adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
52,170 Commits 27 Branches 1,043 Tags
53ea7e577fc516d751ccd493555eb336f27dd160
Commit Graph

26545 Commits

Author SHA1 Message Date
Clément Notin 69ab2154ad wordpress_content_injection: fix CVE number 2019-06-05 12:43:16 +02:00
Jacob Robles 9edf92434c Land #11895, CVE-2018-20434 LibreNMS cmd injection exploit 2019-06-04 12:28:24 -05:00
Jacob Robles c93c65cef5 Update date format 2019-06-04 12:24:00 -05:00
Jacob Robles c1572c89a8 Land #11841, IBM WAS Network Deployment RCE CVE-2019-4279 2019-06-04 11:49:05 -05:00
Wei Chen b8abb550e6 Land #11924, Update adobe_flash_opaque_background_uaf for Win 10 2019-06-04 00:51:34 -05:00
bwatters-r7 6f711dfab4 Land #11918, replace trivial usage of expand_path with getenv 
Merge branch 'land-11918' into upstream-master
 2019-06-03 16:59:39 -05:00
suzu991154 cdce03f42d fix_os_check 2019-06-03 16:17:23 +09:00
Chris Higgins 6ffc6b9b18 Fix #11934, frontpage_credential_dump.md file move 2019-06-02 12:40:18 -05:00
Tim W b5bdc06c4c Land #11933, add default VID and cmd/unix support to post/multi/manage/play_youtube 2019-06-03 00:39:11 +08:00
William Vu 42082f0bcf Add unix platform 2019-06-02 11:31:43 -05:00
William Vu fe5bc8242f Add cmd/unix support 2019-06-02 11:19:44 -05:00
William Vu 852cd6c6c6 Note unused variables 2019-06-02 11:19:30 -05:00
William Vu 290741719c Add default VID to post/multi/manage/play_youtube 2019-06-02 11:01:57 -05:00
Tim W d0cce0a6a4 offsets for iPhone 5S 10.2.1 2019-06-02 10:19:24 +08:00
Tim W 5b708532b4 use MetasploitPayloads to_binary 2019-06-02 10:19:24 +08:00
Tim W c659a1e5b4 add description 2019-06-02 10:19:24 +08:00
Tim W aabe316662 fixes for iOS 10 2019-06-02 10:19:24 +08:00
Tim W 2b54d411f6 fix iOS 11 offset cache 2019-06-02 10:19:24 +08:00
Tim W e6a8d66460 fix iOS 10 again 2019-06-02 10:19:24 +08:00
Tim W b7574f2dd8 cleanup 2019-06-02 10:19:24 +08:00
Tim W 6d9385cb8a ios 11 faf 2019-06-02 10:19:24 +08:00
Tim W b142115c82 fix iOS 11.0.2 2019-06-02 10:19:24 +08:00
Tim W 6f6cf443b6 begin iOS 11 2019-06-02 10:19:24 +08:00
Tim W 33a4866c36 add offset cache 2019-06-02 10:19:24 +08:00
Tim W f15e70ea03 various fixes 2019-06-02 10:19:24 +08:00
Tim W 3d414dac74 add hash to trust cache 2019-06-02 10:19:24 +08:00
Tim W 32af9cb897 Initial commit of CVE-2018-4233 for iOS 10 2019-06-02 10:19:24 +08:00
Brent Cook 4286068154 Land #11906, fix osx 10.7 hash IDing and JTR IDs 2019-06-01 12:05:35 -05:00
suzu991154 0a6f1d5538 Add support for Windows 10(10240) to CVE-2015-5122 2019-06-01 14:44:30 +09:00
Brent Cook 53557cc92e replace trivial usage of expand_path with getenv 
expand_path is not implemented consistently across platforms and
sessions, which leads to confusing behavior. In places where we have trivial
single variable expansions, this changes modules and library code to just use
getenv.

We'll look at the rest individually to see if they can also be reimplemented in
terms of getenv.
 2019-05-31 17:44:35 -05:00
Brent Cook b9af69a5be update payloads 2019-05-31 09:32:44 -05:00
h00die 06256cc05b fix osx 10.7 hash IDing, and JTR ids 2019-05-30 18:33:45 -04:00
Shelby Pace c2786eb87c made suggested changes 2019-05-30 14:09:40 -05:00
Jacob Robles 1069c3de4f File cleanup 2019-05-30 13:36:28 -05:00
Shelby Pace 74812ffe4d Update modules/exploits/linux/http/librenms_addhost_cmd_inject.rb 
Co-Authored-By: @shellfail <jrobles@rapid7.com>
 2019-05-30 10:52:34 -05:00
Shelby Pace 8c11a1c95a Update modules/exploits/linux/http/librenms_addhost_cmd_inject.rb 
Co-Authored-By: @shellfail <jrobles@rapid7.com>
 2019-05-30 10:51:57 -05:00
William Vu 622e67d20a Land #11900, normalize_uri style fix 2019-05-30 00:16:16 -05:00
William Vu a0c6035380 Prefer initial slash in normalize_uri 
I missed the indirect call in check. This decides on a style.

If a URI part contains a slash, we begin with a slash.
 2019-05-30 00:08:17 -05:00
Brent Cook 810d5e356f Land #11865, expand utility for allegro_rompager_auth_bypass 2019-05-29 23:40:37 -05:00
Jeffrey Martin 1833c97c8c more require for pdf-reader 
In ruby 2,5+ on windows the ttfunk dependency loading causes ruby to crash so
only load this only when specifically required.
 2019-05-29 22:36:50 -05:00
Shelby Pace 590b9748c1 changed file name and documentation 2019-05-29 18:30:39 -05:00
Shelby Pace 6606e1fed4 Update modules/exploits/linux/http/librenms_cmd_injection.rb 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-05-29 18:00:59 -05:00
Shelby Pace 5253d34dd3 Update modules/exploits/linux/http/librenms_cmd_injection.rb 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-05-29 18:00:07 -05:00
Shelby Pace 34528b1512 Update modules/exploits/linux/http/librenms_cmd_injection.rb 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-05-29 17:59:55 -05:00
Shelby Pace fa1ce20e74 add note 2019-05-29 15:50:31 -05:00
Shelby Pace de081a08cd add working exploit 2019-05-29 15:09:23 -05:00
Jacob Robles 87e9fddd2f CMD Target Update 
Generic payload auto-disables the handler so we don't have
to handle that now. Also, remove datastore modifications
in the module.
 2019-05-29 13:09:21 -05:00
William Vu 6580f14c3a Once more, with feeling 2019-05-29 12:19:52 -05:00
William Vu 78fca9f91a Suggest CASTV2 is unsupported 2019-05-29 11:50:53 -05:00
William Vu 9ba1ac075a Add word 2019-05-29 11:46:45 -05:00