adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
41,247 Commits 27 Branches 1,043 Tags
5383900a54ef6e9dab353bbf4e29d024cb6cba4d
Commit Graph

21560 Commits

Author SHA1 Message Date
bwatters-r7 1e28e2b2c7 Cache sizes again... 2017-02-24 20:43:13 -06:00
bwatters-r7 493f17761b payload cache size change- all together, now 2017-02-24 20:23:34 -06:00
bwatters-r7 15af90c011 payload cache size change 2017-02-24 20:22:27 -06:00
William Webb d9a7fac399 Land #8004, Use post/windows/manage/priv_migrate instead of migrate -f 2017-02-24 17:30:14 -06:00
James Barnett 2631259919 Land #7973, Enable cert validation for Nexpose 
This PR enables connection to a Nexpose console using the
nexpose client gem.

It also allows you to connect using a trusted certificate
instead of simply overriding the SSL validation.
 2017-02-24 14:27:24 -06:00
h00die 43550b8cdf fixing line length 2017-02-23 19:55:23 -05:00
h00die 041238f77c land #7896 Binom3 power meter scanner and brute 2017-02-23 19:49:50 -05:00
wchen-r7 70f7dccf62 copy and paste fail 2017-02-23 17:11:08 -06:00
wchen-r7 5d0b532b20 Fix #8002, Use post/windows/manage/priv_migrate instead of migrate -f 
Because migrate -f uses a meterpreter script, and meterpreter scripts
are deprecated, we should be replacing with a post module

Fix #8002
 2017-02-23 17:04:36 -06:00
William Vu 236606838a Land #7987, MVPower DVR exploit 2017-02-23 01:46:04 -06:00
Brendan Coles 5d3a4cce67 Use all caps for module option names 2017-02-23 16:30:01 +11:00
bwatters-r7 40e6413867 Land #7980, Add a sploit for CVE-2017-5982, kodi file traversal 2017-02-22 13:11:48 -06:00
Brendan Coles 47fec5626e Style update 2017-02-22 07:56:17 +00:00
Brendan Coles e491f01c70 Add MVPower DVR Shell Unauthenticated Command Execution module 2017-02-22 05:15:57 +00:00
wchen-r7 48f6740fee Land #7969, Add Module Trend Micro IMSVA Remote Code Execution 2017-02-21 17:29:04 -06:00
bwatters-r7 a9b9a58d4d Land #7893, Add Module AlienVault OSSIM/USM Remote Code Execution 2017-02-21 13:35:56 -06:00
William Webb 83cc28a091 Land #7972, Microsoft Office Word Macro Generator OS X Edition 2017-02-21 13:26:42 -06:00
Jan-Erik Rediger 49da6289a9 Fix typo in smtp fuzzer 2017-02-20 21:47:59 +01:00
jvoisin 73eed104a9 Take into account @h00die's comments. 2017-02-20 13:22:20 +01:00
William Vu dad21b1c1d Land #7979, another downcase fix for a password 2017-02-19 21:26:52 -06:00
jvoisin 7bd6aff1cf Add a sploit for CVE-2017-5982 2017-02-19 21:57:27 +01:00
h00die 92c1fa8390 remove downcase 2017-02-18 20:13:32 -05:00
Brent Cook ef2fff798e update sizes 2017-02-17 18:57:02 -06:00
Brent Cook 24151a9c27 Land #7753, Add auxiliary RomPager misfortune cookie authentication bypass 2017-02-17 18:07:15 -06:00
Brent Cook 2c570b6709 Land #7942, Microsoft SQL Server Clr Stored Procedure Payload Execution 2017-02-17 17:28:54 -06:00
Brent Cook e4c324c988 Land #7941, treat a user with no mailbox as a valid credential anyway 2017-02-17 17:09:57 -06:00
Brent Cook 8019a9e519 Land #7947, fix crash in panda_psevents when an unexpected target OS is found 2017-02-17 14:08:27 -06:00
wchen-r7 1f23b44003 I modified windows/fileformat/office_word_macro the wrong way 2017-02-16 23:16:06 -06:00
Jeffrey Martin cbfe18e4d7 use certificates in nexpose 2017-02-16 14:34:02 -06:00
wchen-r7 7503f643cc Deprecate windows/fileformat/office_word_macro 
Please use exploits/multi/fileformat/office_word_macro instead,
because the new one supports OS X.
 2017-02-16 12:32:14 -06:00
wchen-r7 3d269b46ad Support OS X for Microsoft Office macro exploit 2017-02-16 12:28:11 -06:00
David Manouchehri f113114643 Added assigned CVE. 2017-02-15 17:05:23 -05:00
aushack 3b386f86f6 Typo fix. 2017-02-14 17:05:46 +11:00
h00die 843f559069 land #7917 piwik exploit module 2017-02-14 00:52:27 -05:00
OJ ec316bfb6c Use DATABASE when logging in with SQL mixin 2017-02-14 10:34:27 +10:00
h00die a47a479bd3 add else case 2017-02-12 19:08:31 -05:00
James Barnett 94a234e5bf Specify sname as http/https to keep with standards throughout the code. 2017-02-10 17:31:08 -06:00
Christian Mehlmauer baa473a1c6 add piwik superuser plugin upload module 2017-02-11 00:20:50 +01:00
James Lee 026f6eb715 Land #7929, improve php_cgi_arg_injection 2017-02-10 10:01:38 -06:00
OJ 2d834a3f5a Finalise module, and add supporting binaries 2017-02-10 12:56:40 +10:00
jakxx 58779f0aaf owa_login no mailbox bugfix 
The owa_login module currently misses a success condition where the
creds are valid but there is no mailbox setup. This commit adds the
check for the condition for OWA 2013.
 2017-02-09 21:35:58 -05:00
OJ 1c62559e55 Add v1 of SQL Clr stored proc payload module 2017-02-10 10:28:22 +10:00
wchen-r7 4a9a8adaa1 Land #7928, http_version now stores the fingerprints 2017-02-09 16:28:51 -06:00
Jeffrey Martin d7a6edb5a4 Land #7939, Override empty? for the weird ones 2017-02-09 15:40:24 -06:00
James Lee 4f13bde471 Override empty? for the weird ones 
Fixes #7899
 2017-02-09 14:57:20 -06:00
bwatters-r7 272d1845fa Land #7934, Add exploit module for OpenOffice with a malicious macro 2017-02-09 13:42:58 -06:00
Christian Mehlmauer 8ade9b8aae Land #7905, WordPress content injection module 2017-02-09 15:49:50 +01:00
wchen-r7 e1a1ea9d68 Fix grammar 2017-02-08 19:26:35 -06:00
William Vu cf395ea7b1 Make error checks more consistent 2017-02-08 18:00:44 -06:00
William Vu 0d56676690 Add error check for listing posts 2017-02-08 17:13:12 -06:00