adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

4544 Commits

Author SHA1 Message Date
thesubtlety 9bb102d72d add jenkins v2 cookie support 2017-08-09 12:29:31 -04:00
Brent Cook 6f97e45b35 enable Ruby 2.2 compat checks in Rubocop, correct multi/handler compat 2017-08-02 06:18:02 -05:00
TC Johnson 8989d6dff2 Modified Accuvant bog posts to the new Optive urls 2017-08-02 13:25:17 +10:00
Ricardo Almeida 4845b4b1fa Orientdb 2.2.x RCE - Fix regular expression for version detection 2017-07-26 14:35:05 +01:00
Ricardo Almeida 30664924c8 Orientdb 2.2.x RCE - Reverted to send_request_raw due to issues exploiting windows boxes 2017-07-26 13:59:14 +01:00
Brent Cook 354869205a make exploit/multi/handler passive 
This gives exploit/multi/handler a makeover, updating to use more-or-less
standard Ruby, and removing any mystical hacks at the same time (like select
instead of sleep).

This also gives it a Passive stance, and sets ExitOnSession to be false by
default, which is the setting that people use 99% of the time anyway.
 2017-07-24 15:47:06 -07:00
Brent Cook 6300758c46 use https for metaploit.com links 2017-07-24 06:26:21 -07:00
Brent Cook 838b066abe Merge branch 'master' into land-8716 2017-07-24 05:51:44 -07:00
Ricardo Almeida 6c22f785e9 Orientdb 2.2.x RCE - Fine tune vulnerable version detection; removed redundant uri normalization checking; Swapped send_request_raw for send_request_cgi; using vars_get; 2017-07-24 09:52:47 +01:00
xfer0 968fc45b11 Update struts2_code_exec_showcase.rb 
Remove debug code
 2017-07-22 11:57:03 -04:00
g0tmi1k 524373bb48 OCD - Removed un-needed full stop 2017-07-21 07:41:51 -07:00
g0tmi1k 772bec23a1 Fix various typos 2017-07-21 07:40:08 -07:00
g0tmi1k ef826b3f2c OCD - print_good & print_error 2017-07-19 12:48:52 +01:00
g0tmi1k b8d80d87f1 Remove last newline after class - Make @wvu-r7 happy 2017-07-19 11:19:49 +01:00
g0tmi1k 3d4feffc62 OCD - Spaces & headings 2017-07-19 11:04:15 +01:00
Ricardo Almeida f3f96babb9 Orientdb 2.2.x RCE - Changed the java_craft_runtime_exec function; Tested the module against Win7-Pro-x64 with OrientDB v2.2.20 with StagerCmd flavors vbs and certutil with success 2017-07-19 10:46:10 +01:00
Ricardo Almeida 219987726f Orientdb 2.2.x RCE - Changed the CmdStager flavor to VBS script 2017-07-18 17:18:14 +01:00
Ricardo Almeida 5ca523e2ce Orientdb 2.2.x RCE - Add warning about windows 2017-07-18 17:11:54 +01:00
Ricardo Almeida af0a9c2f86 Orientdb 2.2.x RCE tidy stuff 2017-07-18 17:07:29 +01:00
Ricardo Almeida 99ba645034 Orientdb 2.2.x RCE 2017-07-18 16:53:44 +01:00
xfer0 034736019b Update struts2_code_exec_showcase.rb 
Add additional references
 2017-07-17 14:20:11 -04:00
xfer0 b0a95c8455 Update struts2_code_exec_showcase.rb 
Update method check with new OGNL expression
 2017-07-16 21:30:07 -04:00
xfer0 0be6ce30e8 Update struts2_code_exec_showcase.rb 
Add datastore option POSTPARAM
 2017-07-16 12:28:24 -04:00
xfer0 ffbc12d404 Update struts2_code_exec_showcase.rb 
Update to ARCH_CMD module
 2017-07-15 23:33:01 -04:00
xfer0 c7fcdceb56 Update struts2_code_exec_showcase.rb 
Remote trailing whitespaces
 2017-07-15 21:37:38 -04:00
xfer0 27d2d7e31f Update struts2_code_exec_showcase.rb 
Update Authors
 2017-07-15 21:27:50 -04:00
xfer0 d5ba6ea157 Update struts2_code_exec_showcase.rb 
Remove trailing whitespace
 2017-07-15 19:52:29 -04:00
xfer0 60af2c8a7b Update struts2_code_exec_showcase.rb 
Remove trailing whitespace
 2017-07-15 19:34:44 -04:00
xfer0 6af2192f39 Update struts2_code_exec_showcase.rb 
Add Author credit
 2017-07-15 19:25:07 -04:00
xfer0 0c52f0cb55 Update struts2_code_exec_showcase.rb 
Remove trailing spaces
 2017-07-15 17:48:34 -04:00
xfer0 3d9d1e49fa Update struts2_code_exec_showcase.rb 
Add vuln check
 2017-07-15 17:18:11 -04:00
xfer0 c3e07e0770 Create struts2_code_exec_showcase.rb 
Add module for CVE-2017-9791
 2017-07-15 16:55:47 -04:00
David Maloney 8f6cac9c37 Land #8652, rpc console write exploit 
lands pr for the metasploit rpc console write exploit
 2017-07-14 14:47:35 -05:00
g0tmi1k 4720d1a31e OCD fixes - Spaces 2017-07-14 08:46:59 +01:00
g0tmi1k fd843f364b Removed extra lines 2017-07-14 08:17:16 +01:00
g0tmi1k 424522147e OCD fixes - Start of *.rb files 2017-07-13 23:53:59 +01:00
Emanuel Bronshtein df024bb594 Remove duplicate setting of suhosin.simulation 2017-07-10 00:46:05 +03:00
Brent Cook 3bda361544 add old hackingteam leak name 2017-07-07 00:52:11 -05:00
Brendan Coles baff473cae Add Metasploit RPC Console Command Execution module 2017-07-05 08:48:35 +00:00
William Vu 7e1b50ab3b Land #8629, AKA (also known as) module reference 2017-06-28 19:15:45 -05:00
Brent Cook aa8c580aba updates 2017-06-28 20:14:38 -04:00
Brent Cook d20036e0fb revise spelling, add heartbleed and tidy checks 2017-06-28 18:50:20 -04:00
William Vu 43d8c4c5e7 Land #8519, Apache ActiveMQ file upload exploit 2017-06-28 17:19:39 -05:00
Brent Cook 461ab4501d add 'Also known as', AKA 'AKA', to module references 2017-06-28 15:53:00 -04:00
Jin Qian b51fc0a34e Land #8489, more httpClient modules use store_valid_credential 2017-06-21 17:18:34 -05:00
Pearce Barry 58cd432120 Added docs, minor code tweak to remove duplication. 2017-06-19 17:35:41 -05:00
thesubtlety 49d998f7d9 catch invalid tokens 2017-06-15 21:45:29 -04:00
thesubtlety f4ffade406 add ability to specify API token instead of password 2017-06-15 21:05:53 -04:00
Brendan Coles 0766f92013 Add option for workspace 2017-06-13 12:46:36 +00:00
Brendan Coles 6a4c61456d Add ProcessMaker Plugin Upload exploit module 2017-06-10 08:59:20 +00:00