adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
38,705 Commits 27 Branches 1,043 Tags
409e26351b2aa07ffe3bd0323b34f3e2d3eb9fa2
Commit Graph

1093 Commits

Author SHA1 Message Date
David Maloney 6c3871bd0c update ssh modules to use new SSHFactory 
updated all of our SSh based module to use the
new SSHFactory class to plug Rex::Sockets into
Net::SSH

MS-1688
 2016-06-24 13:55:28 -05:00
Brendan Watters 9ea0b8f944 Land #6934, Adds exploit for op5 configuration command execution 2016-06-16 14:36:10 -05:00
William Vu ea988eaa72 Add setsid to persist the shell 
Prevents the watchdog from killing our session.
 2016-06-16 11:31:35 -05:00
h00die cfb034fa95 fixes all previously identified issues 2016-06-15 20:58:04 -04:00
h00die 81fa068ef0 pulling out the get params 2016-06-15 12:27:31 -04:00
h00die 52db99bfae vars_post for post request 2016-06-15 07:24:41 -04:00
h00die 625d60b52a fix the other normalize_uri 2016-06-14 15:03:07 -04:00
h00die bd4dacdbc3 added Rank 2016-06-13 19:04:06 -04:00
h00die 72ed478b59 added exploit rank 2016-06-13 18:56:33 -04:00
h00die f63273b172 email change 2016-06-11 21:05:34 -04:00
William Vu ec1248d7af Convert to CmdStager 2016-06-10 20:42:01 -05:00
William Vu 46239d5b0d Add Apache Continuum exploit 2016-06-09 22:35:38 -05:00
h00die d63dc5845e wvu-r7 comment fixes 2016-06-09 21:52:21 -04:00
William Vu 6da8c22171 Rename hash method to crypt 
To avoid a conflict with Object#hash in Pro.

MS-1636
 2016-06-09 15:21:40 -05:00
h00die 6f5edb08fe pull uri from datastore consistently 2016-06-08 20:28:36 -04:00
Brendan Watters c4aa99fdac Land #6925, ipfire proxy exec 2016-06-07 10:24:59 -05:00
Brendan Watters 7e84c808b2 Merge remote-tracking branch 'upstream/pr/6924' into dev 2016-06-07 09:24:25 -05:00
h00die c2699ef194 rubocop fixes 2016-06-03 17:43:11 -04:00
h00die 2f837d5d60 fixed EDB spelling 2016-06-03 17:17:36 -04:00
h00die 8d76bdb8af fixed EDB reference 2016-06-03 17:13:36 -04:00
Brendan Watters d7cd10f586 Suggested updates for style and clarity 2016-06-03 14:04:58 -05:00
Brendan Watters 91658d2a61 Changes per rubocop and sinn3r 2016-06-03 12:42:38 -05:00
h00die 68d647edf1 Merge branch 'master' of https://github.com/rapid7/metasploit-framework into op5 2016-06-01 18:05:18 -04:00
h00die 52d5028548 op5 config exec 2016-06-01 15:07:31 -04:00
h00die 8ce59ae330 travis fixes 2016-05-31 05:46:20 -04:00
h00die 057947d7e8 ipfire proxy exec 2016-05-30 10:24:17 -04:00
h00die 9b5e3010ef doc/module cleanup 2016-05-30 06:33:48 -04:00
h00die df55f9a57c first add of ipfire shellshock 2016-05-29 20:40:12 -04:00
William Vu 6581fbd294 Add note about "mf" malware 
This is the malware I found upon shelling my friend's device.
 2016-05-20 23:09:10 -05:00
William Vu a16f4b5167 Return nil properly in rescue 
Missed this because I copypasta'd myself.
 2016-05-19 15:35:38 -05:00
William Vu d018bba301 Store SSH key as a note 
I know, I know, it should use the creds model. >:[
 2016-05-19 15:12:58 -05:00
William Vu 9f738c3e41 Add note about overwritten files 2016-05-19 15:07:27 -05:00
William Vu 8fccb26446 Add Ubiquiti airOS exploit 
Thanks to my friend wolf359 for providing a test device!
 2016-05-19 14:50:20 -05:00
Nicholas Starke 4b23d2dc58 Adjusting exception handling 
This commit adjusts the error handling to close the socket before
calling fail_with and adds specific exceptions to catch
 2016-05-11 17:18:51 -05:00
Nicholas Starke 32ae3e881e Adding save_cred and exception handling to module 
This commit adds a save_cred method for saving off the credentials
upon a successful login attempt.  Also, exception handling surrounding
the opening of the telnet socket has been added to avoid any accidental
resource leaking.
 2016-05-10 20:54:44 -05:00
Nicholas Starke 8eb3193941 Adding TP-Link sc2020n Module 
This module exploits a command injection vulnerability in
TP-Link sc2020n network video cameras in order to start the
telnet daemon on a random port.  The module then connects to
the telnet daemon, which returns a root shell on the device.
 2016-05-08 14:02:50 -05:00
wchen-r7 df44dc9c1c Deprecate exploits/linux/http/struts_dmi_exec 
Please use exploits/multi/http/struts_dmi_exec, which supports
Windows and Java targets.
 2016-05-02 15:03:25 -05:00
join-us 6a00f2fc5a mv exploits/linux/http/struts_dmi_exec.rb to exploits/multi/http/struts_dmi_exec.rb 2016-05-01 00:00:29 +08:00
join-us ec66410fab add java_stager / windows_stager | exploit with only one http request 2016-04-30 23:56:56 +08:00
wchen-r7 d6a6577c5c Default payload to linux/x86/meterpreter/reverse_tcp_uuid 
Default to linux/x86/meterpreter/reverse_tcp_uuid for now because
of issue #6833
 2016-04-29 11:52:50 -05:00
wchen-r7 97061c1b90 Update struts_dmi_exec.rb 2016-04-29 11:13:25 -05:00
wchen-r7 e9535dbc5b Address all @FireFart's feedback 2016-04-29 11:03:15 -05:00
wchen-r7 6f6558923b Rename module as struts_dmi_exec.rb 2016-04-29 10:34:48 -05:00
wchen-r7 92ef8f4ab3 Land #6751, Correct proftp version check at module runtime 2016-04-14 15:34:53 -05:00
wchen-r7 c4aac2a54a Remove unwanted comments 2016-04-07 11:22:57 -05:00
James Lee 7658014fb7 Add CVEs 2016-04-07 08:39:29 -05:00
James Lee 87d59a9bfb Add exploit for ExaGrid known credentials 2016-04-07 04:17:43 -05:00
greg.mikeska@rapid7.com 08736c798d Correct proftp version check at module runtime 2016-04-05 13:06:10 -05:00
wchen-r7 102d28bda4 Update atutor_filemanager_traversal 2016-03-22 14:44:07 -05:00
wchen-r7 9cb43f2153 Update atutor_filemanager_traversal 2016-03-22 14:42:36 -05:00