020-07-06 16:24:22 -05:00
William Vu 7ef4cb64ad Tweak timeouts to avoid a race condition 2020-07-06 14:30:27 -05:00
William Vu be90526d5f Add vuln discovery credit and reference 2020-07-06 14:26:52 -05:00
William Vu 41bb4d3a8d Add dir_trav method back in 
I was wondering why I refactored it away. Oh, I needed it.
 2020-07-05 18:23:45 -05:00
William Vu 1f765d0e1f Upgrade CheckCodes, since the dir traversal passed 2020-07-05 16:29:53 -05:00
William Vu 6e7701ba21 Add rudimentary check method 2020-07-05 16:18:03 -05:00
William Vu 0417e88ff2 Add F5 BIG-IP TMUI RCE (CVE-2020-5902) 2020-07-05 15:22:15 -05:00
William Vu 36b5d237fa Make cmd/unix target types consistent to :unix_cmd 
There were some using :unix_command, and it was just an oversight.
 2020-07-05 11:16:47 -05:00
William Vu ffc07d6c8f Merge remote-tracking branch 'upstream/master' into pr/13787 2020-07-01 14:42:16 -05:00
wvu-r7 e0fbc9fd05 Correct whitespace change 
Seems like a typo.
 2020-07-01 11:00:04 -05:00
Shelby Pace e2f6330755 Land #13725, fix error / clean up atutor exploit 2020-06-30 13:32:34 -05:00
William Vu 755d2d3261 Use subpar regex validation on LEAK_FILE 2020-06-30 11:17:26 -05:00
Alan Foster b841246536 Update autocheck to use prepend instead of include, add ForceExploit functionality 2020-06-30 11:40:46 +01:00
Niboucha Redouane 2c4ca04dca Rename the factory method for SQLi classes, and add a check on the class to instanciate 2020-06-27 14:51:54 +02:00
Jeffrey Martin aa6c037dbd refactor mixin as factory for sqli classes 2020-06-26 15:09:01 -05:00
Pedro Ribeiro 6e8178735f Update ibm_drm_rce.rb 2020-06-26 11:38:55 +07:00
Pedro Ribeiro 2ba8573ef9 Update IBM DRM rce module 2020-06-26 11:31:10 +07:00
Niboucha Redouane 8b7ad94168 Fix error message, SqliDelay instead of SQLI_SLEEP 2020-06-24 00:48:07 +02:00
Niboucha Redouane f89f80be47 add default value for options of SQLi constructors, and fix eyesofnetwork module 2020-06-24 00:38:13 +02:00
Niboucha Redouane fba2d2e7be inject the datastore into the SQLi library, and register advanced options 2020-06-22 17:36:38 +02:00
h00die 6e93dcf8c2 Land #13645, Trend Micro WebSecurity RCE 2020-06-22 06:51:26 -04:00
h00die 6a3633c2c0 fixing up some styles and such 2020-06-20 12:05:48 -04:00
mdisec 260607e8f9 Adding check on exploit method 2020-06-19 19:00:52 +03:00
Niboucha Redouane 9d36076264 Add option to specify the range of characters to retrieve 2020-06-19 16:41:57 +02:00
mdisec 7ab5474175 Change check method and regex for cookie 2020-06-19 16:15:11 +03:00
mdisec 229760a826 Fixing document file and module improvements 2020-06-18 20:11:55 +03:00
Shelby Pace db4006e9f6 Land #13607, add Cayin exploit modules 2020-06-18 10:33:49 -05:00
Niboucha Redouane 305dbe9e2f refactor structure, get rid of prefix and suffix 2020-06-18 17:21:10 +02:00
h00die 7bd2ba3aed remove debugging 2020-06-17 12:04:18 -04:00
h00die c2c931030f review comments 2020-06-17 11:47:11 -04:00
Tod Beardsley dc54145fa9 Add CVE-2020-7357 as a reference for Caiyn CMS 2020-06-17 09:56:10 -05:00
kalba-security f0255e3c81 Fix atutor_filemanager_traversal credentials checks and clean up code 2020-06-15 12:15:00 -04:00
mdisec a0740f4698 Add trend micro websecurity rce 2020-06-14 20:33:46 +03:00
h00die 4702d87684 cleanup 2020-06-12 10:46:44 -04:00
Niboucha Redouane 083d986dce Undo formatting changes to existing modules 2020-06-11 19:15:17 +02:00
dwelch-r7 10bb17d8fd Land #13374, Fix encoding bug 2020-06-11 12:30:12 +01:00
Niboucha Redouane ecb1a0bb16 add test_vulnerable to MySQLi class, and fix minor issues with the test modules 2020-06-10 21:59:51 +02:00
Christophe De La Fuente 797673fd57 Land #13537, add new module linuxki_rce (CVE-2020-7209) 2020-06-10 11:46:34 +02:00
Numan Türle 14bb64c8ae Update linuxki_rce.rb 
default payload added
 2020-06-10 01:59:00 +03:00
Niboucha Redouane 0f936f7500 Various fixes and enhancements 2020-06-09 23:43:15 +02:00
Niboucha Redouane f1d3b33099 Merge branch 'master' of https://github.com/rapid7/metasploit-framework into GSOC/SQLi_Engine 2020-06-09 21:15:18 +02:00