adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

18316 Commits

Author SHA1 Message Date
William Vu f08349982d Use CheckModule scanner in java_rmi_server exploit 2020-08-24 10:11:03 -05:00
Brendan Coles 786d59d360 Use AutoCheck mixin and prefer cc over gcc 2020-08-24 11:47:50 +00:00
Christophe De La Fuente 4d3e641a09 Make it work again 2020-08-21 19:22:10 +02:00
Niboucha Redouane 43501cc92c rubocop / remove newline at EOF 2020-08-20 15:50:18 +02:00
Niboucha Redouane c83ec8ea04 Add Artica Proxy RCE+Auth bypass module 2020-08-20 02:15:58 +02:00
Tim W eabc59e5ed fix disown 2020-08-19 00:04:14 +08:00
Shelby Pace 6e2a7001a9 Land #13994, add Dlink Wifi manager rce 2020-08-18 09:34:19 -05:00
Shelby Pace d79ad5efca minor rubocop fix 2020-08-18 09:33:32 -05:00
Tim W dce83ad859 cleanup properly 2020-08-18 17:42:56 +08:00
Tim W 6fad6f8e8d fix check method 2020-08-18 15:56:05 +08:00
Tim W 0e4fcd7379 CVE-2020-9839 2020-08-18 15:56:01 +08:00
Niboucha Redouane 0a20a217dc Fix description of the vulnerability 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-08-17 21:06:46 +02:00
Niboucha Redouane 602865ef70 refactor if in check method 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-08-17 21:01:34 +02:00
William Vu de5f335618 Fix formatting 2020-08-17 11:53:39 -05:00
William Vu 0c34c2559e Remove no-op Nokogiri::XML pretty printing 
ea1f3d60f1
 2020-08-17 11:16:11 -05:00
gwillcox-r7 27ae6c4edd Land #13986, Add CVE-2020-16205 exploit for Geutebruck G-CAM 2020-08-17 09:24:32 -05:00
Spencer McIntyre ea1f3d60f1 Adjust XML whitespace and add commands to the setup docs 2020-08-17 10:03:44 -04:00
William Vu eda222434f Execute commands in a shell 2020-08-14 21:46:34 -05:00
William Vu 22cf22fe53 Fix ARCH_CMD payload 
Currently, we're not invoking within a shell.
 2020-08-14 21:46:34 -05:00
William Vu f151c511bc Explain what we're doing in the check 2020-08-14 21:46:34 -05:00
William Vu d3febe3284 Set SSL as a DefaultOption and update RPORT 2020-08-14 21:46:34 -05:00
William Vu 46b6368597 Add Apache OFBiz XML-RPC Java deserialization 2020-08-14 21:46:34 -05:00
William Vu 4a8b64a12f Use WritableDir in execute_cmdstager, too 2020-08-14 21:07:08 -05:00
ddouhine 93fa66bfc5 Update geutebruck_testaction_exec.rb 
And a fix for the fix ;)
I guess now everything will work as intended !
 2020-08-15 00:56:53 +02:00
gwillcox-r7 1da359ee01 Merge with last fix. This fix just fixes a issue with a method call as I tried calling the nonexistant method .true? 2020-08-14 17:49:02 -05:00
gwillcox-r7 896c8aacae Add in AutoCheck mixin so that we ensure targets are vulnerable before attempting to exploit them. 2020-08-14 17:27:39 -05:00
gwillcox-r7 898f94320c Add in fixes to check method so that the code will return the correct status if the connection fails 2020-08-14 17:18:31 -05:00
ddouhine f3fdcf4343 Update geutebruck_testaction_exec.rb 
Oops sorry, don't know what this "return true" was doing there.
 2020-08-14 23:56:21 +02:00
ddouhine f726967ba7 Update geutebruck_testaction_exec.rb 
with the updated check using `Gem::Version`
 2020-08-14 23:17:26 +02:00
h00die cd41d9c3c9 Land #13911, iphone 4 on ios 7.1.2 safari jit for root 2020-08-14 16:01:14 -04:00
William Vu a6f7c0c0de Backport miscellaneous fixes to my modules 2020-08-14 13:40:23 -05:00
Tod Beardsley f401f48138 Update vbulletin module with correct CVE 
Apparently someone snarfed the CVE for this out from under me. Since they were faster
to publish, we should use that number instead of the one out of our block.
 2020-08-14 08:25:57 -05:00
Tim W 60fcaf06a2 rubocop 2020-08-14 16:10:40 +08:00
Tim W b5e465641b CVE-2020-9850 external source 2020-08-14 16:10:40 +08:00
Tim W 1eaf66dab1 CVE-2020-9850 2020-08-14 16:10:34 +08:00
gwillcox-r7 0dc53c46d4 Apply Rubocop fixes I forgot about and update the module description to add in missing information about affected parameters 2020-08-13 15:23:09 -05:00
gwillcox-r7 c59b3835f9 Fix up module description to have better sentence structure and English and to also include the actual versions of the products that were affected in addition to the firmware versions. This prevents people from having to read the documentation to find affected targets 2020-08-13 15:18:10 -05:00
gwillcox-r7 3c70f37dbe Update exploit ranking to reflect the fact that this is a CMD Injection vulnerability with no chance of crashing the host 2020-08-13 14:40:33 -05:00
ddouhine 959689d5de Update geutebruck_testaction_exec.rb 
Fixed rubocop offenses / msftidy warnings and added @bcoles enhancements.
 2020-08-13 14:29:31 -05:00
ddouhine 5f6a0746a6 Update modules/exploits/linux/http/geutebruck_testaction_exec.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2020-08-13 14:29:30 -05:00
ddouhine a69d941a72 Update modules/exploits/linux/http/geutebruck_testaction_exec.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2020-08-13 14:29:30 -05:00
ddouhine 4ceb542fac Update modules/exploits/linux/http/geutebruck_testaction_exec.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2020-08-13 14:29:30 -05:00
ddouhine a5e25f5a42 Add exploit for Geutebruck G-CAM 2020-08-13 14:29:28 -05:00
Niboucha Redouane 1a468fa210 remove unneeded include, left from an attempt to execute native payloads 2020-08-13 15:51:09 +02:00
Niboucha Redouane 66d3b1cd59 Add exploit for CVE-2019-13372 2020-08-13 15:07:11 +02:00
Spencer McIntyre 24b1235cf7 Whitespace adjustment and remove superfluous return statements 2020-08-12 13:59:25 -04:00
Amir Etemadieh 0b1efd0fe9 Update modules/exploits/multi/http/vbulletin_widget_template_rce.rb 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2020-08-12 09:33:16 -07:00
Zenofex e334217636 Fix from bad merge for vbulletin_widget_template_rce module. 2020-08-11 19:09:14 -05:00
Zenofex 8db34ea91b vBulletin_widget_template_rce merge 2020-08-11 18:40:09 -05:00
Zenofex 3ef01c468f Ran vBulletin_widget_template_rce through rubocop, cleaned up results. 2020-08-11 18:38:41 -05:00