adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

4544 Commits

Author SHA1 Message Date
Wei Chen 12141136d7 Land #9896, Java JMX Package Name Randomization 
Land #9896
 2018-07-02 13:41:39 -05:00
Ishaq Mohammed 70eb943b5a Update monstra_fileupload_exec.rb 2018-06-30 13:40:12 +05:30
Ishaq Mohammed 89ba960309 username and password values removed 
username and password values removed
 2018-06-30 12:47:13 +05:30
Ishaq Mohammed 128438f444 Merge pull request #2 from touhidshaikh/monstra_fileupload_exec 
Monstra fileupload exec
 2018-06-30 12:03:14 +05:30
Touhid M Shaikh f3e3d0c30b monstra_fileupload_exec.rb 
Monstra CMS - Authenticated  Arbitrary File Upload / Remote Code Execution CVE 2017-18048
 2018-06-28 10:55:41 +05:30
phra 54c2bc36e9 fix: invert if else order 2018-06-28 01:33:56 +02:00
phra e614805948 chore: fix msftidy 2018-06-28 01:27:51 +02:00
phra da22b36997 chore: fix typo 2018-06-27 17:16:38 +02:00
phra 53f158ef4f refactor: universal check, payload platform check 2018-06-27 17:11:47 +02:00
Jacob Robles 00102a7413 oscommerce msftidy fix 2018-06-26 08:21:10 -05:00
Jacob Robles cb50d0fade Land #9825, Add 'phpMyAdmin Authenticated Remote Code Execution' 2018-06-18 08:51:53 -05:00
Jacob Robles 2e2ded22fc Use Gem::Version 
Simplify version comparisons
 2018-06-18 08:35:47 -05:00
Jacob Robles 122ea2ddcb Update module, Add docs 
Changed the module to an exploit module and
added documentation.
 2018-06-18 07:33:05 -05:00
phra e9db949418 refactor: replace last string with hash 2018-06-01 16:59:38 +02:00
phra ae3e8dab78 chore: update references 2018-06-01 16:58:26 +02:00
phra 5649dd0598 refactor: use Hash.to_json instead of strings 2018-06-01 16:57:57 +02:00
Brent Cook fad5a99c7d fix incorrect disclosure date 2018-05-25 02:59:08 -05:00
phra 6d4ad57beb refactor: use Rex built-in encoders 2018-05-21 22:14:39 +02:00
phra c9ab44234a refactor: remove predefined cmd stager flavor, increase linemax 2018-05-19 15:55:11 +02:00
phra d239fb17db refactor: update code as requested 2018-05-19 15:50:10 +02:00
phra 8a1cb1e560 fix: fix indentation 2018-05-19 03:27:35 +02:00
phra 5d37451dc8 fix: use print_error instead of puts 2018-05-19 03:26:49 +02:00
phra b010d23427 exploits: add CVE-2018-1000049 exploit module, fixes #10063 2018-05-19 03:10:06 +02:00
Touhid M Shaikh 12457d14f7 vTiger CRM v6.3.0 (CVE:2015-6000,CVE:2016-1713) 
an attacker may choose to upload a file containing PHP code and run this code by accessing the resulting PHP file.
 2018-05-19 01:13:10 +05:30
William Vu 739d58135f Move EXE generation in struts_code_exec_parameters 2018-05-16 06:15:40 -05:00
William Vu 6ec0272ff5 Land #8727, CVE-2017-9791 exploit 2018-05-16 05:41:26 -05:00
William Vu eaec1d7486 Clean up module 2018-05-16 05:39:17 -05:00
Jacob Robles 9811de430c Land #9878, Add MSF module for EDB 6768, Mantis <= v1.1.3 Post-auth RCE 2018-05-09 11:55:22 -05:00
Jacob Robles a1fed72423 store credential, use vprints 2018-05-09 11:50:07 -05:00
Jacob Robles a18459a14c Fix indentation, documentation update 2018-05-07 09:22:21 -05:00
Touhid M Shaikh 235cac621f playsms_CVE-2017-9101 
playsms_CVE-2017-9101
 2018-05-07 18:55:22 +05:30
Touhid M Shaikh 74793efdef Delete playsms_uploadcsv_exec.rb 2018-05-07 18:54:35 +05:30
Touhid M Shaikh fefaa45a50 playsms_CVE-2017-9101 
playsms_CVE-2017-9101
 2018-05-07 18:53:07 +05:30
Jacob Robles 222b1fb27c Land #9944, playsms_filename_exec.rb 2018-05-07 07:43:16 -05:00
Jacob Robles 601411fe7b store credentials 2018-05-07 07:26:28 -05:00
Jacob Robles 4b8ceab522 Fix indentation, update documentation 2018-05-07 07:22:53 -05:00
Touhid M Shaikh 71d6841471 updated 
indentation and fix CVE
 2018-05-04 21:33:07 +05:30
Touhid M Shaikh aa69fc9e77 updated 
print_status to vprint_status
 2018-05-04 21:13:26 +05:30
Touhid M Shaikh e824f0f8b0 updated 
added CVE, URL and done randomizing content
 2018-05-04 21:00:04 +05:30
Jacob Robles d6cf32fad8 Land #9821, osCommerce 2.3.4.1 - Remote Code Execution 2018-05-02 07:29:15 -05:00
Lars Sorenson 2ca05ee7c1 Remove explicit EDB url in favor of MSF autogenerated one 
Use more appropriate Failwith errors for connection issues
Remove an unnecessary `to_s` call
Use the cookie kwarg for send_request_cgi over explicitly setting a header
 2018-04-29 22:24:49 -04:00
Aaron Soto c4bca03fea Land #9908, msfd_rce_remote and msfd_rce_browser 2018-04-27 18:54:17 -05:00
Touhid M Shaikh ce099aea76 playsms_filename_exec.rb 
PlaySMS sendfromfile.php Authenticated "Filename" Field Code Execution
 2018-04-28 01:15:52 +05:30
Sergey Gorbaty fb3857222a Java JMX Package Name Randomization 2018-04-19 10:10:56 -07:00
Lars Sorenson 143fdde1f8 Flipped Safe and Appears in check 2018-04-15 12:10:10 -04:00
Lars Sorenson 60ac89c336 Restructure some logic to make the flow more intuitive 2018-04-14 15:03:12 -04:00
Lars Sorenson 36c1bf5453 Remove a missed tab 2018-04-14 10:30:49 -04:00
Lars Sorenson 083f6936fd Update for @bcoles review 
Refactor version checking to use Gem::Version
Change the title of the exploit to fit convention
Change print statements used in check to vprint
Change fail_with Failure for connection issues to be Unknown instead
	of NoAccess
Add CVE reference
Refactor how some nil checking is done for response for
	send_request_cgi
Text-wrap description to 80 chars
Remove unnecessary string interpolation for cookie in payload
	delivery
Change how the payload cradle is escaped and encoded; switch to HTTP
	POST for stealth
Remove nil check that is redundant and also typo'd to
 2018-04-14 10:24:05 -04:00
Lars Sorenson 486ab7c776 Update for msftidy and contribution guidelines 2018-04-14 09:20:13 -04:00
Lars Sorenson 27ded57cda Add MSF module for EDB 6768 2018-04-14 08:51:51 -04:00