adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

18316 Commits

Author SHA1 Message Date
Mehmet İnce 7c2f65da36 Adding vestacp exec 
Signed-off-by: Mehmet İnce <mehmet@mehmetince.net>
 2020-04-11 12:22:17 +03:00
h00die a01d50de38 add windows writable? and update unqouted service path 2020-04-10 14:54:20 -04:00
Pedro Ribeiro a0c472b039 add comments about reference table 2020-04-09 23:01:27 +07:00
Pedro Ribeiro 600f4efe4a Fix advisory link 2020-04-09 19:05:49 +07:00
Pedro Ribeiro 4ae9c65ecf Optimise exploit 2020-04-09 18:15:27 +07:00
Pedro Ribeiro a90d745fa4 Fix typo and make it Aggressive 2020-04-08 20:05:19 +07:00
Radek Domanski d6755b7221 Remove SSL option 
Busybox wget on the target doesn't support https connections.
 2020-04-08 14:49:49 +02:00
Pedro Ribeiro 33e1c8ffdb Fix issues 2020-04-08 12:26:37 +07:00
Radek Domanski e2e69a5053 Adding exploit for tplink_archer_a7_c7_lan 2020-04-07 19:57:34 +02:00
Shelby Pace 7934d1de09 Land #13098, add Pandora FMS module 2020-04-06 11:42:24 -05:00
Shelby Pace a3c07b7cc1 use nospace opt, fix regex, iterate id_agente 2020-04-06 11:34:13 -05:00
h00die f85e9f79c5 add url 2020-04-03 22:18:38 -04:00
h00die 6d8fc1dad6 unquoted service path updates 2020-04-03 22:00:15 -04:00
bwatters-r7 9474b5fda1 Land #13187, Add LPE Exploit For CVE-2020-0796 (AKA: SMBGhost) (take2) 
Merge branch 'land-13187' into upstream-master
 2020-04-03 11:25:48 -05:00
bwatters-r7 182bd67287 Land #13187, Add LPE Exploit For CVE-2020-0796 (AKA: SMBGhost) 
Merge branch 'land-13187' into upstream-master
 2020-04-03 11:19:50 -05:00
Spencer McIntyre 94f18cc67a Add the AKA reference to CoronaBlue for accuracy 2020-04-03 11:01:43 -04:00
Spencer McIntyre bea42876ee Land #13067, PlaySMS template injection RCE 2020-04-03 10:22:35 -04:00
Spencer McIntyre bd835e8f2d Cleanup more status methods and move the module 2020-04-03 10:21:27 -04:00
Spencer McIntyre 126b9e2172 Address PR comments for CVE-2020-0796 2020-04-03 08:56:53 -04:00
William Vu b343ac6452 Don't delay the session and update module doc 2020-04-02 17:34:20 -05:00
William Vu 79142cf445 Move module to unix/webapp 2020-04-02 17:22:34 -05:00
William Vu f9c8f62491 Fix PHP payload so we can get a session 
It's ENCODER, not ENCODE, so the payload wasn't being encoded, leaving
semicolons unencoded and causing a 500 error on the server.

Also preferred payload.encoded over payload.encode and removed a stray
brace that wasn't causing any issues.
 2020-04-02 17:16:19 -05:00
Spencer McIntyre 276475c308 Check compression in the check method for SMBGhost 2020-04-02 17:35:17 -04:00
Spencer McIntyre 3392fa18d4 Add the x64 LPE exploit for CVE-2020-0796 2020-04-02 17:22:00 -04:00
William Vu a375c18d77 Land #13123, VMware Fusion OS X LPE CVE-2020-3950 2020-04-02 11:53:43 -05:00
William Vu 5aab28a1a6 Fix command separator conflict 2020-04-02 11:30:59 -05:00
bwatters-r7 859eda92bb Land #12759, Apache Solr Remote Code Execution via Velocity Template 
Merge branch 'land-12759' into upstream-master
 2020-04-02 11:23:33 -05:00
William Vu 7ed37c2e77 Fix module and get it working on 10.1.6 2020-04-02 11:06:21 -05:00
Spencer McIntyre 3e166f2d3f Grammatical changes for docs and status updates 2020-04-02 10:26:50 -05:00
Adam Galway e8d134fc56 Land #12096, DNN cookie desrialization exploit 2020-04-02 15:57:46 +01:00
h00die 954f123e7e remove extra lines 2020-03-30 22:25:16 -04:00
h00die 1b658aa85f 11.5.3 cleanup and reliability 2020-03-30 22:22:01 -04:00
Touhid M Shaikh b87ed645d9 Updated to use php payload 
Now, this module will work on the Windows platform also because it's not dependent on the OS now.
 2020-03-31 01:16:20 +05:30
William Vu 1e90c6117c Land #13152, IBM PA/TM1 CVE-2019-4716 exploit 2020-03-30 10:50:50 -05:00
Silas Cutler d9a8ee298f Update modules/exploits/unix/http/zivif_ipcheck_exec.rb 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2020-03-30 11:36:13 -04:00
Silas Cutler 01855dc367 Update modules/exploits/unix/http/zivif_ipcheck_exec.rb 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2020-03-30 11:36:07 -04:00
Silas Cutler 3c329631e6 Update modules/exploits/unix/http/zivif_ipcheck_exec.rb 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2020-03-30 11:35:59 -04:00
Silas Cutler a7f721d18e Update modules/exploits/unix/http/zivif_ipcheck_exec.rb 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2020-03-30 11:35:52 -04:00
Silas Cutler d354cce6e7 Update modules/exploits/unix/http/zivif_ipcheck_exec.rb 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2020-03-30 11:35:46 -04:00
Silas Cutler 0505191b6f Update modules/exploits/unix/http/zivif_ipcheck_exec.rb 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2020-03-30 11:35:40 -04:00
Pedro Ribeiro d904eed010 add badchars for various targets 2020-03-30 12:49:58 +07:00
silascutler b86ac7f862 Added exploit for CVE-2017-17106 2020-03-29 22:23:28 +00:00
ide0x90 861b79bce7 Added new targets and made documentation consistent 2020-03-29 00:33:24 +08:00
h00die 0291adf4c7 add 11.5.3 exploit 2020-03-28 11:55:55 -04:00
Pedro Ribeiro 59c2079aa4 split AIX and Linux cmd targets 2020-03-28 14:35:24 +07:00
Pedro Ribeiro 46286f8981 change to payload.encoded 2020-03-28 14:30:20 +07:00
Pedro Ribeiro 2ac177cb39 make changes for ARCH_CMD, add multiple targets 2020-03-28 14:22:21 +07:00
Pedro Ribeiro 6a6b99885d Add ARCH_CMD, tested and working 2020-03-28 13:55:09 +07:00
Pedro Ribeiro 5ac0145bb4 Update modules/exploits/multi/misc/ibm_tm1_unauth_rce.rb 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2020-03-28 11:04:31 +07:00
Green-m 92fb321f9f Satify the msftidy_docs. 2020-03-28 11:46:55 +08:00