adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

515 Commits

Author SHA1 Message Date
Quentin Kaiser 1d337e9987 No debug. 2018-10-29 13:46:07 +01:00
Quentin Kaiser e76f3ab22f No debug. 2018-10-29 13:44:16 +01:00
Dylan Pindur 94e45b12b1 Replace cmd generation with built-in stager module 2018-10-07 10:15:10 +08:00
Dylan Pindur 0f34f94496 Add back SSL options for tc-agent-xmlrpc-module 2018-10-05 15:11:13 +08:00
Dylan Pindur 8ae0bcbacd Refactor if statements to be cleaner 2018-10-05 09:48:44 +08:00
Dylan Pindur 11d9b44922 Add exploit module for TeamCity Agent XMLRPC 2018-10-03 18:33:10 +08:00
William Vu 4c036e70c1 Fix http://seclists.org links to https:// 
I have no idea how this happened in my own code. I was seeing https://.
 2018-09-15 18:54:45 -05:00
Jacob Robles 9d3e1c1942 Land #10540, weblogic_deserialize, add check method and linux target 2018-08-30 06:08:03 -05:00
Jacob Robles 3161beff69 Prefer opt hash 2018-08-29 14:56:31 -05:00
Jacob Robles bc4442694e Fix Windows target options, remove comspec 2018-08-29 14:23:00 -05:00
Jacob Robles 94e8cdac37 Move files to correct location 2018-08-28 12:38:54 -05:00
Wei Chen 3d0d8f7773 Update false negatives on post auth information 2018-08-20 15:43:07 -05:00
Quentin Kaiser 32bbc1c3a7 Fix fail_with. 2018-08-11 13:10:46 +02:00
Quentin Kaiser 647bcfb596 Add disclosure date. 2018-08-11 13:10:09 +02:00
Quentin Kaiser 44025a6b68 Missing disclosure date. 2018-08-11 13:08:18 +02:00
Quentin Kaiser 75f127d6e0 Add email addresses. 2018-08-11 12:41:04 +02:00
Quentin Kaiser de59e1a07e Add email addresses. 2018-08-11 12:39:59 +02:00
Quentin Kaiser 559983de32 Hashicorp Consul RCE via Services API. 2018-08-10 22:45:42 +02:00
Quentin Kaiser dce03a74c1 Credit where it is due :) 2018-08-10 22:35:54 +02:00
Quentin Kaiser 374e531d8a Hashicorp Consul RCE via rexec API. 2018-08-10 21:35:28 +02:00
William Vu 9a7c34e6e9 Land #10064, Claymore Dual Miner API RCE 2018-07-16 18:02:20 -05:00
Wei Chen 12141136d7 Land #9896, Java JMX Package Name Randomization 
Land #9896
 2018-07-02 13:41:39 -05:00
phra 54c2bc36e9 fix: invert if else order 2018-06-28 01:33:56 +02:00
phra e614805948 chore: fix msftidy 2018-06-28 01:27:51 +02:00
phra da22b36997 chore: fix typo 2018-06-27 17:16:38 +02:00
phra 53f158ef4f refactor: universal check, payload platform check 2018-06-27 17:11:47 +02:00
phra e9db949418 refactor: replace last string with hash 2018-06-01 16:59:38 +02:00
phra ae3e8dab78 chore: update references 2018-06-01 16:58:26 +02:00
phra 5649dd0598 refactor: use Hash.to_json instead of strings 2018-06-01 16:57:57 +02:00
phra 6d4ad57beb refactor: use Rex built-in encoders 2018-05-21 22:14:39 +02:00
phra c9ab44234a refactor: remove predefined cmd stager flavor, increase linemax 2018-05-19 15:55:11 +02:00
phra d239fb17db refactor: update code as requested 2018-05-19 15:50:10 +02:00
phra 8a1cb1e560 fix: fix indentation 2018-05-19 03:27:35 +02:00
phra 5d37451dc8 fix: use print_error instead of puts 2018-05-19 03:26:49 +02:00
phra b010d23427 exploits: add CVE-2018-1000049 exploit module, fixes #10063 2018-05-19 03:10:06 +02:00
Aaron Soto c4bca03fea Land #9908, msfd_rce_remote and msfd_rce_browser 2018-04-27 18:54:17 -05:00
Sergey Gorbaty fb3857222a Java JMX Package Name Randomization 2018-04-19 10:10:56 -07:00
Quentin Kaiser 9e3f12665e Plaintext for console type to see what's going on. 2018-02-17 20:11:05 +01:00
Quentin Kaiser e877151895 Attempt at clarifying network exchange using Telnet class IAC related constants. 2018-02-17 14:00:57 +01:00
Quentin Kaiser e86169c217 Clean up Telnet IAC negotation and xplain obscure hex bytes. 2018-02-15 23:08:17 +01:00
Quentin Kaiser 5fbeb74f0c Remove osx platform and fix date. 2018-02-13 23:57:53 +01:00
Quentin Kaiser 0259e794ba OSGi console remote command execution. 2018-02-13 23:38:18 +01:00
bwatters-r7 8be2b1f59e Land # 9407, Add BMC Server Automation RSCD Agent RCE exploit module 
Merge branch 'land-9407' into upstream-master
 2018-01-31 13:35:29 -06:00
Philippe Tranca 35bec8d3cd Fixed classes names and added RMI interfaces 2018-01-17 17:10:36 +01:00
Philippe Tranca d345008b20 Added all the classes that implement RMI server 2018-01-17 17:03:32 +01:00
Philippe Tranca dfb9941e95 Fix java_jmx_server exploit 
Add test case when discovering RMI endpoint as the previous one was not complete
 2018-01-15 12:13:09 +01:00
Nicky Bloor 333ee893d3 Tidied up platform detection, check method, and minor typos. 2018-01-14 18:28:40 +00:00
Nicky Bloor 6568d29b67 Add BMC Server Automation RSCD Agent RCE exploit module. 2018-01-14 01:12:55 +00:00
Patrick Webster 2f6da89674 Change author name to nick. 2017-11-09 03:00:24 +11:00
William Vu 98ae054b06 Land #8931, Node.js debugger exploit 2017-09-25 14:00:13 -05:00