adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
36,769 Commits 27 Branches 1,043 Tags
4e99c873c80384cd0b577e818ce2aedcf6fed5ec
Commit Graph

2120 Commits

Author SHA1 Message Date
Jon Hart 27a6aa0be1 Fix current msftidy warnings about PACKETSTORM vs URL 2015-12-24 09:05:02 -08:00
Jon Hart efdb6a8885 Land #6392, @wchen-r7's 'def peer' cleanup, fixing #6362 2015-12-24 08:53:32 -08:00
Brent Cook e4f9594646 Land #6331, ensure generic payloads raise correct exceptions on failure 2015-12-23 15:43:12 -06:00
Brent Cook 7444f24721 update whitespace / syntax for java_calendar_deserialize 2015-12-23 15:42:27 -06:00
wchen-r7 cea3bc27b9 Fix #6362, avoid overriding def peer repeatedly 
def peer is a method that gets repeated a lot in modules, so we
should have it in the tcp mixin. This commit also clears a few
modules that use the HttpClient mixin with def peer.
 2015-12-23 11:44:55 -06:00
Brent Cook 493700be3a remove duplicate key warning from Ruby 2.2.x 
This gets rid of the warning:

modules/exploits/multi/http/uptime_file_upload_2.rb:283: warning: duplicated key at line 284 ignored: "newuser"
 2015-12-23 10:39:35 -06:00
Christian Mehlmauer 424e7b6bfe Land #6384, more joomla rce references 2015-12-22 22:54:58 +01:00
JT 18398afb56 Update joomla_http_header_rce.rb 2015-12-23 05:48:26 +08:00
JT cc40c61848 Update joomla_http_header_rce.rb 2015-12-23 05:38:57 +08:00
Christian Mehlmauer f6eaff5d96 use the new and shiny joomla mixin 2015-12-22 21:36:42 +01:00
JT 314e902098 Add original exploit discoverer and exploit-db ref 
Adding Gary @ Sec-1 ltd for the original exploit and two exploit-db references. Marc-Alexandre Montpas modified Gary's exploit that uses "User-Agent" header. Marc-Alexandre Montpas used "X-FORWARDED-FOR" header to avoid default logged to access.log
 2015-12-22 22:44:59 +08:00
Louis Sato 726578b189 Land #6370, add joomla reference 2015-12-18 17:05:07 -06:00
Christian Mehlmauer fb6ede80c9 add joomla reference 2015-12-18 18:27:48 +01:00
wchen-r7 485196af4e Remove modules/exploits/multi/http/uptime_file_upload.rb 
Please use exploit/multi/http/uptime_file_upload_1 for exploiting
post2file.php on an older version of uptime.

If you are exploiting uptime that is patched against
exploit/multi/http/uptime_file_upload_1, then you may want to try
exploit/multi/http/uptime_file_upload_2.
 2015-12-17 23:01:57 -06:00
wchen-r7 06f1949e2c Land #6355, Joomla HTTP Header Unauthenticated Remote Code Execution 
CVE-2015-8562
 2015-12-16 17:55:51 -06:00
Christian Mehlmauer 8c43ecbfaf add random terminator and clarify target 2015-12-17 00:08:52 +01:00
Christian Mehlmauer 08d0ffd709 implement @wvu-r7 's feedback 2015-12-16 22:44:01 +01:00
Christian Mehlmauer 76438dfb2f implement @wchen-r7 's suggestions 2015-12-16 20:31:43 +01:00
Christian Mehlmauer b43d580276 try to detect joomla version 2015-12-16 16:16:59 +01:00
Christian Mehlmauer 30f90f35e9 also check for debian version number 2015-12-16 15:19:33 +01:00
Christian Mehlmauer 67eba0d708 update description 2015-12-16 14:46:00 +01:00
Christian Mehlmauer fa3fb1affc better ubuntu version check 2015-12-16 14:18:44 +01:00
Christian Mehlmauer 60181feb51 more ubuntu checks 2015-12-16 14:02:26 +01:00
Christian Mehlmauer 934c6282a5 check for nil 2015-12-16 13:52:06 +01:00
Christian Mehlmauer 2661cc5899 check ubuntu specific version 2015-12-16 13:49:07 +01:00
Christian Mehlmauer 675dff3b6f use Gem::Version for version compare 2015-12-16 13:04:15 +01:00
Christian Mehlmauer 01b943ec93 fix check method 2015-12-16 07:26:25 +01:00
Christian Mehlmauer 595645bcd7 update description 2015-12-16 07:03:01 +01:00
Christian Mehlmauer d80a7e662f some formatting 2015-12-16 06:57:06 +01:00
Christian Mehlmauer c2795d58cb use target_uri.path 2015-12-16 06:55:23 +01:00
Christian Mehlmauer 2e54cd2ca7 update description 2015-12-16 06:42:41 +01:00
Christian Mehlmauer d4ade7a1fd update check method 2015-12-16 00:18:39 +01:00
Christian Mehlmauer c603430228 fix version check 2015-12-15 18:26:21 +01:00
wchen-r7 b9b280954b Add a check for joomla 2015-12-15 11:03:36 -06:00
Christian Mehlmauer e4309790f5 renamed module because X-FORWARDED-FOR header is also working 2015-12-15 17:37:45 +01:00
Christian Mehlmauer 84d5067abe add joomla RCE module 2015-12-15 17:20:49 +01:00
William Vu 563be5c207 Land #6322, another Perl IRC bot exploit 2015-12-10 09:43:07 -06:00
William Vu a945350821 Land #6307, Perl IRC bot exploit 2015-12-10 09:42:35 -06:00
wchen-r7 11c1eb6c78 Raise Msf::NoCompatiblePayloadError if generate_payload_exe fails 
Most exploits don't check nil for generate_payload_exe, they just
assume they will always have a payload. If the method returns nil,
it ends up making debugging more difficult. Instead of checking nil
one by one, we just raise.
 2015-12-08 21:13:23 -06:00
wchen-r7 53acfd7ce3 Land #6303, Add phpFileManager 0.9.8 Remote Code Execution 2015-12-07 21:13:48 -06:00
wchen-r7 ea3c7cb35b Minor edits 2015-12-07 21:13:14 -06:00
JT b36834f4bc Update legend_bot_exec.rb 2015-12-07 10:38:36 +08:00
JT 2244f2aa43 Add Legend Perl IRC Bot Remote Code Execution 2015-12-07 10:30:28 +08:00
JT 26c8fd8faa Update xdh_x_exec.rb 2015-12-07 08:25:19 +08:00
JT 9ee5498090 Update xdh_x_exec.rb 
satisfying msftidy's request
 2015-12-06 20:21:18 +08:00
JT 10a8e98e41 Update xdh_x_exec.rb 2015-12-06 20:11:49 +08:00
JT 14afbc6800 Update xdh_x_exec.rb 
updated description and new author.
 2015-12-06 20:10:19 +08:00
JT faac44f257 Update xdh_x_exec.rb 2015-12-04 12:39:19 +08:00
JT f52e6ce65c Update xdh_x_exec.rb 2015-12-04 11:17:16 +08:00
JT 4955357015 Update xdh_x_exec.rb 2015-12-04 11:06:06 +08:00