adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
50,882 Commits 27 Branches 1,043 Tags
4d7eec197860bfeb004dbc173f7d4e15db0339cd
Commit Graph

12330 Commits

Author SHA1 Message Date
William Vu 4100f1cfeb Revert vprint_status to vprint_good 2019-03-04 18:22:12 -06:00
William Vu f8208bf0ef Land #11464, version checking for Wemo exploit 2019-03-04 18:18:02 -06:00
William Vu 40ff708306 Refactor check method and address review comments 2019-03-04 17:49:09 -06:00
William Vu c769555557 Clarify why WfsDelay was repurposed 2019-02-25 12:19:03 -06:00
William Vu 5c84330c18 Clarify DUMP_OUTPUT description once more 2019-02-25 12:06:20 -06:00
William Vu b5368ed2e4 Add sleep(wfs_delay) back to drupal_drupalgeddon2 
And drop WfsDelay back down to 2. I see why I did it in the first place.
 2019-02-25 12:02:31 -06:00
William Vu cb962a22ef Add WfsDelay back to drupal_drupalgeddon2 
And bump it to 10, though 2 worked in testing.
 2019-02-25 11:44:02 -06:00
William Vu f35a13d795 Fix exploit/multi/http/oracle_ats_file_upload 2019-02-25 11:35:34 -06:00
William Vu f534fd9755 Fix exploit/multi/http/apache_jetspeed_file_upload 2019-02-25 11:32:06 -06:00
William Vu 53bf15b184 Fix exploit/multi/http/struts2_rest_xstream 2019-02-25 11:18:27 -06:00
William Vu 6ecb4bc4a7 Fix exploit/unix/webapp/drupal_drupalgeddon2 2019-02-25 11:18:20 -06:00
Nicholas Starke 7c7a233d67 Addressing PR Comments 2019-02-23 14:41:11 -06:00
Nicholas Starke 6bd1489f62 Adding version checking to wemo module 
Addresses Github Issue 11452 by parsing out the version
information returned in /setup.xml. New code then performs
a version check, and then alerts the user to whether or not
it is likely the remote host is vulnerable given that version
check.
 2019-02-23 12:06:57 -06:00
William Vu fc9245fa66 Fix author names in a couple modules 
It me.
 2019-02-22 17:02:15 -06:00
William Vu 194881a8b2 Add NOCVE 2019-02-22 13:26:53 -06:00
William Vu c76714ccc6 Add Reliability REPEATABLE_SESSION to Wemo exploit 
Notes copied from auxiliary/admin/wemo/crockpot where it didn't apply.
 2019-02-22 13:11:59 -06:00
Jacob Robles 5214b90fdf Land #11292, Add exploit for Nuuo CMS SQL injection 2019-02-21 11:05:53 -06:00
Jacob Robles 1cd7dc8bc9 Update rank, add note 2019-02-21 10:12:02 -06:00
Jacob Robles 696640a340 Timeout and cleanup files 2019-02-21 06:48:10 -06:00
Jacob Robles 4a4637d7a3 Move execute shell 2019-02-21 06:48:09 -06:00
Jacob Robles 1acc565335 Land #11290, Add Nuuo CMS file upload exploit 2019-02-20 07:43:37 -06:00
William Vu 0c8b260737 Revert ARCH_CMD payload to cmd/unix/generic 
There is no telnetd, so cmd/unix/bind_busybox_telnetd won't work.
 2019-02-19 13:23:25 -06:00
Jacob Robles 73048edd97 Minor updates 
exploit:nuuo_cms_sqli
 2019-02-19 12:26:31 -06:00
William Vu bad53aeaf1 Genericize exploit (less Crock-Pot verbiage) 2019-02-19 12:13:08 -06:00
Jacob Robles 2b71410807 Minor updates 
exploit:nuuo_cms_fu
 2019-02-19 12:11:50 -06:00
William Vu 1be838d1fd Add Belkin Wemo UPnP RCE (tested on Crock-Pot) 2019-02-14 12:45:36 -06:00
Wei Chen c5bff76dc7 Cosmetic changes for office_exel_slk module and documentation 2019-02-11 12:37:17 -06:00
Wei Chen 18afc8f546 Bring PR 11249 up to date with upstream master 2019-02-11 12:19:21 -06:00
Tim W f589db6831 Land #11152, add macOS adobe flash player type confusion RCE 2019-02-09 18:46:48 +08:00
Tim W 5c1f4a4703 fix include -> include? 2019-02-09 18:46:35 +08:00
Wei Chen a380bb6df1 Land #11239, Add check for writable and nosuid WritableDir 2019-02-08 19:14:54 -06:00
Wei Chen 18a4af1d1d Land #11279, improve imap_open exploit to be more robust 2019-02-08 18:28:08 -06:00
Brent Cook 5fc7167beb Merge remote-tracking branch 'upstream/master' into land-10812- 2019-02-07 09:31:02 -06:00
Wei Chen 3a12592976 Land #11072, Add nuuo_nvrmini_upgrade_rce 2019-02-06 22:30:45 -06:00
Wei Chen c8d79cb7c0 Make minor changes for nuuo module 2019-02-06 22:26:31 -06:00
Pearce Barry 0dbad5d2e3 Land #11349, Add Evince CBT File Command Injection module 2019-02-06 17:54:07 -06:00
Jacob Robles 15f624b745 Land #11304, Add CVE-2018-1000999 to MailCleaner module 2019-02-05 07:19:32 -06:00
Brent Cook ac94557a15 Land #11347, add version check to Safari RCE exploit 2019-02-04 05:22:01 -06:00
Brendan Coles 6f31b1a110 Change default payload to reverse_bash 2019-02-03 06:18:31 +00:00
Brendan Coles 9c3368f325 Add Evince CBT File Command Injection module 2019-02-03 05:38:56 +00:00
Pedro Ribeiro 9070435603 Change to support the new nuuo lib 2019-01-30 21:32:33 +07:00
William Vu b7bc52d20b Fix HTTP/SMB mixin order to restore SSL option 
Mixin order matters. Mixins kinda suck.
 2019-01-29 11:09:34 -06:00
Pedro Ribeiro f5afe98111 Add github and full disc URL 2019-01-24 22:01:02 +07:00
Pedro Ribeiro 2bf663cf7d Add full disclosure URL 2019-01-24 21:59:45 +07:00
Carter Brainerd 2d1cecd4d5 Fix request pattern matching 2019-01-23 13:39:52 -05:00
Tod Beardsley daa3076d42 Add CVE-2018-1000999 to MailCleaner module 
See PR #11148

This adds the new CVE assigned by DWF for this vulnerability.

Note that [CVE-2018-10933](https://www.cvedetails.com/cve/CVE-2018-10933/)
describes a vulnerability in libssh, but this one describes the issue as
it pertains to MailCleaner specifically.
 2019-01-23 09:27:12 -06:00
Carter Brainerd 47fd066a29 Msftidy 2019-01-22 21:06:11 -05:00
Carter Brainerd 1f56bccf31 Small improvements from review 2019-01-22 20:46:28 -05:00
Shelby Pace 2ae6142de7 Land #11243, Add ASan SUID Privesc 2019-01-22 15:50:53 -06:00
Pedro Ribeiro f4aaf6c816 Add https to msf link 2019-01-22 19:14:52 +07:00