adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
38,375 Commits 27 Branches 1,043 Tags
5361aaadbd043b3dffcc00fa35cd8a566b42e044
Commit Graph

38375 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
sho-luv 5361aaadbd Update nbns_response.rb 
Just correcting the description section of this module
 2016-05-14 15:24:38 -07:00
Brent Cook 21d74a64fe Land #6874, Improve exploit for CVE-2016-0854 2016-05-14 11:08:17 -05:00
Brent Cook 0d176f2c92 remove a couple of unnecessary ternary ops 2016-05-14 11:07:43 -05:00
Brent Cook c7cbaa08c8 Land #6576, add Search Engine Subdomains Collector (Bing / Yahoo / ..) 2016-05-14 10:50:53 -05:00
Brent Cook 10dcc44e2d Land #6446, Speedup pattern_create/offset options parsing 2016-05-14 09:50:19 -05:00
Brent Cook 680709c5f2 move requires into run 2016-05-14 09:50:02 -05:00
Brent Cook dd0d68a2b4 speed up options parsing (only require framework when running) 2016-05-14 09:47:08 -05:00
Brent Cook 2e3e4f0069 Land #6296, Added a multi-platform post module to generate TCP & UDP egress traffic 2016-05-14 00:03:00 -05:00
Brent Cook 3542d907f7 simplify description, move the bulk of documentation to documentation/ 2016-05-14 00:01:51 -05:00
Brent Cook 8ce0365c7f See rapid7/metasploit-payloads#98, update cached payload sizes 2016-05-13 23:05:34 -05:00
Brent Cook 307e565859 Land rapid7/metasploit-payloads#98, Fix python meterpreter reverse_tcp reconnect. 2016-05-13 22:59:52 -05:00
Brent Cook f9af8446aa Land #6873, Resolve Rails 5.0 warning about default log levels 2016-05-13 22:54:12 -05:00
Brent Cook d398419971 Land #6832, Check LHOST value before running shell_to_meterpreter, add docs 2016-05-13 22:50:22 -05:00
Brent Cook 057c25e188 Land #6446, Cleanup pattern_create/pattern_offset and document options 2016-05-13 22:09:35 -05:00
Brent Cook 7cfc4d4523 fix odd indentation and style issues 2016-05-13 22:06:18 -05:00
Brent Cook 901b793406 fix some minor indent and style issues 2016-05-13 21:51:54 -05:00
Brent Cook 7b83b06ad5 whitespace and remove useless comments 2016-05-13 21:45:41 -05:00
Brent Cook a940481f62 Land #6834, Authorized FTP JCL exploit for z/OS 2016-05-13 21:29:45 -05:00
Brent Cook 5c494480e6 handle failure more gracefully 2016-05-13 21:29:25 -05:00
wchen-r7 3b5db26ff5 Fix #6872, change upload action for CVE-2016-0854 exploit 
This patch includes the following changes:

* Instead of the uploadFile action, this patch uses uploadImageCommon
  to be able to support both Advantech WebAccess builds: 2014 and
  2015.
* It uses an explicit check instead of the passive version check.
* It cleans up the malicious file after getting a session.
* Added module documentation to explain the differences between
  different builds of Advantech WebAccess 8.0s, and 8.1.

Fix #6872
 2016-05-13 19:47:18 -05:00
Brent Cook 1adca04c30 Add default config value for log levels (silence Rails 5.0 warning in msfconsole) 2016-05-13 16:51:27 -05:00
Jenkins 621a908b2d Bump version of framework to 4.12.2 2016-05-13 12:51:58 -07:00
David Maloney ba4bfca806 Revert "arg bad build, resetting version back one" 
This reverts commit d86392e96b.
4.12.1 		2016-05-13 14:48:35 -05:00
David Maloney d86392e96b arg bad build, resetting version back one 2016-05-13 14:44:02 -05:00
Jenkins b6a83f734d Bump version of framework to 4.12.1 2016-05-13 12:39:43 -07:00
David Maloney 31050a8da7 Rails upgrade to 4.2.6 
lands all of the rails 4.2 upgrade work
Merge branch 'staging/rails-upgrade'
4.12.0 		2016-05-13 14:34:50 -05:00
Jenkins 6c11054d5a Bump version of framework to 4.12.0 2016-05-13 11:46:03 -07:00
David Maloney fd543f13af fix deps 2016-05-13 13:34:18 -05:00
David Maloney 348a4f9fa8 Merge branch 'master' into staging/rails-upgrade 2016-05-13 13:03:22 -05:00
Bigendian Smalls 2d5cf6cfe4 Authorized FTP JCL exploit for z/OS 
This exploit module allows a user with credentials to execute JCL on a
vulnerable mainframe system running z/OS and an appropriately configured
FTP server.
 2016-05-12 14:46:31 -05:00
wchen-r7 13adc3ee0a Land #6865, Add CVE-2015-3224 support to rails_web_console_v2_code_exec 4.11.27 2016-05-12 13:56:01 -05:00
Brent Cook a69432abe5 update module class and move to recon from manage 2016-05-12 12:42:04 -05:00
Brent Cook 9f923cdb00 Merge branch 'master' into land-6296-egress 2016-05-12 12:36:47 -05:00
David Maloney d9abb06a5a Merge branch 'master' into staging/rails-upgrade 2016-05-12 11:18:51 -05:00
David Maloney 11a672e31d use raw file write for cuke 
the write_file method from aruba
was not working properly anymore, replaced it
with a raw ruby file write
 2016-05-12 11:17:53 -05:00
David Maloney 7edaa2abcc still trying to fix these migrations 
seeing odd behaviour with mgirations in
rspec
 2016-05-11 14:54:40 -05:00
David Maloney 4c2fed37f9 tweak cucumber scenario 
tweak the database.yml scenario slightly
 2016-05-11 14:28:02 -05:00
David Maloney 2fb3123ef2 fix migration crazieness 
MS-1486
 2016-05-11 14:05:34 -05:00
David Maloney 993709e076 Land #6862, jar payloads 
lands FireFarts jar payload pr
 2016-05-11 09:56:41 -05:00
HD Moore 32e1a19875 Fix up the disclosure date 2016-05-11 00:18:22 -05:00
HD Moore ded79ce1ff Fix CVE syntax 2016-05-10 23:18:45 -05:00
HD Moore 4a5d150716 Fixups to continue supporting Rails 4.2.x 2016-05-10 23:12:48 -05:00
HD Moore 04bb493ccb Small typo fixed 2016-05-10 23:07:51 -05:00
HD Moore 7c6958bbd8 Rework rails_web_console_v2_code_exec to support CVE-2015-3224 2016-05-10 11:08:02 -05:00
wchen-r7 3db72e9b4b Land #6853, use send_request_cgi! for CVE-2016-0854 exploit 2016-05-09 16:10:04 -05:00
Christian Mehlmauer e2dd844e34 reenable jar format 2016-05-09 21:25:23 +02:00
David Maloney 6142d2cef1 Merge branch 'master' into staging/rails-upgrade 2016-05-09 09:27:17 -05:00
Jenkins 805f98f599 Bump version of framework to 4.11.27 2016-05-06 11:32:46 -07:00
Kyle Gray 2a546d191f Land #6854, smtp header fix 
Fixes an issue with duplicate headers when sending emails.

Fixes MS-1476
4.11.26 		2016-05-06 12:07:12 -05:00
William Vu c15403a426 Fix #6838, web-console module cleanup 
ommit.
 2016-05-06 12:01:21 -05:00