adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

18316 Commits

Author SHA1 Message Date
Shelby Pace 65e1ef4cb8 Land #14253, add wp-file-manager rce for wordpress 2020-11-10 08:48:33 -06:00
Shelby Pace 4382f6ff55 add filedropper usage 2020-11-10 08:47:53 -06:00
Tim W e14813485a Land #14331, add msfvenom apk template cmd injection exploit 2020-11-10 17:33:10 +08:00
h00die b0b9ace606 Revert "remove ruby pulse_secure_cmd_exec" 
This reverts commit efb8557e43.
 2020-11-09 20:09:12 -05:00
Grant Willcox 34697ecc11 Apply further fixes from the review process 2020-11-09 12:11:25 -06:00
stasinopoulos 2d81187b3c Update regarding OMV version identification 2020-11-09 08:58:05 +02:00
h00die da70b74954 fix version numbers 2020-11-08 22:38:53 -05:00
h00die 3c4962e9b0 working and clean 2020-11-08 22:31:26 -05:00
h00die 9f936038e5 cleanup rnd1 2020-11-08 08:42:19 -05:00
h00die 0e62e7793d working session on linux/x86/shell/reverse_tcp 2020-11-08 08:27:55 -05:00
stasinopoulos fc2e9f7c89 Minor update after rubocop run 2020-11-08 10:27:59 +02:00
stasinopoulos ad5b0af9c6 Fixes n' updates 2020-11-08 10:26:31 +02:00
chmod750 5ec0556abd Update modules/exploits/windows/http/sharepoint_ssi_viewstate.rb 
CamelCase update

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>
 2020-11-06 23:26:40 +01:00
chmod750 7a968fcd39 Update modules/exploits/windows/http/sharepoint_ssi_viewstate.rb 
CamelCase update

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>
 2020-11-06 23:20:12 +01:00
chmod750 22b0fae73c Update sharepoint_ssi_viewstate.rb 2020-11-06 16:40:16 +01:00
chmod750 8356b44892 Add cookie header functionnality 2020-11-06 16:16:59 +01:00
Alan Foster 5b438fd933 Preference target values when registering options 2020-11-05 23:16:37 +00:00
kalba-security 31237258e5 Add Rubocop changes 2020-11-05 07:27:51 -05:00
kalba-security e7a20ec47c Add CVE ID to module and docs 2020-11-05 07:05:32 -05:00
kalba-security 0a9589166f Add CVE ID 2020-11-05 06:55:37 -05:00
h00die f39e4d62e2 working but needs cleanup 2020-11-04 17:59:04 -05:00
Grant Willcox a0087842fb Fix an earlier merge mistake, was meant to replace URI.escape with Rex::Text.uri_encode() but instead replaced it with CGI.escape. Fix it to be Rex::Text.uri_encode() 2020-11-04 14:39:16 -06:00
Grant Willcox d50ac2972d Land #14222, Update php_fpm_rce.rb to replace depreciated URI.encode calls with Rex::Text::uri_encode 2020-11-04 14:04:28 -06:00
h00die bacc0f78ed permissions solved 2020-11-04 14:17:16 -05:00
Shelby Pace 79e83cdceb add rubocop change 2020-11-04 10:09:00 -06:00
Shelby Pace e49d99a80d add AutoCheck usage, minor changes 2020-11-04 10:04:14 -06:00
kalba-security ea70c15b56 Implement suggestions from code review 2020-11-04 09:49:27 -05:00
h00die 8a936a07f0 stuck in read only mode 2020-11-03 18:33:40 -05:00
h00die 1e0ea16173 runs, needs cleanup 2020-11-03 15:25:49 -05:00
kalba-security 8aceea1872 Add flexdotnetcms_upload_exec module and docs 2020-11-03 09:50:28 -05:00
kalba-security cf954888da Add horizontcms_upload_exec module and documentation 2020-11-02 13:01:13 -05:00
Spencer McIntyre 659137da94 Remove the DRuby remote code execution module 2020-11-02 08:32:52 -05:00
h00die efb8557e43 remove ruby pulse_secure_cmd_exec 2020-11-01 14:46:46 -05:00
Justin Steven 61f7f01f37 Nicer certificate expiration 
Co-authored-by: bcoles <bcoles@gmail.com>
 2020-10-31 12:14:18 +10:00
Justin Steven cb14287cb2 Add metasploit_msfvenom_apk_template_cmd_injection 2020-10-31 11:28:28 +10:00
C4ssandre 33fa947c72 Improving syntax and code style. 2020-10-28 22:48:01 +00:00
C4ssandre 7364758017 Implementing AutoCheck mixin. 2020-10-28 22:43:08 +00:00
C4ssandre ad74428f6b Change in order to make sure we get the right notepad executed. Change in response to https://github.com/rapid7/metasploit-framework/pull/14046#pullrequestreview-481887070 2020-10-28 21:55:12 +00:00
C4ssandre b36f06178a Fixing some syntax errors. 2020-10-28 18:50:00 +00:00
Che5hireC4t e4272e3c88 Adding metadata to ruby module. 2020-10-28 19:02:15 +01:00
Graeme Robinson bb9464801e Make changes suggested in review 
* Add better explanation of public-api-port option in documentation
* Add example in scenarios where admin API is on different host to
public API (therefore public-api-port option must be used)
* Add targeturi option
* Add version number that has been tested in 2 places in documentation
 2020-10-27 21:13:45 +00:00
Alan Foster 902297d199 Add service stub encoder validation 2020-10-27 15:27:24 +00:00
C4ssandre 7ec20cfb0e Integration of powershell module into exploit. Now, metasploit is in charge of creating the powershell payload and transmit it to running exploit (instead of raw shellcode transformed into powershell previously). 2020-10-25 19:50:45 +00:00
h00die 79384e85f3 remove old .keep files in non-empty directories 2020-10-24 09:41:55 -04:00
bwatters 294269bd4e Land #14300, Fixes and updates for the DRuby RCE module 
Merge branch 'land-14300' into upstream-master
 2020-10-23 14:36:04 -05:00
Spencer McIntyre ba17a5d67f Apply rubocop fixes for the DRuby RCE module 2020-10-22 12:35:35 -04:00
Spencer McIntyre 8aca08f80b Add the DRuby RCE check method 2020-10-22 12:34:51 -04:00
Spencer McIntyre 34e41e66ec Fix the syscall DRuby target by adding a small delay before execve 2020-10-22 12:18:12 -04:00
Spencer McIntyre 49145bfd31 Don't start the DRuby service, it appears unnecessary 2020-10-22 12:15:39 -04:00
Brendan Coles 6258d5b561 Land #14296, Move mercury_login module docs to documentation directory 2020-10-22 13:24:54 +00:00