adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

18316 Commits

Author SHA1 Message Date
Spencer McIntyre 9dc02229e9 Support ARCH_CMD payloads in the psexec exploit module 2020-07-06 10:33:03 -04:00
William Vu 41bb4d3a8d Add dir_trav method back in 
I was wondering why I refactored it away. Oh, I needed it.
 2020-07-05 18:23:45 -05:00
William Vu 1f765d0e1f Upgrade CheckCodes, since the dir traversal passed 2020-07-05 16:29:53 -05:00
William Vu 6e7701ba21 Add rudimentary check method 2020-07-05 16:18:03 -05:00
William Vu 0417e88ff2 Add F5 BIG-IP TMUI RCE (CVE-2020-5902) 2020-07-05 15:22:15 -05:00
William Vu 36b5d237fa Make cmd/unix target types consistent to :unix_cmd 
There were some using :unix_command, and it was just an oversight.
 2020-07-05 11:16:47 -05:00
Brendan Coles f9a5de87f8 Land #13789, Add OpenSIS Unauthenticated PHP Code Execution module 2020-07-04 15:49:45 +00:00
h00die 89332d0056 native python for plex unpickle 2020-07-03 19:37:18 -04:00
EgiX b286eda4d1 Update opensis_chain_exec.rb 2020-07-03 18:00:36 +02:00
EgiX 3866d875e1 Update modules/exploits/unix/webapp/opensis_chain_exec.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2020-07-03 17:38:33 +02:00
EgiX 60ec23c271 Update opensis_chain_exec.rb 2020-07-01 23:38:07 +02:00
William Vu 01899d4843 Land #13787, AutoCheck mixin refactor with prepend 2020-07-01 14:49:03 -05:00
William Vu 08c1402be9 Land #13733, AnyDesk GUI CVE-2020-13160 exploit 2020-07-01 14:47:07 -05:00
William Vu 5ec31d2e41 Update recent modules to use prepend 2020-07-01 14:43:15 -05:00
William Vu ffc07d6c8f Merge remote-tracking branch 'upstream/master' into pr/13787 2020-07-01 14:42:16 -05:00
Spencer McIntyre a27bf9df38 Fix some grammatical mistakes and set a default target for anydesk 2020-07-01 15:27:33 -04:00
wvu-r7 e0fbc9fd05 Correct whitespace change 
Seems like a typo.
 2020-07-01 11:00:04 -05:00
Shelby Pace e2f6330755 Land #13725, fix error / clean up atutor exploit 2020-06-30 13:32:34 -05:00
William Vu 755d2d3261 Use subpar regex validation on LEAK_FILE 2020-06-30 11:17:26 -05:00
EgiX bd3f772bbc Add openSIS Unauthenticated PHP Code Execution 
This PR is for a module that exploit multiple vulnerabilities in openSIS 7.4 and prior versions which could be abused by unauthenticated attackers to execute arbitrary PHP code with the permissions of the webserver. The module has been successfully tested with openSIS version 7.3 and 7.4 running on a LAMP system.
 2020-06-30 15:35:32 +02:00
Alan Foster b841246536 Update autocheck to use prepend instead of include, add ForceExploit functionality 2020-06-30 11:40:46 +01:00
h00die a99a3c2d75 working albumn_name length thanks to acammack 2020-06-30 00:28:57 -04:00
Shelby Pace 2b1af9acaa Land #13610, add atutor auth dir trav / rce 2020-06-29 11:58:34 -05:00
Shelby Pace ad48170a18 replace forceexploit with autocheck 2020-06-29 11:54:01 -05:00
Shelby Pace f2c79ca1ef add changes for linux 2020-06-29 10:43:26 -05:00
William Vu 3ba619acee Land #13521, Bolt CMS authenticated RCE 2020-06-28 23:50:53 -05:00
William Vu 156eea4292 Fix cleanup blocking on payload execution 2020-06-28 23:07:10 -05:00
William Vu b81629d099 Clean up module 2020-06-28 23:07:10 -05:00
Niboucha Redouane 2c4ca04dca Rename the factory method for SQLi classes, and add a check on the class to instanciate 2020-06-27 14:51:54 +02:00
Jeffrey Martin aa6c037dbd refactor mixin as factory for sqli classes 2020-06-26 15:09:01 -05:00
Shelby Pace 2f6847c321 move login to its own method 2020-06-26 14:50:34 -05:00
Spencer McIntyre bb33bc9c62 Randomize the bad unicode character used to trigger the vulnerability 2020-06-26 13:05:43 -04:00
William Vu 03b171f7f1 RuboCop more aggressively 2020-06-26 11:25:38 -05:00
gwillcox-r7 ad47a2e9c9 Land #13770, Update IBM DRM modules with URL and correct versions 2020-06-26 10:34:12 -05:00
Pedro Ribeiro 6e8178735f Update ibm_drm_rce.rb 2020-06-26 11:38:55 +07:00
Pedro Ribeiro 2ba8573ef9 Update IBM DRM rce module 2020-06-26 11:31:10 +07:00
Pedro Ribeiro 34fd858265 Update IBM DRM SSH module 2020-06-26 11:28:21 +07:00
Spencer McIntyre fb4ec60a30 Apply rubocop linting and add an Ubuntu 20.04 target 2020-06-25 16:18:17 -04:00
William Vu 7273ac1a92 Move module to unix/webapp 2020-06-25 12:44:42 -05:00
William Vu c03c580d12 Merge remote-tracking branch 'upstream/master' into pr/13521 2020-06-25 12:21:57 -05:00
Alan Foster a754225ba5 update deprecation notice to have a reason 2020-06-25 12:17:31 -04:00
Christophe De La Fuente 77276ee3e2 Land #13604, Ignition Automation RCE module 2020-06-25 18:14:57 +02:00
Pedro Ribeiro 432a9acfcd Update modules/exploits/multi/scada/inductive_ignition_rce.rb 
Co-authored-by: cdelafuente-r7 <56716719+cdelafuente-r7@users.noreply.github.com>
 2020-06-25 22:43:12 +07:00
h00die 94cc286689 update docs and 401 handling code 2020-06-24 21:05:23 -04:00
gwillcox-r7 0dde85f562 Land #13739, Cisco AnyConnect Priv Esc via Path Traversal 2020-06-24 17:47:52 -05:00
gwillcox-r7 15de510623 Add in RuboCop and msftidy_docs.rb fixes 2020-06-24 17:19:21 -05:00
Christophe De La Fuente 5f64444d4f Update module and documentation from code review 2020-06-24 23:34:26 +02:00
kalba-security d0509fecf4 Improve the method of setting the cmdstager flavor 2020-06-24 06:50:00 -04:00
Niboucha Redouane 8b7ad94168 Fix error message, SqliDelay instead of SQLI_SLEEP 2020-06-24 00:48:07 +02:00
Niboucha Redouane f89f80be47 add default value for options of SQLi constructors, and fix eyesofnetwork module 2020-06-24 00:38:13 +02:00