adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
52,170 Commits 27 Branches 1,043 Tags
53ea7e577fc516d751ccd493555eb336f27dd160
Commit Graph

3080 Commits

Author SHA1 Message Date
suzu991154 cdce03f42d fix_os_check 2019-06-03 16:17:23 +09:00
suzu991154 0a6f1d5538 Add support for Windows 10(10240) to CVE-2015-5122 2019-06-01 14:44:30 +09:00
William Vu a0c6035380 Prefer initial slash in normalize_uri 
I missed the indirect call in check. This decides on a style.

If a URI part contains a slash, we begin with a slash.
 2019-05-30 00:08:17 -05:00
William Vu 0b4cc5b547 Update go_go_gadget2 2019-05-22 15:03:44 -05:00
William Vu 6d004862e4 Update go_go_gadget1 2019-05-22 15:03:44 -05:00
William Vu be89a4d9c5 Update exploit method 2019-05-22 15:03:05 -05:00
William Vu f70b3d13a0 Update metadata 2019-05-22 15:03:05 -05:00
William Vu 73aabd1adc Land #11861, WebLogic AsyncResponseService updates 2019-05-22 14:23:45 -05:00
Shelby Pace 0d6008862b Land #11805, add bsd targets to sshexec 2019-05-20 14:16:10 -05:00
Wei Chen 6847fcc199 Update CVE reference and datastore options for WebLogic exploit 2019-05-20 13:10:06 -05:00
bwatters-r7 966582a10c Land #11833, moodle_cmd_exec nil check 
Merge branch 'land-11833' into upstream-master
 2019-05-20 13:08:11 -05:00
William Vu 0328814241 Indent ternary statement in struts2_rest_xstream 2019-05-20 12:35:52 -05:00
Wei Chen ad08c4e56b Land #11828, Add CVE-2017-18357: Shopware Object Instantiation 2019-05-17 18:22:48 -05:00
Wei Chen 9b46e7a347 Normalize PHP payload path 2019-05-17 18:20:59 -05:00
Shelby Pace 730f912fea Land #11802, add GetSimple CMS RCE module 2019-05-16 11:30:21 -05:00
Shelby Pace 6210a28f32 added checks to at, changed some uris 2019-05-15 15:40:27 -05:00
stevenseeley 1df703b85f added some vprint_error calls in the check 2019-05-13 17:36:06 -05:00
stevenseeley e8fec2a77b don't override the check method 2019-05-12 20:08:52 -05:00
h00die 74fbcaf908 moodle_cmd_exec nil check 2019-05-10 14:02:01 -04:00
stevenseeley bca160f4c4 final commit: fixed check method to not print as suggested by @bcoles 2019-05-10 09:45:21 -05:00
stevenseeley 6427cb31bf fixed regex a lil 2019-05-09 22:53:39 -05:00
stevenseeley 5ff8394df0 @bcoles is a purist :p 2019-05-09 22:21:26 -05:00
stevenseeley 7953f85c16 updated error message to be NoAccess 2019-05-09 21:29:48 -05:00
stevenseeley a700fcec5d changed regex as suggested by @bcoles 2019-05-09 21:18:14 -05:00
stevenseeley e769ae5c90 fixed some error conditions, changed regex as suggested by @bcoles 2019-05-09 21:14:54 -05:00
stevenseeley 2ff1adb1be fixed timing of exec 2019-05-09 20:58:14 -05:00
stevenseeley 6ffd1d5e95 updated module to address @bcoles's comments 2019-05-09 20:53:49 -05:00
stevenseeley 65c3163518 updated module credits with original discoverer 2019-05-09 17:35:47 -05:00
stevenseeley ba2baa7652 updated module randomization a little more 2019-05-09 16:14:35 -05:00
stevenseeley 2649fa0d65 added a new line at the end 2019-05-09 15:35:00 -05:00
stevenseeley 9b200840a4 added module for CVE-2017-18357 2019-05-09 15:19:01 -05:00
stevenseeley aaa0dd2532 added module for CVE-2017-18357 2019-05-09 15:17:43 -05:00
stevenseeley 89e3a07518 added module for CVE-2017-18357 2019-05-09 15:08:33 -05:00
William Vu 413929b7f6 Land #11598, Postgres COPY FROM PROGRAM exploit 2019-05-07 01:12:44 -05:00
asoto-r7 f89b0e848f Land PR#11780, exploit/multi/misc/weblogic_deserialize_asyncresponseservice 2019-05-06 15:36:47 -05:00
asoto-r7 abfe4fd2c2 weblogic_deserialize_asyncresponseservice: Added check method, improved exception handling, minimizing XML strings 2019-05-06 15:16:50 -05:00
Cha0s bd349b8a23 Removed Spaces EOL 2019-05-04 23:24:20 -05:00
Cha0s 4bf0adeade Module corrections 
Corrections in: author metadata, references, removing handler, removing unused  code branch and vulnerable variable, improve module description
 2019-05-04 23:11:40 -05:00
Brendan Coles 60fb3b2319 Add BSD target to exploit/multi/ssh/sshexec module 2019-05-02 20:40:14 +00:00
Waqas Ali 48b7f7c904 Update (removed parenthesis) modules/exploits/multi/http/getsimplecms_unauth_code_exec.rb 
(removed parenthesis)

Co-Authored-By: truerandom <masterofdisaster@ciencias.unam.mx>
 2019-05-02 02:03:54 -05:00
Waqas Ali 75c78b761e Update (removed parenthesis) modules/exploits/multi/http/getsimplecms_unauth_code_exec.rb 
(removed parenthesis)

Co-Authored-By: truerandom <masterofdisaster@ciencias.unam.mx>
 2019-05-02 02:03:46 -05:00
Waqas Ali 3a7ebbdc3d Update (removed parenthesis) modules/exploits/multi/http/getsimplecms_unauth_code_exec.rb 
(removed parenthesis)

Co-Authored-By: truerandom <masterofdisaster@ciencias.unam.mx>
 2019-05-02 02:03:26 -05:00
Waqas Ali 33c2a9592a Update (removed parenthesis) modules/exploits/multi/http/getsimplecms_unauth_code_exec.rb 
(removed parenthesis)

Co-Authored-By: truerandom <masterofdisaster@ciencias.unam.mx>
 2019-05-02 02:03:14 -05:00
truerandom ea3e8e5bae exploit module for cve-2019-11231 2019-05-01 20:05:57 -04:00
Shelby Pace a88858fc8b Land #11779, add Rails Doubletap Dev mode RCE 2019-05-01 08:35:28 -05:00
Andrés Rodríguez d1ca87b810 Improvements to the payloads config. 2019-05-01 00:06:46 -05:00
Andrés Rodríguez 4c612efc16 Spaces at EOL (again). 2019-04-30 23:36:52 -05:00
Andrés Rodríguez 384c8b3959 Pulling the XML out into its own method. 2019-04-30 23:23:38 -05:00
Andrés Rodríguez 554f781382 Spaces at EOL. 2019-04-30 23:03:25 -05:00
Andrés Rodríguez b3a4b639c3 Use of suggested multi-line string for XML and case for the OS. 2019-04-30 22:43:45 -05:00