adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
56,683 Commits 27 Branches 1,043 Tags
4950c2dacf390c7cfee9db70f009f8fa63abcbb2
Commit Graph

1510 Commits

Author SHA1 Message Date
Niboucha Redouane 2c4ca04dca Rename the factory method for SQLi classes, and add a check on the class to instanciate 2020-06-27 14:51:54 +02:00
Jeffrey Martin aa6c037dbd refactor mixin as factory for sqli classes 2020-06-26 15:09:01 -05:00
Niboucha Redouane 8b7ad94168 Fix error message, SqliDelay instead of SQLI_SLEEP 2020-06-24 00:48:07 +02:00
Niboucha Redouane f89f80be47 add default value for options of SQLi constructors, and fix eyesofnetwork module 2020-06-24 00:38:13 +02:00
Niboucha Redouane fba2d2e7be inject the datastore into the SQLi library, and register advanced options 2020-06-22 17:36:38 +02:00
Niboucha Redouane 9d36076264 Add option to specify the range of characters to retrieve 2020-06-19 16:41:57 +02:00
Niboucha Redouane 305dbe9e2f refactor structure, get rid of prefix and suffix 2020-06-18 17:21:10 +02:00
Niboucha Redouane 083d986dce Undo formatting changes to existing modules 2020-06-11 19:15:17 +02:00
Niboucha Redouane ecb1a0bb16 add test_vulnerable to MySQLi class, and fix minor issues with the test modules 2020-06-10 21:59:51 +02:00
Niboucha Redouane 0f936f7500 Various fixes and enhancements 2020-06-09 23:43:15 +02:00
Niboucha Redouane f1d3b33099 Merge branch 'master' of https://github.com/rapid7/metasploit-framework into GSOC/SQLi_Engine 2020-06-09 21:15:18 +02:00
Niboucha Redouane 4654941092 add test modules 2020-06-05 22:11:27 +02:00
William Vu 64de8c4503 Document directory traversals 2020-06-02 22:13:07 -05:00
William Vu 4a9c2988e2 Base64-encode command payload to avoid escaping 2020-06-02 22:13:07 -05:00
William Vu 32ae47c9a9 Add Cisco UCS Director Cloupia script RCE 2020-06-02 22:13:07 -05:00
William Vu d6aea635c7 Update authors in Netsweeper/myLittleAdmin modules 
Edits for accuracy and precision.
 2020-05-22 17:05:12 -05:00
Spencer McIntyre b49dd37614 Land #13494, Add Plesk/myLittleAdmin ViewState .NET deserialization pre-auth RCE 2020-05-22 11:53:41 -04:00
bwatters-r7 2d56931663 Land #13287, CVE-2017-15889 Synology DSM < 5.2-5967-5 authenticated root exploit 
Merge branch 'land-13487' into upstream-master
 2020-05-22 10:07:50 -05:00
William Vu 11030dff84 Add CVE references (they weren't there before) 2020-05-21 18:12:57 -05:00
h00die c1996d58ed add forcexploit 2020-05-21 17:39:54 -04:00
Spencer McIntyre ecd3c0f820 Minor doc changes, add module notes and SQLi progress output 2020-05-21 16:31:45 -04:00
kalba-security 7c2c227ea0 Improve version checks, remove comments from previous testing 2020-05-20 18:06:42 -04:00
h00die 4721e605d0 5.2 root exploit 2020-05-19 20:19:51 -04:00
h00die e5da35d579 commit for help 2020-05-19 18:40:29 -04:00
h00die cbd0943024 commit for help 2020-05-19 18:39:49 -04:00
kalba-security 6d72fe4854 Update eyesofnetwork_autodiscovery_rce module and documentation 2020-05-19 11:48:48 -04:00
William Vu 235f822937 Add Netsweeper WebAdmin unixlogin.php pre-auth RCE 2020-05-12 08:34:20 -05:00
Pedro Ribeiro d31ddadd74 Fix advisory link in Qradar sploit 2020-05-09 14:59:43 +07:00
William Vu e0a67f4fd1 Land #13300, IBM DRM RCE 2020-05-05 12:07:15 -05:00
Pedro Ribeiro a17d78a327 Address review comments 
Update documentation/modules/exploit/linux/http/ibm_drm_rce.md

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update documentation/modules/exploit/linux/http/ibm_drm_rce.md

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update documentation/modules/exploit/linux/http/ibm_drm_rce.md

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update ibm_drm_rce.md

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

make final changes!

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

final final final
 2020-05-05 10:53:08 -05:00
Pedro Ribeiro 5651f4ae75 break into small chunks 2020-05-05 10:01:40 +07:00
Pedro Ribeiro dcf9dc1189 add full disclosure URL 2020-05-01 21:02:32 +07:00
Pedro Ribeiro af88fae6f3 add CVE 2020-05-01 10:17:17 +07:00
Pedro Ribeiro d28a886c51 remove CVE for merge, will add later 2020-04-30 11:15:11 +07:00
Pedro Ribeiro e79fa7ca94 Update ibm_drm_rce.rb 2020-04-28 14:12:38 +07:00
Pedro Ribeiro a29b05c453 add proper check + rubocup changes 2020-04-24 10:20:10 +07:00
William Vu 823c29a127 Update post-RuboCop style in my recent modules 
Mostly 80 columns (yeah, I know) and additional whitespace to complement
the lack of alignment.
 2020-04-22 10:52:00 -05:00
Pedro Ribeiro 8f5d6e4fa4 Create ibm_drm_rce.rb 2020-04-21 15:49:48 +07:00
William Vu c5df5355ac Update my module documentation to the new standard 
Also update CheckModule to match current style and best practices.
 2020-04-20 20:06:52 -05:00
Alan Foster f2c3fc5f00 Rubocop recently landed modules 2020-04-17 11:55:04 +01:00
gwillcox-r7 d759fbaed3 Land #13259, Miscellaneous fixes for @wvu's modules and documentation 2020-04-16 22:10:10 -05:00
William Vu 966194d2b7 Remove tested admin password from default PASSWORD 2020-04-16 21:45:44 -05:00
bwatters-r7 b5df7e8147 Land #13102, Add UnRAID 6.8.0 Authentication bypass to RCE 
Merge branch 'land-13102' into upstream-master
 2020-04-16 17:18:55 -05:00
bwatters-r7 f0f403b48e Automated Rubocop fixes 2020-04-16 17:17:02 -05:00
William Vu cd9e5260f7 Note post-auth requirements in Nexus exploit 2020-04-15 20:25:05 -05:00
William Vu 4401e3654f Merge remote-tracking branch 'upstream/master' into bug/misc 
So we can grab the Nexus files from master.
 2020-04-15 20:24:44 -05:00
William Vu 0684966dcb Make better comments for the comment god 2020-04-15 18:24:28 -05:00
William Vu b7501c1f0c Add my standard print for CmdStager 
And comment some methods used by it.
 2020-04-15 18:06:48 -05:00
William Vu 6db312636d Add Nexus Repository Manager Java EL Injection RCE 2020-04-15 15:49:33 -05:00
William Vu 66d5f51e51 Remove Nexus content from this branch 
So the remaining changes can be PR'd separately.
 2020-04-15 15:48:09 -05:00