adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

35981 Commits

Author SHA1 Message Date
Grant Willcox cf03083dab Land #14879, Fix error when running ssh_login_pubkey.rb against a directory/file and improve error handling 2021-03-22 13:00:26 -05:00
Vladimir Ivanov 2a48dd265d Replace class var @@agents with a class instance var in auxiliary and exploit modules. 2021-03-22 12:13:04 +03:00
RAMELLA Sébastien 09b844653b remove DisablePayloadHandler and add x86 support 2021-03-22 00:30:01 +04:00
RAMELLA Sébastien c543b44fc2 fix: CmdStagerFlavor, add: Powershell target, ... 2021-03-21 22:47:27 +04:00
archcloudlabs 84ec2b1df7 avast_memory_dump path & function name mods 2021-03-21 12:45:13 -04:00
Vladimir Ivanov 42726a70c0 client.rb - library for auxiliary and exploit modules 
cve_2020_6207_solman_rce.rb - auxiliary module
cve_2020_6207_solman_rce.md - documentation for auxiliary module
cve_2020_6207_solman_rs.rb - exploit module
cve_2020_6207_solman_rs.md - documentation for exploit module
 2021-03-21 16:51:21 +03:00
alanfoster 308a42e95b Fix apache_activemq_upload_jsp exploit module for Java 8 2021-03-20 15:26:34 +00:00
sophosyaniv 4673e85ec7 add new options, use pgets instead of readline 2021-03-19 19:39:48 -07:00
William Vu 30629c2405 Remove JSP stub to-do 
Spencer looked into this more thoroughly. The JSP stub is good.
 2021-03-19 17:17:01 -05:00
William Vu 66d9cab44d Fix some things 2021-03-19 16:52:24 -05:00
William Vu ba58f41558 Sneak Spencer into credits 2021-03-19 16:52:15 -05:00
RAMELLA Sébastien f5c807590c a last round of review + rubocop 2021-03-20 01:23:43 +04:00
Spencer McIntyre 69a2eb4e43 Add a check method that relies on the version number 2021-03-19 16:48:33 -04:00
Tim W 39f730d5fb update payloads cached size 2021-03-19 20:34:33 +00:00
William Vu a012eddd1f Add Advantech iView CVE-2021-22652 exploit 2021-03-19 13:51:14 -05:00
RAMELLA Sébastien a81a9617fa add. aspnet_client as altenate write path 2021-03-19 22:01:41 +04:00
RAMELLA Sébastien ac573d0957 all modules code review. 2021-03-19 17:35:55 +04:00
cgranleese-r7 799ea56316 replace ::Rex::Socket.gethostbyname with Socket.getaddrinfo 2021-03-19 11:01:27 +00:00
RAMELLA Sébastien fa2fdc9b8a add. X-vDirObjectId header 2021-03-19 12:35:29 +04:00
RAMELLA Sébastien 6e34a80693 fix. OAB + code review 2021-03-19 10:19:57 +04:00
Grant Willcox 341212c5f7 Land #14912, netgear_r6700_pass_reset - Fix check code typo and version check logic 2021-03-18 17:10:12 -05:00
Grant Willcox 8b859d2e17 Land #14910, Fix filezilla_client_cred.rb to only base64 decode strings inside tags specifically marked as being base64 encoded. 2021-03-18 15:03:57 -05:00
bwatters 2c1869f9df Land #14907, Add exploit for CVE-2021-1732 
Merge branch 'land-14907' into upstream-master
 2021-03-18 14:29:59 -05:00
bwatters fb7a97077f Land #14875,CVE-2021-21978 - VMWare View Planner Harness 4.6.x < 4.6 Security Patch 1 Arbitrary File Upload RCE 
Merge branch 'land-14875' into upstream-master
 2021-03-18 12:06:12 -05:00
kalba-security f340a06a4f use Rex::Version instead of Gem::Version, rebase to get relevant changes 2021-03-18 12:27:12 -04:00
kalba-security a38e2702c8 Add recommendations from code review, avoid returning checkcodes 2021-03-18 12:21:51 -04:00
kalba-security 26c1ca56d1 Add unauthenticated version check for older Nagios XI versions 2021-03-18 12:21:51 -04:00
kalba-security 9434f30665 Move login_after_install_or_license to mixin login.rb, minor improments 2021-03-18 12:21:51 -04:00
kalba-security acc38fd3a8 Add version parsing function to identify legacy systems 2021-03-18 12:21:51 -04:00
kalba-security 484d5eee09 Correct version ranges for supported exploit modules, update documentation, make sure to return cookies after authentication 2021-03-18 12:21:51 -04:00
kalba-security 2b081847fa Add functionality to complete Nagios XI install and sign license agreement, improve cookie filtering logic 2021-03-18 12:21:51 -04:00
kalba-security aab3b4a7ee Add Nagios XI mixin and auxiliary scanner module and docs 2021-03-18 12:21:51 -04:00
Grant Willcox f82168a2cf Land #14914, abb_wserver_exec - Add CVE Reference 2021-03-18 09:22:10 -05:00
RAMELLA Sébastien c76e04e92b adjust SID 2021-03-18 15:23:21 +04:00
Grant Willcox e6a2aaefcf Land #14911, impersonate_ssl: added an SNI option for the ssl certificate request 2021-03-17 17:53:18 -05:00
Grant Willcox 2cd67b1950 Rework the get_cert method to make use of Rex library methods instead so that pivotting can still work 2021-03-17 17:36:17 -05:00
Grant Willcox 01c93c0d8a Apply more RuboCop fixes to clean up old code and remove some dangerous calls to eval() that weren't needed 2021-03-17 15:06:04 -05:00
Wes 42df4495a7 abb_wserver_exec - add CVE reference 
add the cve for this

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5620
https://nvd.nist.gov/vuln/detail/CVE-2019-5620

cve was assigned years after public exploit code
 2021-03-17 15:58:21 -04:00
RAMELLA Sébastien 7f80422272 replace module into a good dir 2021-03-17 23:45:13 +04:00
friedrico d7f03aaf80 getCert to snake case 2021-03-17 19:25:20 +01:00
Brian Halbach 811f16cf67 msftidy changes. 2021-03-17 12:56:41 -05:00
Brian Halbach f5ad5362fd removed DB_ALL_USERS from the deregister_options() 2021-03-17 12:50:03 -05:00
Wes 34674ce174 Update abb_wserver_exec.rb 
update advisory link 

#2708
 2021-03-17 09:59:15 -04:00
Spencer McIntyre 2ce0a90965 Land #14856, Fix method check for linux/ftp/proftp_telnet_iac module 2021-03-17 09:26:31 -04:00
Brendan Coles 71725d9366 netgear_r6700_pass_reset: Fix check and version check 2021-03-17 11:21:38 +00:00
friedrico a58a69d029 added an SNI option for the ssl certificate request 2021-03-17 09:10:48 +01:00
friedrico 3b5cdd767f Base64 encoding is set iff encoding attribute is set to base64 and not when it "could be due to length and alphabet of the password" 2021-03-17 08:49:28 +01:00
capme b99114787a re-adding first check, but not including [^ ] 2021-03-17 06:51:08 +07:00
capme 294a1a275c dropping extra version c that stated vulnerable 2021-03-17 06:20:59 +07:00
capme 26c653ef4a implement also for freebsd 2021-03-17 06:13:51 +07:00