adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
50,882 Commits 27 Branches 1,043 Tags
4d7eec197860bfeb004dbc173f7d4e15db0339cd
Commit Graph

25857 Commits

Author SHA1 Message Date
William Vu 4100f1cfeb Revert vprint_status to vprint_good 2019-03-04 18:22:12 -06:00
William Vu f8208bf0ef Land #11464, version checking for Wemo exploit 2019-03-04 18:18:02 -06:00
William Vu 40ff708306 Refactor check method and address review comments 2019-03-04 17:49:09 -06:00
Brendan Coles 42941cfb78 Land #11500, Add more checks to cisco_directory_traversal module 2019-03-01 20:21:25 +00:00
Wei Chen 811720e85a Land #11461, Update manageengine_deviceexpert_traversal.rb 2019-03-01 02:49:34 -06:00
Wei Chen 41a8019124 Check 404 2019-03-01 02:35:29 -06:00
Shelby Pace ca39542f7e check res before accessing res body 2019-02-28 16:48:54 -06:00
Shelby Pace 457c740e47 added more checks for potential vulnerable devices 2019-02-28 16:25:07 -06:00
Brent Cook ca6508de67 Land #11445, always save output with winrm_cmd 2019-02-28 16:11:17 -06:00
Brent Cook b22c49679b remove some extra complication 2019-02-28 15:03:04 -06:00
John Q. Public 7435913904 Fixed the if statement on line 53. 2019-02-26 09:02:08 -06:00
y_k_oo7 31bf6a11ad Updated Module 2019-02-26 16:18:52 +05:30
William Vu c769555557 Clarify why WfsDelay was repurposed 2019-02-25 12:19:03 -06:00
William Vu 5c84330c18 Clarify DUMP_OUTPUT description once more 2019-02-25 12:06:20 -06:00
William Vu b5368ed2e4 Add sleep(wfs_delay) back to drupal_drupalgeddon2 
And drop WfsDelay back down to 2. I see why I did it in the first place.
 2019-02-25 12:02:31 -06:00
William Vu cb962a22ef Add WfsDelay back to drupal_drupalgeddon2 
And bump it to 10, though 2 worked in testing.
 2019-02-25 11:44:02 -06:00
William Vu f35a13d795 Fix exploit/multi/http/oracle_ats_file_upload 2019-02-25 11:35:34 -06:00
William Vu f534fd9755 Fix exploit/multi/http/apache_jetspeed_file_upload 2019-02-25 11:32:06 -06:00
William Vu 53bf15b184 Fix exploit/multi/http/struts2_rest_xstream 2019-02-25 11:18:27 -06:00
William Vu 6ecb4bc4a7 Fix exploit/unix/webapp/drupal_drupalgeddon2 2019-02-25 11:18:20 -06:00
John Q. Public 1150c896d3 Removed the tab at line 59. 2019-02-25 08:48:00 -06:00
Nicholas Starke 7c7a233d67 Addressing PR Comments 2019-02-23 14:41:11 -06:00
Nicholas Starke 6bd1489f62 Adding version checking to wemo module 
Addresses Github Issue 11452 by parsing out the version
information returned in /setup.xml. New code then performs
a version check, and then alerts the user to whether or not
it is likely the remote host is vulnerable given that version
check.
 2019-02-23 12:06:57 -06:00
William Vu fc9245fa66 Fix author names in a couple modules 
It me.
 2019-02-22 17:02:15 -06:00
William Vu 194881a8b2 Add NOCVE 2019-02-22 13:26:53 -06:00
Brent Cook 789122b8ee Land #11460, Changing print_line to print_good 2019-02-22 13:23:02 -06:00
William Vu c76714ccc6 Add Reliability REPEATABLE_SESSION to Wemo exploit 
Notes copied from auxiliary/admin/wemo/crockpot where it didn't apply.
 2019-02-22 13:11:59 -06:00
John Q. Public bfbda99086 Added user notification to line 56 2019-02-22 10:36:49 -06:00
John Q. Public 339918b3ef Update manageengine_deviceexpert_traversal.rb 
Changed print_status on line 80 to print_good and added a check for /scheduleresult.de with a return is not a 200 status code.
 2019-02-22 09:27:20 -06:00
John Q. Public 9cf8ac81e4 Changing print_line to print_good 
Changing print_line to print_good on lines 258 and 267 in iis_shortname_scanner.rb
 2019-02-22 09:01:11 -06:00
y_k_oo7 97c4d8e6d9 Enhanced winrm_cmd module 2019-02-22 00:04:03 +05:30
Jacob Robles 5214b90fdf Land #11292, Add exploit for Nuuo CMS SQL injection 2019-02-21 11:05:53 -06:00
Jacob Robles 1cd7dc8bc9 Update rank, add note 2019-02-21 10:12:02 -06:00
Jacob Robles 696640a340 Timeout and cleanup files 2019-02-21 06:48:10 -06:00
Jacob Robles 4a4637d7a3 Move execute shell 2019-02-21 06:48:09 -06:00
Jacob Robles c179e5cdad Land #11291, Add Nuuo CMS session bruteforcing module 2019-02-20 09:13:33 -06:00
Jacob Robles 49307ae6c7 Deregister unused options 2019-02-20 08:09:06 -06:00
Jacob Robles 1acc565335 Land #11290, Add Nuuo CMS file upload exploit 2019-02-20 07:43:37 -06:00
Jacob Robles bffacff78c Land #11293, Add Nuuo CMS file download 2019-02-20 07:06:49 -06:00
Wei Chen 661e78beed Land #11409, Add Belkin Wemo UPnP RCE 2019-02-19 13:47:18 -06:00
William Vu 0c8b260737 Revert ARCH_CMD payload to cmd/unix/generic 
There is no telnetd, so cmd/unix/bind_busybox_telnetd won't work.
 2019-02-19 13:23:25 -06:00
Jacob Robles 6d619217c5 Land #11430, Deregister RHOSTS instead of RHOST 2019-02-19 13:10:07 -06:00
Jacob Robles ce02d98dce Minor changes 
aux:nuuo_cms_file_download
 2019-02-19 12:33:37 -06:00
Jacob Robles 73048edd97 Minor updates 
exploit:nuuo_cms_sqli
 2019-02-19 12:26:31 -06:00
William Vu bad53aeaf1 Genericize exploit (less Crock-Pot verbiage) 2019-02-19 12:13:08 -06:00
Jacob Robles 2b71410807 Minor updates 
exploit:nuuo_cms_fu
 2019-02-19 12:11:50 -06:00
Jacob Robles e383bc2763 Minor updates 
aux:nuuo_cms_bruteforce
 2019-02-19 10:24:15 -06:00
Rob Fuller db48f4bb56 Deregister RHOSTS instead of RHOST 
Fixes this module now that the RHOSTS changes are in effect.
 2019-02-18 14:59:29 -05:00
John Q. Public 20f208aa53 Changed print_status to print_good on line 87 
Changed print_status to print_good on line 87
 2019-02-16 14:42:12 -06:00
William Vu 1be838d1fd Add Belkin Wemo UPnP RCE (tested on Crock-Pot) 2019-02-14 12:45:36 -06:00