adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
36,919 Commits 27 Branches 1,043 Tags
478cd2ed5c4e4651a5fa4e9ed7ccf8fb795bd2cf
Commit Graph

1255 Commits

Author SHA1 Message Date
William Vu fec75c1daa Land #6457, FileDropper for axis2_deployer 2016-01-14 15:10:05 -06:00
Rory McNamara 0216d027f9 Use OptEnum instead of OptString 2016-01-14 09:06:45 +00:00
Rory McNamara 564b4807a2 Add METHOD to simple_backdoors_exec 2016-01-13 14:42:11 +00:00
Rory McNamara 889a5d40a1 Add VAR to simple_backdoors_exec 2016-01-13 13:46:26 +00:00
wchen-r7 514199e88f Register early so the cleanup can actually rm the file 2016-01-12 15:22:03 -06:00
wchen-r7 78bc394f80 Fix #6268, Use FileDropper for axis2_deployer 
Fix #6268
 2016-01-08 17:09:09 -06:00
Brent Cook e4f9594646 Land #6331, ensure generic payloads raise correct exceptions on failure 2015-12-23 15:43:12 -06:00
Brent Cook 493700be3a remove duplicate key warning from Ruby 2.2.x 
This gets rid of the warning:

modules/exploits/multi/http/uptime_file_upload_2.rb:283: warning: duplicated key at line 284 ignored: "newuser"
 2015-12-23 10:39:35 -06:00
Christian Mehlmauer 424e7b6bfe Land #6384, more joomla rce references 2015-12-22 22:54:58 +01:00
JT 18398afb56 Update joomla_http_header_rce.rb 2015-12-23 05:48:26 +08:00
JT cc40c61848 Update joomla_http_header_rce.rb 2015-12-23 05:38:57 +08:00
Christian Mehlmauer f6eaff5d96 use the new and shiny joomla mixin 2015-12-22 21:36:42 +01:00
JT 314e902098 Add original exploit discoverer and exploit-db ref 
Adding Gary @ Sec-1 ltd for the original exploit and two exploit-db references. Marc-Alexandre Montpas modified Gary's exploit that uses "User-Agent" header. Marc-Alexandre Montpas used "X-FORWARDED-FOR" header to avoid default logged to access.log
 2015-12-22 22:44:59 +08:00
Louis Sato 726578b189 Land #6370, add joomla reference 2015-12-18 17:05:07 -06:00
Christian Mehlmauer fb6ede80c9 add joomla reference 2015-12-18 18:27:48 +01:00
wchen-r7 485196af4e Remove modules/exploits/multi/http/uptime_file_upload.rb 
Please use exploit/multi/http/uptime_file_upload_1 for exploiting
post2file.php on an older version of uptime.

If you are exploiting uptime that is patched against
exploit/multi/http/uptime_file_upload_1, then you may want to try
exploit/multi/http/uptime_file_upload_2.
 2015-12-17 23:01:57 -06:00
wchen-r7 06f1949e2c Land #6355, Joomla HTTP Header Unauthenticated Remote Code Execution 
CVE-2015-8562
 2015-12-16 17:55:51 -06:00
Christian Mehlmauer 8c43ecbfaf add random terminator and clarify target 2015-12-17 00:08:52 +01:00
Christian Mehlmauer 08d0ffd709 implement @wvu-r7 's feedback 2015-12-16 22:44:01 +01:00
Christian Mehlmauer 76438dfb2f implement @wchen-r7 's suggestions 2015-12-16 20:31:43 +01:00
Christian Mehlmauer b43d580276 try to detect joomla version 2015-12-16 16:16:59 +01:00
Christian Mehlmauer 30f90f35e9 also check for debian version number 2015-12-16 15:19:33 +01:00
Christian Mehlmauer 67eba0d708 update description 2015-12-16 14:46:00 +01:00
Christian Mehlmauer fa3fb1affc better ubuntu version check 2015-12-16 14:18:44 +01:00
Christian Mehlmauer 60181feb51 more ubuntu checks 2015-12-16 14:02:26 +01:00
Christian Mehlmauer 934c6282a5 check for nil 2015-12-16 13:52:06 +01:00
Christian Mehlmauer 2661cc5899 check ubuntu specific version 2015-12-16 13:49:07 +01:00
Christian Mehlmauer 675dff3b6f use Gem::Version for version compare 2015-12-16 13:04:15 +01:00
Christian Mehlmauer 01b943ec93 fix check method 2015-12-16 07:26:25 +01:00
Christian Mehlmauer 595645bcd7 update description 2015-12-16 07:03:01 +01:00
Christian Mehlmauer d80a7e662f some formatting 2015-12-16 06:57:06 +01:00
Christian Mehlmauer c2795d58cb use target_uri.path 2015-12-16 06:55:23 +01:00
Christian Mehlmauer 2e54cd2ca7 update description 2015-12-16 06:42:41 +01:00
Christian Mehlmauer d4ade7a1fd update check method 2015-12-16 00:18:39 +01:00
Christian Mehlmauer c603430228 fix version check 2015-12-15 18:26:21 +01:00
wchen-r7 b9b280954b Add a check for joomla 2015-12-15 11:03:36 -06:00
Christian Mehlmauer e4309790f5 renamed module because X-FORWARDED-FOR header is also working 2015-12-15 17:37:45 +01:00
Christian Mehlmauer 84d5067abe add joomla RCE module 2015-12-15 17:20:49 +01:00
wchen-r7 11c1eb6c78 Raise Msf::NoCompatiblePayloadError if generate_payload_exe fails 
Most exploits don't check nil for generate_payload_exe, they just
assume they will always have a payload. If the method returns nil,
it ends up making debugging more difficult. Instead of checking nil
one by one, we just raise.
 2015-12-08 21:13:23 -06:00
wchen-r7 53acfd7ce3 Land #6303, Add phpFileManager 0.9.8 Remote Code Execution 2015-12-07 21:13:48 -06:00
wchen-r7 ea3c7cb35b Minor edits 2015-12-07 21:13:14 -06:00
jvazquez-r7 340fe5640f Land #6255, @wchen-r7's module for Atlassian HipChat JIRA plugin 2015-12-03 20:01:06 -06:00
jvazquez-r7 a972b33825 Fix typo 2015-12-03 20:00:37 -06:00
wchen-r7 f8c11b9cd1 Move to multi 2015-12-03 17:49:21 -06:00
JT 3bbc413935 Update phpfilemanager_rce.rb 2015-12-04 06:20:43 +08:00
JT 28ca899914 Update phpfilemanager_rce.rb 2015-12-03 18:07:25 +08:00
JT d63bb4768f Update phpfilemanager_rce.rb 2015-12-03 14:09:02 +08:00
JT 374b630601 Update phpfilemanager_rce.rb 2015-12-03 13:57:19 +08:00
JT 56b810cb18 Update phpfilemanager_rce.rb 2015-12-03 12:44:41 +08:00
JT 5414f33804 Update phpfilemanager_rce.rb 2015-12-03 12:43:47 +08:00