adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
48,786 Commits 27 Branches 1,043 Tags
4cc2c22026de0876d8304d5d2e892e236b6ce304
Commit Graph

1925 Commits

Author SHA1 Message Date
Imran E. Dawoodjee 4cc2c22026 Used a command stager, improved upon vulnerability detection and 
generally attempted to streamline most of the code. Hardcoded one
vulnerable URI since it's the most likely to be present in all versions
of the vulnerable firmwares.
 2018-10-08 20:51:58 +06:30
Imran E. Dawoodjee b552b803bb Still working on the HTTP stager. 2018-10-08 15:18:47 +06:30
Imran E. Dawoodjee fcb0b90d7a Fixed numbering in the documentation steps, offed some whitespace, 
streamlined the send_request_cgi, removed the conn_check.
 2018-10-08 15:04:32 +06:30
Imran E. Dawoodjee 3340cf529c Fixed duplicate output for check. 2018-10-08 11:19:24 +06:30
Imran E. Dawoodjee 272f26640b Added module for CVE-2016-1555 (netgear_unauth_exec) 
and its corresponding wordlist file (netgear_boardData_paths.txt).
 2018-10-08 10:22:59 +06:30
Brent Cook e2f97c75a0 Land #10616, update Unitrends UEB module to support vulnerabilities in version 10 2018-10-05 16:20:38 -05:00
Brent Cook a51243ce91 Land #10745, Update lastore_daemon_dbus_priv_esc tested versions 2018-10-05 11:35:31 -04:00
William Vu 7bc98e0ea8 Fix formatting and convert a missed AKA reference 2018-10-05 03:22:08 -05:00
Brendan Coles fe7ce02dfd Update tested versions 2018-10-04 21:13:21 +00:00
William Vu ee06ec2fda Background a subshell to continue execution 
This provides a more stable injection. I should have tested this sooner.
 2018-09-27 23:51:42 -05:00
William Vu 0dab5b622f Change default target to cmd/unix 2018-09-27 23:39:32 -05:00
William Vu e999b4d81c Lower rank to AverageRanking 2018-09-27 23:28:13 -05:00
William Vu 7a2d0acee6 Add basic check method and move rand_srv 
The .srv can be random each request.
 2018-09-27 23:28:13 -05:00
William Vu d29d936d6f Bump WfsDelay to 10 for this slow-ass device 2018-09-27 23:28:13 -05:00
Brent Cook 6126a627cc Land #10570, AKA Metadata Refactor 2018-09-17 22:29:20 -05:00
William Vu 4c036e70c1 Fix http://seclists.org links to https:// 
I have no idea how this happened in my own code. I was seeing https://.
 2018-09-15 18:54:45 -05:00
h00die 354803185c fix msftidy warning 2018-09-11 05:24:01 -04:00
h00die d8f2d08058 finish up docs and 10 exploit 2018-09-10 21:08:30 -04:00
h00die 589fb4bf3b first try at ueb mix 2018-09-09 22:41:01 -04:00
Erin Bleiweiss 69a785ff46 Update json for python modules 2018-08-31 16:56:22 -05:00
Erin Bleiweiss eb17d9b198 Refactor AKA references for modules 2018-08-31 16:56:05 -05:00
Shelby Pace 6ec8522786 Land #10482, Add Network Manager VPNC Privesc 2018-08-30 10:46:54 -05:00
Christian Mehlmauer a66556b436 fix msftidy errors 2018-08-28 13:12:43 +02:00
William Vu 6df235062b Land #10505, post-auth and default creds info 2018-08-24 18:08:15 -05:00
Matthew Kienow ecc6c473d8 Add note about unauthenticated telnetd service 2018-08-23 15:50:41 -04:00
Matthew Kienow 56433c8ed2 Functional decomposition refactor and cleanup 2018-08-23 15:23:42 -04:00
Matthew Kienow 961769c346 Fix SNMP Null class comparison 2018-08-23 15:23:42 -04:00
Matthew Kienow 9c05f14a70 Modify SNMP null and error handling 2018-08-23 15:23:42 -04:00
Matthew Kienow 934bb38a44 Omit parentheses for no argument method calls 2018-08-23 15:23:41 -04:00
Matthew Kienow c5958c6e38 Restore original rport value 2018-08-23 15:23:41 -04:00
Matthew Kienow 70a0b9b1be Remove payload RequiredCmd and reformat info 2018-08-23 15:23:41 -04:00
Matthew Kienow dafa62dec4 Use string interpolation over concatenation 2018-08-23 15:23:40 -04:00
Matthew Kienow 7c03454a0b Remove unnecessary explicit msf/core require 2018-08-23 15:23:40 -04:00
Matthew Kienow b1a308f3ae Remove final debug output 2018-08-23 15:23:40 -04:00
Matthew Kienow e21ea4180f Clean up module and payload 
Update module info, remove intermediate ARCH_ARMLE target, simply
options and add cleanup command so that the payload kills telnetd
 2018-08-23 15:23:40 -04:00
Matthew Kienow 81f1555439 Rename module, exploits multiple printer models 2018-08-23 15:23:40 -04:00
Matthew Kienow df18e354e1 Add bind_busybox_telnetd payload, misc cleanup 2018-08-23 15:23:39 -04:00
Matthew Kienow c0c3e12c74 WIP - hp officejet pro exploit, enhance PJL lib 2018-08-23 14:53:54 -04:00
Brent Cook 11fee8fa2c Land #10471, Import target DefaultOptions into the datastore 2018-08-20 17:30:27 -05:00
Tim W b8b48fd37a Land #10313, add linux autostart persistence module 2018-08-20 18:17:50 +08:00
Tim W 865898cba7 minor fixes 2018-08-20 17:51:41 +08:00
Brendan Coles cd48e2fb8f Add Network Manager VPNC Username Privilege Escalation module 2018-08-19 08:15:04 +00:00
Tim W ac71bc86ee Land #10320, add module for persistence in /etc/rc.local 2018-08-19 15:30:50 +08:00
Tim W e38775b504 minor tweaks 2018-08-19 15:27:04 +08:00
Eliott Teissonniere 63a58d3378 Code style random name 2018-08-17 14:24:28 +08:00
Eliott Teissonniere eb43e4c0bd Rework status printing 2018-08-17 14:24:28 +08:00
Eliott Teissonniere fc234b09c2 Fix HEREDOC not always supported 2018-08-17 14:24:28 +08:00
Eliott Teissonniere e82bde993f Cleanup indentation 2018-08-17 14:24:28 +08:00
Eliott Teissonniere c1d929f5fb Use an HEREDOC for multiline string 2018-08-17 14:24:28 +08:00
Eliott Teissonniere e4d6eb07ca Remove useless statement 2018-08-17 14:24:28 +08:00