adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
52,170 Commits 27 Branches 1,043 Tags
53ea7e577fc516d751ccd493555eb336f27dd160
Commit Graph

12810 Commits

Author SHA1 Message Date
Jacob Robles 9edf92434c Land #11895, CVE-2018-20434 LibreNMS cmd injection exploit 2019-06-04 12:28:24 -05:00
Jacob Robles c93c65cef5 Update date format 2019-06-04 12:24:00 -05:00
Jacob Robles c1572c89a8 Land #11841, IBM WAS Network Deployment RCE CVE-2019-4279 2019-06-04 11:49:05 -05:00
Wei Chen b8abb550e6 Land #11924, Update adobe_flash_opaque_background_uaf for Win 10 2019-06-04 00:51:34 -05:00
bwatters-r7 6f711dfab4 Land #11918, replace trivial usage of expand_path with getenv 
Merge branch 'land-11918' into upstream-master
 2019-06-03 16:59:39 -05:00
suzu991154 cdce03f42d fix_os_check 2019-06-03 16:17:23 +09:00
Tim W d0cce0a6a4 offsets for iPhone 5S 10.2.1 2019-06-02 10:19:24 +08:00
Tim W 5b708532b4 use MetasploitPayloads to_binary 2019-06-02 10:19:24 +08:00
Tim W c659a1e5b4 add description 2019-06-02 10:19:24 +08:00
Tim W aabe316662 fixes for iOS 10 2019-06-02 10:19:24 +08:00
Tim W 2b54d411f6 fix iOS 11 offset cache 2019-06-02 10:19:24 +08:00
Tim W e6a8d66460 fix iOS 10 again 2019-06-02 10:19:24 +08:00
Tim W b7574f2dd8 cleanup 2019-06-02 10:19:24 +08:00
Tim W 6d9385cb8a ios 11 faf 2019-06-02 10:19:24 +08:00
Tim W b142115c82 fix iOS 11.0.2 2019-06-02 10:19:24 +08:00
Tim W 6f6cf443b6 begin iOS 11 2019-06-02 10:19:24 +08:00
Tim W 33a4866c36 add offset cache 2019-06-02 10:19:24 +08:00
Tim W f15e70ea03 various fixes 2019-06-02 10:19:24 +08:00
Tim W 3d414dac74 add hash to trust cache 2019-06-02 10:19:24 +08:00
Tim W 32af9cb897 Initial commit of CVE-2018-4233 for iOS 10 2019-06-02 10:19:24 +08:00
suzu991154 0a6f1d5538 Add support for Windows 10(10240) to CVE-2015-5122 2019-06-01 14:44:30 +09:00
Brent Cook 53557cc92e replace trivial usage of expand_path with getenv 
expand_path is not implemented consistently across platforms and
sessions, which leads to confusing behavior. In places where we have trivial
single variable expansions, this changes modules and library code to just use
getenv.

We'll look at the rest individually to see if they can also be reimplemented in
terms of getenv.
 2019-05-31 17:44:35 -05:00
Shelby Pace c2786eb87c made suggested changes 2019-05-30 14:09:40 -05:00
Jacob Robles 1069c3de4f File cleanup 2019-05-30 13:36:28 -05:00
Shelby Pace 74812ffe4d Update modules/exploits/linux/http/librenms_addhost_cmd_inject.rb 
Co-Authored-By: @shellfail <jrobles@rapid7.com>
 2019-05-30 10:52:34 -05:00
Shelby Pace 8c11a1c95a Update modules/exploits/linux/http/librenms_addhost_cmd_inject.rb 
Co-Authored-By: @shellfail <jrobles@rapid7.com>
 2019-05-30 10:51:57 -05:00
William Vu a0c6035380 Prefer initial slash in normalize_uri 
I missed the indirect call in check. This decides on a style.

If a URI part contains a slash, we begin with a slash.
 2019-05-30 00:08:17 -05:00
Shelby Pace 590b9748c1 changed file name and documentation 2019-05-29 18:30:39 -05:00
Shelby Pace 6606e1fed4 Update modules/exploits/linux/http/librenms_cmd_injection.rb 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-05-29 18:00:59 -05:00
Shelby Pace 5253d34dd3 Update modules/exploits/linux/http/librenms_cmd_injection.rb 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-05-29 18:00:07 -05:00
Shelby Pace 34528b1512 Update modules/exploits/linux/http/librenms_cmd_injection.rb 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-05-29 17:59:55 -05:00
Shelby Pace fa1ce20e74 add note 2019-05-29 15:50:31 -05:00
Shelby Pace de081a08cd add working exploit 2019-05-29 15:09:23 -05:00
Jacob Robles 87e9fddd2f CMD Target Update 
Generic payload auto-disables the handler so we don't have
to handle that now. Also, remove datastore modifications
in the module.
 2019-05-29 13:09:21 -05:00
Shelby Pace 6279136359 adding and deleting devices 2019-05-28 15:12:35 -05:00
Shelby Pace e16d144723 added base of module 2019-05-24 16:20:44 -05:00
Jacob Robles 55dcdace03 Land #11846, OATS Console War Deployment 2019-05-24 11:27:36 -05:00
Wei Chen fcd360891f Check #attributes for nil, and make sure target is oats console 2019-05-24 10:06:47 -05:00
William Vu 380c639ef3 Land #11794, postgres_payload Postgres 8.2+ update 2019-05-23 18:23:58 -05:00
Brent Cook 0559fda9db Land #11873, allow calling methods across related modules 2019-05-23 13:56:27 -05:00
Jacob Robles 1fe981b8e2 Land #11843, Update MSB references 2019-05-23 08:07:46 -05:00
Jacob Robles db353a7ba1 Fix MS reference number 2019-05-23 07:03:23 -05:00
Jacob Robles a0e90c0848 Remove references to doc.microsoft.com bulletin 
MSB references point to this location
 2019-05-23 07:01:21 -05:00
William Vu e836bdceca Force check only in ETERNALBLUE 2019-05-22 20:07:56 -05:00
William Vu 5064f2ce01 Add ForceExploit 2019-05-22 17:50:31 -05:00
William Vu 78fb72fea3 Update ms17_010_psexec 2019-05-22 17:31:24 -05:00
William Vu c7ba2ade65 Convert to mixin 2019-05-22 17:27:11 -05:00
William Vu d0a2d9533f Use CheckCode 2019-05-22 16:51:33 -05:00
William Vu db299b71ce Add datastore option 2019-05-22 16:45:01 -05:00
William Vu fdec7613c0 Update comment 2019-05-22 16:30:10 -05:00