adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
56,683 Commits 27 Branches 1,043 Tags
4950c2dacf390c7cfee9db70f009f8fa63abcbb2
Commit Graph

2573 Commits

Author SHA1 Message Date
Niboucha Redouane 2c4ca04dca Rename the factory method for SQLi classes, and add a check on the class to instanciate 2020-06-27 14:51:54 +02:00
Jeffrey Martin aa6c037dbd refactor mixin as factory for sqli classes 2020-06-26 15:09:01 -05:00
Niboucha Redouane 8b7ad94168 Fix error message, SqliDelay instead of SQLI_SLEEP 2020-06-24 00:48:07 +02:00
Niboucha Redouane f89f80be47 add default value for options of SQLi constructors, and fix eyesofnetwork module 2020-06-24 00:38:13 +02:00
Niboucha Redouane fba2d2e7be inject the datastore into the SQLi library, and register advanced options 2020-06-22 17:36:38 +02:00
Niboucha Redouane 9d36076264 Add option to specify the range of characters to retrieve 2020-06-19 16:41:57 +02:00
Niboucha Redouane 305dbe9e2f refactor structure, get rid of prefix and suffix 2020-06-18 17:21:10 +02:00
Niboucha Redouane 083d986dce Undo formatting changes to existing modules 2020-06-11 19:15:17 +02:00
Niboucha Redouane ecb1a0bb16 add test_vulnerable to MySQLi class, and fix minor issues with the test modules 2020-06-10 21:59:51 +02:00
Niboucha Redouane 0f936f7500 Various fixes and enhancements 2020-06-09 23:43:15 +02:00
Niboucha Redouane f1d3b33099 Merge branch 'master' of https://github.com/rapid7/metasploit-framework into GSOC/SQLi_Engine 2020-06-09 21:15:18 +02:00
Niboucha Redouane 4654941092 add test modules 2020-06-05 22:11:27 +02:00
William Vu 64de8c4503 Document directory traversals 2020-06-02 22:13:07 -05:00
William Vu 4a9c2988e2 Base64-encode command payload to avoid escaping 2020-06-02 22:13:07 -05:00
William Vu 32ae47c9a9 Add Cisco UCS Director Cloupia script RCE 2020-06-02 22:13:07 -05:00
William Vu f60e569c1b Add Cisco CML and VIRL-PE advisory to Salt modules 
Hat tip @brudis-r7!
 2020-05-29 15:24:00 -05:00
William Vu d6aea635c7 Update authors in Netsweeper/myLittleAdmin modules 
Edits for accuracy and precision.
 2020-05-22 17:05:12 -05:00
William Vu 06f9099d7f Add BASE_DN and ROOT_KEY to vmdir and Salt modules 2020-05-22 11:16:58 -05:00
Spencer McIntyre b49dd37614 Land #13494, Add Plesk/myLittleAdmin ViewState .NET deserialization pre-auth RCE 2020-05-22 11:53:41 -04:00
bwatters-r7 2d56931663 Land #13287, CVE-2017-15889 Synology DSM < 5.2-5967-5 authenticated root exploit 
Merge branch 'land-13487' into upstream-master
 2020-05-22 10:07:50 -05:00
William Vu 11030dff84 Add CVE references (they weren't there before) 2020-05-21 18:12:57 -05:00
h00die c1996d58ed add forcexploit 2020-05-21 17:39:54 -04:00
Spencer McIntyre ecd3c0f820 Minor doc changes, add module notes and SQLi progress output 2020-05-21 16:31:45 -04:00
kalba-security 7c2c227ea0 Improve version checks, remove comments from previous testing 2020-05-20 18:06:42 -04:00
h00die 4721e605d0 5.2 root exploit 2020-05-19 20:19:51 -04:00
h00die e5da35d579 commit for help 2020-05-19 18:40:29 -04:00
h00die cbd0943024 commit for help 2020-05-19 18:39:49 -04:00
kalba-security 6d72fe4854 Update eyesofnetwork_autodiscovery_rce module and documentation 2020-05-19 11:48:48 -04:00
Spencer McIntyre e3e82ca17e Land #13401, Add SaltStack Salt root key disclosure and RCE 2020-05-12 14:18:50 -04:00
William Vu 235f822937 Add Netsweeper WebAdmin unixlogin.php pre-auth RCE 2020-05-12 08:34:20 -05:00
William Vu 06cae74d51 Note what CheckModule is used to provide a check 
Hat tip @ccondon-r7 for making me realize my standard comment needs to
be reapplied.
 2020-05-11 12:28:02 -05:00
William Vu 83dde571a2 Add VMware vRealize Operations Manager advisory 
Hat tip @brudis-r7!
 2020-05-11 12:05:38 -05:00
William Vu 6e8abd7a40 Add SaltStack Salt unauthenticated RCE module 2020-05-11 12:05:38 -05:00
Pedro Ribeiro d31ddadd74 Fix advisory link in Qradar sploit 2020-05-09 14:59:43 +07:00
William Vu 80b64830cc Land #13304, IBM DRM SSH exploit 2020-05-05 12:08:02 -05:00
William Vu e0a67f4fd1 Land #13300, IBM DRM RCE 2020-05-05 12:07:15 -05:00
Pedro Ribeiro 1cb91dcb42 Address review comments 
Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update ibm_drm_a3user.md

