adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

18316 Commits

Author SHA1 Message Date
William Vu b28d9517bc Exclude multi from automatic PAYLOAD selection 2020-06-23 16:12:28 -05:00
kalba-security 18926e874c Fix file_traversal_path check 2020-06-23 15:26:14 -04:00
adfoster-r7 fceb96e659 Land #13608, update elog calls to be consistent across 2020-06-23 09:47:01 +01:00
Niboucha Redouane fba2d2e7be inject the datastore into the SQLi library, and register advanced options 2020-06-22 17:36:38 +02:00
Christophe De La Fuente 3997dbdade Updates from code review 2020-06-22 16:06:09 +02:00
Pedro Ribeiro 68b48f7a6d add advisory url 2020-06-22 19:39:57 +07:00
Pedro Ribeiro 61806242be add requested changes 2020-06-22 19:06:42 +07:00
Adam Galway 1a2bf98222 creates standard elog & updates exisiting usages 2020-06-22 12:48:39 +01:00
h00die 6e93dcf8c2 Land #13645, Trend Micro WebSecurity RCE 2020-06-22 06:51:26 -04:00
h00die 533bed6b51 pre review updates 2020-06-22 06:30:44 -04:00
h00die 6a3633c2c0 fixing up some styles and such 2020-06-20 12:05:48 -04:00
h00die 9defe33d9a docs and working module 2020-06-20 00:06:46 -04:00
h00die 9f424a8cbb cleanup getting through it 2020-06-19 22:59:19 -04:00
metacom cefcb6c851 new modules with both programs documalis_pdf_editor_and_scanner 2020-06-19 21:39:16 -05:00
h00die 40e6551b8b works with cmd payload calc 2020-06-19 21:16:55 -04:00
Christophe De La Fuente 2e33241a90 Update module and add documentation 2020-06-19 20:17:11 +02:00
mdisec 260607e8f9 Adding check on exploit method 2020-06-19 19:00:52 +03:00
Niboucha Redouane 9d36076264 Add option to specify the range of characters to retrieve 2020-06-19 16:41:57 +02:00
mdisec 7ab5474175 Change check method and regex for cookie 2020-06-19 16:15:11 +03:00
kalba-security d1792bdf51 Add extra suggestion from code review 2020-06-18 16:48:46 -04:00
kalba-security 57f40053da Improve autoselect (incorporate suggestions from code review) 2020-06-18 16:39:11 -04:00
Shelby Pace 738dd4b5ce Land #12277, add Agent Tesla panel rce module 2020-06-18 15:06:15 -05:00
Shelby Pace 1d6e7313ce remove ForceExploit option 2020-06-18 15:05:02 -05:00
Brendan Coles b068b717d4 Land #13605, ibm_openadmin_tool_soap_welcomeserver_exec: b64 encode payload 
Ensure the payload is sent base64 encoded then base64 decoded upon execution.
This mitigates potential payload corruption issues due to quoting or URL
encoding of request data on the server side.
 2020-06-18 18:08:32 +00:00
mdisec 229760a826 Fixing document file and module improvements 2020-06-18 20:11:55 +03:00
Shelby Pace db4006e9f6 Land #13607, add Cayin exploit modules 2020-06-18 10:33:49 -05:00
Niboucha Redouane 305dbe9e2f refactor structure, get rid of prefix and suffix 2020-06-18 17:21:10 +02:00
gwillcox-r7 199d7db222 Fix up items mentioned by @space-r7 during her review 2020-06-18 09:56:20 -05:00
gwillcox-r7 275ed6429e Fix up rubocop errors in the module 2020-06-17 15:11:55 -05:00
gwillcox-r7 eebacb8fbb Make adjustments so that this module only supports Windows so that we can land this for now. Linux support may be added in the future. 2020-06-17 14:56:40 -05:00
gwillcox-r7 c29cf491ed Add idea for trying to fix up not being able to write to disk, may need further improvements 2020-06-17 12:36:00 -05:00
gwillcox-r7 25f32d68d5 Add in some RuboCop fixes 2020-06-17 11:15:10 -05:00
gwillcox-r7 c7bcd9152c Add in support to detect if the PHP payload was not uploaded successfully. 2020-06-17 11:13:24 -05:00
h00die 7bd2ba3aed remove debugging 2020-06-17 12:04:18 -04:00
h00die c2c931030f review comments 2020-06-17 11:47:11 -04:00
Spencer McIntyre f1c4cecf6d Add module docs for CVE-2020-13160 2020-06-17 11:30:41 -04:00
Tod Beardsley 655a323467 Add CVE-2020-7356 for Cayin xPost 2020-06-17 09:57:29 -05:00
Tod Beardsley dc54145fa9 Add CVE-2020-7357 as a reference for Caiyn CMS 2020-06-17 09:56:10 -05:00
Spencer McIntyre 3edae89496 Add an exploit for CVE-2020-13160 2020-06-17 10:14:35 -04:00
Christophe De La Fuente 681bd63f18 Add AnyConnect RCE exploit module 2020-06-17 14:41:22 +02:00
gwillcox-r7 3787849a6b Fix cleanup code for Windows, should now have good working Windows code 2020-06-16 14:49:09 -05:00
gwillcox-r7 cc0ab19dea Clear up release date and add more comments explaining purpose of some of the resource links 2020-06-16 12:17:13 -05:00
gwillcox-r7 b6dfbe926c Simplify the Description field of the exploit 2020-06-16 11:58:51 -05:00
h00die 783257ce4e fix author 2020-06-16 12:19:54 -04:00
RAMELLA Sébastien 876836bcce update doc and fix module syntax. 2020-06-16 10:47:51 -05:00
RAMELLA Sébastien fbffefbdb2 add. original module edb reference. 2020-06-16 10:47:50 -05:00
RAMELLA Sébastien 1ab77af898 fix. remove setup function initialization 2020-06-16 10:47:50 -05:00
RAMELLA Sébastien 624c69bebf add. authenticated exploitation 2020-06-16 10:47:50 -05:00
RAMELLA Sébastien 1a9431d965 fix. json parser and add random number into sqli 2020-06-16 10:47:49 -05:00
RAMELLA Sébastien c704dba44c add. agent tesla panel rce exploit module 2020-06-16 10:47:49 -05:00