adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

2936 Commits

Author SHA1 Message Date
William Vu ea793802cc Land #4528, mantisbt_php_exec improvements 2015-01-08 04:50:00 -06:00
sinn3r ef97d15158 Fix msftidy and make sure all print_*s in check() are vprint_*s 2015-01-07 12:12:25 -06:00
James Lee 3e80efb5a8 Land #4521, Pandora FMS upload 2015-01-07 11:13:57 -06:00
James Lee 1ccef7dc3c Shorter timeout so we get shell sooner 
The request to execute our payload will never return, so waiting for the
default timeout (20 seconds) is pointless.
 2015-01-07 11:11:33 -06:00
James Lee efe83a4f31 Whitespace 2015-01-07 10:19:17 -06:00
Christian Mehlmauer 09bd0465cf fix regex 2015-01-07 11:54:55 +01:00
rcnunez b3def856fd Applied changes recommended by jlee-r7 
used Rex::ConnectionError
refactor begin/rescue blocks
removed ::URI::InvalidURIError
changed @peer with peer
used Exploit::CheckCode:Appears instead of Exploit::CheckCode::Vulnerable
 2015-01-07 18:38:19 +08:00
Christian Mehlmauer eaad4e0bea fix check method 2015-01-07 11:01:08 +01:00
Christian Mehlmauer 862af074e9 fix bug 2015-01-07 09:10:50 +01:00
Christian Mehlmauer d007b72ab3 favor include? over =~ 2015-01-07 07:33:16 +01:00
Christian Mehlmauer 4277c20a83 use include? 2015-01-07 06:51:28 +01:00
Christian Mehlmauer 39e33739ea support for anonymous login 2015-01-07 00:08:04 +01:00
Christian Mehlmauer bf0bdd00df added some links, use the res variable 2015-01-06 23:25:11 +01:00
Christian Mehlmauer f9f2bc07ac some improvements to the mantis module 2015-01-06 11:33:45 +01:00
rcnunez 547b7f2752 Syntax and File Upload BugFix 
Fix unexpected ) in line 118
Fix file cleanup missing _
Fix more robust version check script
Fix file upload
 2015-01-05 19:23:22 +08:00
Pedro Ribeiro c9b76a806a Create manageengine_auth_upload.rb 2015-01-04 17:05:53 +00:00
Tod Beardsley c1718fa490 Land #4440, git client exploit from @jhart-r7 
Also fixes #4435 and makes progress against #4445.
 2015-01-01 13:18:43 -06:00
Tod Beardsley d7564f47cc Move Mercurial option to advanced, update ref url 
See #4440
 2015-01-01 13:08:36 -06:00
Tod Beardsley 914c724abe Rename module 
See rapid7#4440
 2015-01-01 13:03:17 -06:00
Jon Hart 65977c9762 Add some more useful URLs 2014-12-31 10:54:04 -08:00
Christian Mehlmauer 96fe693c54 update drupal regex 2014-12-30 09:12:39 +01:00
Jon Hart 51049152b6 Use Rex::Text.rand_mail_address for more realistic fake commit 2014-12-26 10:39:52 -08:00
Jon Hart a692656ab7 Update comments to reflect reality, minor cleanup 2014-12-23 19:09:45 -08:00
Jon Hart 59f75709ea Print out malicious URLs that will be used by default 2014-12-23 10:10:31 -08:00
Jon Hart 905f483915 Remove unused and commented URIPATH 2014-12-23 09:40:27 -08:00
Jon Hart 8e57688f04 Use random URIs by default, different method for enabling/disabling Git/Mercurial 2014-12-23 09:39:39 -08:00
Jon Hart bd3dc8a5e7 Use fail_with rather than fail 2014-12-23 08:20:03 -08:00
Jon Hart 015b96a24a Add back perl and bash related payloads since Windows git will have these and OS X should 2014-12-23 08:13:00 -08:00
Meatballs 16302f752e Enable generic command 2014-12-23 14:22:26 +00:00
Meatballs a3b0b9de62 Configure module to target bash by default 2014-12-23 14:19:51 +00:00
Meatballs 313d6cc2f8 Add super call 2014-12-23 14:12:47 +00:00
Meatballs 43221d4cb0 Remove redundant debugging stuff 2014-12-23 14:09:12 +00:00
Meatballs 42a10d6d50 Add Powershell target 2014-12-23 14:07:57 +00:00
Jon Hart abec7c206b Update description to describe current limitations 2014-12-22 20:32:45 -08:00
Jon Hart 1505588bf6 Rename the file to reflect what it really is 2014-12-22 20:27:40 -08:00
Jon Hart ff440ed5a4 Describe vulns in more detail, add more URLs 2014-12-22 20:20:48 -08:00
Jon Hart b4f6d984dc Minor style cleanup 2014-12-22 17:51:35 -08:00
Jon Hart 421fc20964 Partial mercurial support. Still need to implement bundle format 2014-12-22 17:44:14 -08:00
Jon Hart fdd1d085ff Don't encode the payload because this only complicates OS X 2014-12-22 13:36:38 -08:00
Jon Hart ea9f5ed6ca Minor cleanup 2014-12-22 12:16:53 -08:00
Jon Hart dd73424bd1 Don't link to unused repositories 2014-12-22 12:04:55 -08:00
Jon Hart 6c8cecf895 Make git/mercurial support toggle-able, default mercurial to off 2014-12-22 11:36:50 -08:00
Jon Hart 574d3624a7 Clean up setup_git verbose printing 2014-12-22 11:09:08 -08:00
Jon Hart 16543012d7 Correct planted clone commands 2014-12-22 10:56:33 -08:00
Jon Hart 01055cd41e Use a trigger to try to only start a handler after the malicious file has been requested 2014-12-22 10:43:54 -08:00
Jon Hart 3bcd67ec2e Unique URLs for public repo page and malicious git/mercurial repos 2014-12-22 10:03:30 -08:00
Jon Hart 308eea0c2c Make malicious hook file name be customizable 2014-12-22 08:28:55 -08:00
Jon Hart 7f3cfd2207 Add a ranking 2014-12-22 07:51:47 -08:00
Jon Hart 74783b1c78 Remove ruby and telnet requirement 2014-12-21 10:06:06 -08:00
Jon Hart 31f320c901 Add mercurial debugging 2014-12-20 20:00:12 -08:00