Update modules/exploits/linux/ssh/ibm_drm_a3user.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/ssh/ibm_drm_a3user.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/ssh/ibm_drm_a3user.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/ssh/ibm_drm_a3user.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/ssh/ibm_drm_a3user.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/ssh/ibm_drm_a3user.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/ssh/ibm_drm_a3user.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/ssh/ibm_drm_a3user.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/ssh/ibm_drm_a3user.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/ssh/ibm_drm_a3user.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/ssh/ibm_drm_a3user.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/ssh/ibm_drm_a3user.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

use fail_with
 2020-05-05 10:58:05 -05:00
Pedro Ribeiro a17d78a327 Address review comments 
Update documentation/modules/exploit/linux/http/ibm_drm_rce.md

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update documentation/modules/exploit/linux/http/ibm_drm_rce.md

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update documentation/modules/exploit/linux/http/ibm_drm_rce.md

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update ibm_drm_rce.md

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

make final changes!

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

final final final
 2020-05-05 10:53:08 -05:00
Pedro Ribeiro 5651f4ae75 break into small chunks 2020-05-05 10:01:40 +07:00
bwatters-r7 686c2f09a1 Land #13290, Cve-2014-2630 HP xglance-bin linux priv esc 
Merge branch 'land-13290' into upstream-master
 2020-05-01 10:18:21 -05:00
Pedro Ribeiro dcf9dc1189 add full disclosure URL 2020-05-01 21:02:32 +07:00
Pedro Ribeiro dbceec91af add full disclosure URL 2020-05-01 21:00:49 +07:00
Pedro Ribeiro 4b6ef4cb9e fix spaces at eol 2020-05-01 13:30:22 +07:00
Pedro Ribeiro 9d09b3a250 add cve 2020-05-01 10:18:26 +07:00
Pedro Ribeiro af88fae6f3 add CVE 2020-05-01 10:17:17 +07:00
bwatters-r7 417e3427b3 Change to cmd_exec for cleanup and warn about post-exploitation manual cleanup 2020-04-30 18:53:56 -05:00
Pedro Ribeiro c581cb390f remove CVE for merge, will add later 2020-04-30 11:16:09 +07:00
Pedro Ribeiro d28a886c51 remove CVE for merge, will add later 2020-04-30 11:15:11 +07:00
Pedro Ribeiro e79fa7ca94 Update ibm_drm_rce.rb 2020-04-28 14:12:38 +07:00
Pedro Ribeiro 714c750c04 apply rubocop changes 2020-04-24 10:23:13 +07:00