adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

3986 Commits

Author SHA1 Message Date
kalba-security f0255e3c81 Fix atutor_filemanager_traversal credentials checks and clean up code 2020-06-15 12:15:00 -04:00
mdisec a0740f4698 Add trend micro websecurity rce 2020-06-14 20:33:46 +03:00
h00die 4702d87684 cleanup 2020-06-12 10:46:44 -04:00
Niboucha Redouane 083d986dce Undo formatting changes to existing modules 2020-06-11 19:15:17 +02:00
dwelch-r7 10bb17d8fd Land #13374, Fix encoding bug 2020-06-11 12:30:12 +01:00
Niboucha Redouane ecb1a0bb16 add test_vulnerable to MySQLi class, and fix minor issues with the test modules 2020-06-10 21:59:51 +02:00
Christophe De La Fuente 797673fd57 Land #13537, add new module linuxki_rce (CVE-2020-7209) 2020-06-10 11:46:34 +02:00
Numan Türle 14bb64c8ae Update linuxki_rce.rb 
default payload added
 2020-06-10 01:59:00 +03:00
Niboucha Redouane 0f936f7500 Various fixes and enhancements 2020-06-09 23:43:15 +02:00
Niboucha Redouane f1d3b33099 Merge branch 'master' of https://github.com/rapid7/metasploit-framework into GSOC/SQLi_Engine 2020-06-09 21:15:18 +02:00
Christophe De La Fuente 9f2a29d4fe Update last batch of modules 2020-06-09 14:18:52 +02:00
Christophe De La Fuente 3580ac18a1 Fix typo 2020-06-09 14:18:52 +02:00
Christophe De La Fuente 0bb93b4efb Update modules 
- ms17_010_command  and ms17_010_psexec: deregister
  SMB::ProtocolVersion option
- client: update error handling
- is_known_pipename: force SMB1 only for #enumerate_directories and
  update error handling
 2020-06-09 14:18:52 +02:00
Christophe De La Fuente 2f873fefcd Update modules 
- modules/auxiliary/scanner/smb/smb_enumshares.rb
- modules/exploits/linux/samba/setinfopolicy_heap.rb
- modules/exploits/linux/samba/trans2open.rb
- modules/exploits/multi/samba/usermap_script.rb
- modules/exploits/windows/smb/ipass_pipe_exec.rb
 2020-06-09 14:18:52 +02:00
Numan Türle 095b6855e9 Update modules/exploits/linux/http/linuxki_rce.rb 
Co-authored-by: cdelafuente-r7 <56716719+cdelafuente-r7@users.noreply.github.com>
 2020-06-08 16:03:33 +03:00
numanturle d238c00e1c add target 2020-06-07 20:36:01 +03:00
Niboucha Redouane 4654941092 add test modules 2020-06-05 22:11:27 +02:00
William Vu 64de8c4503 Document directory traversals 2020-06-02 22:13:07 -05:00
William Vu 4a9c2988e2 Base64-encode command payload to avoid escaping 2020-06-02 22:13:07 -05:00
William Vu 32ae47c9a9 Add Cisco UCS Director Cloupia script RCE 2020-06-02 22:13:07 -05:00
numanturle dd5ed53217 fix missing module 
CmdStager included
 2020-05-30 06:09:49 +03:00
numanturle f7cdbc5faf author name change 2020-05-30 05:49:22 +03:00
numanturle f8d9ab8d7a add arch 2020-05-30 05:39:52 +03:00
numanturle 558487c9de modify failure 2020-05-30 04:34:00 +03:00
numanturle d5492014a7 fix res nil 2020-05-30 04:29:35 +03:00
numanturle e2050393bc modify docs and exploit 2020-05-30 04:23:46 +03:00
William Vu f60e569c1b Add Cisco CML and VIRL-PE advisory to Salt modules 
Hat tip @brudis-r7!
 2020-05-29 15:24:00 -05:00
numanturle 4921814b85 Add new module linuxki_rce 2020-05-29 18:20:46 +03:00
William Vu d6aea635c7 Update authors in Netsweeper/myLittleAdmin modules 
Edits for accuracy and precision.
 2020-05-22 17:05:12 -05:00
William Vu 06f9099d7f Add BASE_DN and ROOT_KEY to vmdir and Salt modules 2020-05-22 11:16:58 -05:00
Spencer McIntyre b49dd37614 Land #13494, Add Plesk/myLittleAdmin ViewState .NET deserialization pre-auth RCE 2020-05-22 11:53:41 -04:00
bwatters-r7 2d56931663 Land #13287, CVE-2017-15889 Synology DSM < 5.2-5967-5 authenticated root exploit 
Merge branch 'land-13487' into upstream-master
 2020-05-22 10:07:50 -05:00
William Vu 11030dff84 Add CVE references (they weren't there before) 2020-05-21 18:12:57 -05:00
h00die c1996d58ed add forcexploit 2020-05-21 17:39:54 -04:00
Spencer McIntyre ecd3c0f820 Minor doc changes, add module notes and SQLi progress output 2020-05-21 16:31:45 -04:00
kalba-security 7c2c227ea0 Improve version checks, remove comments from previous testing 2020-05-20 18:06:42 -04:00
h00die 4721e605d0 5.2 root exploit 2020-05-19 20:19:51 -04:00
h00die e5da35d579 commit for help 2020-05-19 18:40:29 -04:00
h00die cbd0943024 commit for help 2020-05-19 18:39:49 -04:00
kalba-security 6d72fe4854 Update eyesofnetwork_autodiscovery_rce module and documentation 2020-05-19 11:48:48 -04:00
cn-kali-team 930a175830 Replace multibyte 2020-05-18 16:30:40 +08:00
Spencer McIntyre e3e82ca17e Land #13401, Add SaltStack Salt root key disclosure and RCE 2020-05-12 14:18:50 -04:00
William Vu 235f822937 Add Netsweeper WebAdmin unixlogin.php pre-auth RCE 2020-05-12 08:34:20 -05:00
William Vu 06cae74d51 Note what CheckModule is used to provide a check 
Hat tip @ccondon-r7 for making me realize my standard comment needs to
be reapplied.
 2020-05-11 12:28:02 -05:00
William Vu 83dde571a2 Add VMware vRealize Operations Manager advisory 
Hat tip @brudis-r7!
 2020-05-11 12:05:38 -05:00
William Vu 6e8abd7a40 Add SaltStack Salt unauthenticated RCE module 2020-05-11 12:05:38 -05:00
Pedro Ribeiro d31ddadd74 Fix advisory link in Qradar sploit 2020-05-09 14:59:43 +07:00
William Vu 80b64830cc Land #13304, IBM DRM SSH exploit 2020-05-05 12:08:02 -05:00
William Vu e0a67f4fd1 Land #13300, IBM DRM RCE 2020-05-05 12:07:15 -05:00
Pedro Ribeiro 1cb91dcb42 Address review comments 
Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update ibm_drm_a3user.md

Update modules/exploits/linux/ssh/ibm_drm_a3user.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/ssh/ibm_drm_a3user.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/ssh/ibm_drm_a3user.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/ssh/ibm_drm_a3user.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/ssh/ibm_drm_a3user.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/ssh/ibm_drm_a3user.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/ssh/ibm_drm_a3user.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/ssh/ibm_drm_a3user.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/ssh/ibm_drm_a3user.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/ssh/ibm_drm_a3user.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/ssh/ibm_drm_a3user.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/ssh/ibm_drm_a3user.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

use fail_with
 2020-05-05 10:58:05 -05:00