adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
57,241 Commits 27 Branches 1,043 Tags
5a40c6dc00a13ad4bcdd18f9828fa8e08b155699
Commit Graph

1566 Commits

Author SHA1 Message Date
William Vu d5d4716b1c Update TMSH escape reliability notes 
What's strange is that if the stars align, like if the system has been
"used" enough, the exploit is incredibly reliable. Maybe my test
environment is bonkers.
 2020-07-17 06:26:00 -05:00
William Vu c082ccd337 Make Meterpreter the default target 2020-07-17 06:10:53 -05:00
William Vu 1ae689ce5f Improve robustness by refactoring error handling 
tmshCmd.jsp is extremely unreliable!
 2020-07-17 05:23:42 -05:00
adfoster-r7 7e7881fbfa Land #13730, Add Pandora FMS Events Remote Code Execution (CVE-2020-13851) module and docs 2020-07-11 13:10:47 +01:00
Jeffrey Martin c61f34ed16 Land #13596, [GSoC] SQLi library with support to MySQL (and MariaDB) 2020-07-10 13:45:47 -05:00
kalba-security 957042f0a3 Nuke redundant force-exploit advanced option 2020-07-09 17:24:19 -04:00
kalba-security df42399f61 Add installation instructions to docs 2020-07-09 17:20:07 -04:00
kalba-security dc34acd070 Push to test autocheck issue 2020-07-09 16:43:18 -04:00
kalba-security 6bb20f41d8 Code review changes 2020-07-09 15:21:13 -05:00
kalba-security 36397a3e8f Add cmdstager support 2020-07-09 15:21:12 -05:00
kalba-security 3ac3dcb3cf Incorporate suggestios from code review 2020-07-09 15:21:12 -05:00
kalba-security c2abb40890 Fix HTTP timeout 2020-07-09 15:21:12 -05:00
kalba-security 3eceeca911 Add Pandora FMS Events Remote Code Execution module and docs 2020-07-09 15:21:12 -05:00
William Vu 398c13a1b2 Add Mikhail Klyuchnikov's writeup as a reference 2020-07-08 14:36:42 -05:00
William Vu ee240393f4 Credit Mikhail Klyuchnikov for CVE-2019-19781 2020-07-08 14:35:16 -05:00
William Vu d726a2cdcb Fix a few final things 2020-07-07 12:06:05 -05:00
William Vu c8176b803a Add version information to the description 2020-07-06 16:24:22 -05:00
William Vu 7ef4cb64ad Tweak timeouts to avoid a race condition 2020-07-06 14:30:27 -05:00
William Vu be90526d5f Add vuln discovery credit and reference 2020-07-06 14:26:52 -05:00
William Vu 41bb4d3a8d Add dir_trav method back in 
I was wondering why I refactored it away. Oh, I needed it.
 2020-07-05 18:23:45 -05:00
William Vu 1f765d0e1f Upgrade CheckCodes, since the dir traversal passed 2020-07-05 16:29:53 -05:00
William Vu 6e7701ba21 Add rudimentary check method 2020-07-05 16:18:03 -05:00
William Vu 0417e88ff2 Add F5 BIG-IP TMUI RCE (CVE-2020-5902) 2020-07-05 15:22:15 -05:00
William Vu 36b5d237fa Make cmd/unix target types consistent to :unix_cmd 
There were some using :unix_command, and it was just an oversight.
 2020-07-05 11:16:47 -05:00
William Vu ffc07d6c8f Merge remote-tracking branch 'upstream/master' into pr/13787 2020-07-01 14:42:16 -05:00
wvu-r7 e0fbc9fd05 Correct whitespace change 
Seems like a typo.
 2020-07-01 11:00:04 -05:00
Shelby Pace e2f6330755 Land #13725, fix error / clean up atutor exploit 2020-06-30 13:32:34 -05:00
William Vu 755d2d3261 Use subpar regex validation on LEAK_FILE 2020-06-30 11:17:26 -05:00
Alan Foster b841246536 Update autocheck to use prepend instead of include, add ForceExploit functionality 2020-06-30 11:40:46 +01:00
Niboucha Redouane 2c4ca04dca Rename the factory method for SQLi classes, and add a check on the class to instanciate 2020-06-27 14:51:54 +02:00
Jeffrey Martin aa6c037dbd refactor mixin as factory for sqli classes 2020-06-26 15:09:01 -05:00
Pedro Ribeiro 6e8178735f Update ibm_drm_rce.rb 2020-06-26 11:38:55 +07:00
Pedro Ribeiro 2ba8573ef9 Update IBM DRM rce module 2020-06-26 11:31:10 +07:00
Niboucha Redouane 8b7ad94168 Fix error message, SqliDelay instead of SQLI_SLEEP 2020-06-24 00:48:07 +02:00
Niboucha Redouane f89f80be47 add default value for options of SQLi constructors, and fix eyesofnetwork module 2020-06-24 00:38:13 +02:00
Niboucha Redouane fba2d2e7be inject the datastore into the SQLi library, and register advanced options 2020-06-22 17:36:38 +02:00
h00die 6e93dcf8c2 Land #13645, Trend Micro WebSecurity RCE 2020-06-22 06:51:26 -04:00
h00die 6a3633c2c0 fixing up some styles and such 2020-06-20 12:05:48 -04:00
mdisec 260607e8f9 Adding check on exploit method 2020-06-19 19:00:52 +03:00
Niboucha Redouane 9d36076264 Add option to specify the range of characters to retrieve 2020-06-19 16:41:57 +02:00
mdisec 7ab5474175 Change check method and regex for cookie 2020-06-19 16:15:11 +03:00
mdisec 229760a826 Fixing document file and module improvements 2020-06-18 20:11:55 +03:00
Shelby Pace db4006e9f6 Land #13607, add Cayin exploit modules 2020-06-18 10:33:49 -05:00
Niboucha Redouane 305dbe9e2f refactor structure, get rid of prefix and suffix 2020-06-18 17:21:10 +02:00
h00die 7bd2ba3aed remove debugging 2020-06-17 12:04:18 -04:00
h00die c2c931030f review comments 2020-06-17 11:47:11 -04:00
Tod Beardsley dc54145fa9 Add CVE-2020-7357 as a reference for Caiyn CMS 2020-06-17 09:56:10 -05:00
kalba-security f0255e3c81 Fix atutor_filemanager_traversal credentials checks and clean up code 2020-06-15 12:15:00 -04:00
mdisec a0740f4698 Add trend micro websecurity rce 2020-06-14 20:33:46 +03:00
h00die 4702d87684 cleanup 2020-06-12 10:46:44 -04:00