adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
58,004 Commits 27 Branches 1,043 Tags
5eb2884c7eaef633a6b2dc4e01a0640929ca2ebf
Commit Graph

2106 Commits

Author SHA1 Message Date
William Vu a6f7c0c0de Backport miscellaneous fixes to my modules 2020-08-14 13:40:23 -05:00
Tod Beardsley f401f48138 Update vbulletin module with correct CVE 
Apparently someone snarfed the CVE for this out from under me. Since they were faster
to publish, we should use that number instead of the one out of our block.
 2020-08-14 08:25:57 -05:00
Spencer McIntyre 24b1235cf7 Whitespace adjustment and remove superfluous return statements 2020-08-12 13:59:25 -04:00
Amir Etemadieh 0b1efd0fe9 Update modules/exploits/multi/http/vbulletin_widget_template_rce.rb 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2020-08-12 09:33:16 -07:00
Zenofex e334217636 Fix from bad merge for vbulletin_widget_template_rce module. 2020-08-11 19:09:14 -05:00
Zenofex 8db34ea91b vBulletin_widget_template_rce merge 2020-08-11 18:40:09 -05:00
Zenofex 3ef01c468f Ran vBulletin_widget_template_rce through rubocop, cleaned up results. 2020-08-11 18:38:41 -05:00
Tod Beardsley 19618d9bd2 Add CVE-2020-7373 in the references 2020-08-11 14:22:11 -05:00
Zenofex 0dab52ef35 A few last changes from msftidy and msftidy_docs. 2020-08-09 18:25:13 -05:00
Zenofex 661e2a680b Initial push of exploit and module for vbulletin_widget_template_rce vulnerability. 2020-08-09 17:38:52 -05:00
gwillcox-r7 2ca508c08e Further edits for RuboCop and msftidy_docs.rb compliance 2020-08-06 11:18:39 -05:00
gwillcox-r7 5c6530d9e5 Update module description and documentation to have a better description of what is going on and to also fix further copies of the typos that were pointed out. 2020-08-06 10:50:47 -05:00
Jericho 41e22992ff typo and touch-ups to desc 
typo and touch-ups to desc
 2020-08-04 16:59:57 -06:00
Shelby Pace 768d104f12 randomize os, delete payload 2020-07-28 17:19:26 -05:00
Shelby Pace 99cf54977f rubocop 2020-07-28 16:48:32 -05:00
Shelby Pace c79c9fc280 reverse xor arguments 2020-07-28 16:47:35 -05:00
Ege Balcı 26f869f860 Update modules/exploits/multi/http/baldr_upload_exec.rb 2020-07-28 11:07:46 +03:00
Ege Balcı fb745f78cc Update modules/exploits/multi/http/baldr_upload_exec.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-07-28 10:53:16 +03:00
Ege Balcı 5d49367726 Update modules/exploits/multi/http/baldr_upload_exec.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-07-28 10:52:37 +03:00
Ege Balcı fef9a23692 Update modules/exploits/multi/http/baldr_upload_exec.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-07-28 10:51:03 +03:00
Ege Balcı 7985eafda0 Add Baldr Botnet Panel RCE Module 2020-07-24 07:45:43 +03:00
William Vu 5ec31d2e41 Update recent modules to use prepend 2020-07-01 14:43:15 -05:00
Alan Foster b841246536 Update autocheck to use prepend instead of include, add ForceExploit functionality 2020-06-30 11:40:46 +01:00
Shelby Pace 2b1af9acaa Land #13610, add atutor auth dir trav / rce 2020-06-29 11:58:34 -05:00
Shelby Pace ad48170a18 replace forceexploit with autocheck 2020-06-29 11:54:01 -05:00
Shelby Pace f2c79ca1ef add changes for linux 2020-06-29 10:43:26 -05:00
Shelby Pace 2f6847c321 move login to its own method 2020-06-26 14:50:34 -05:00
kalba-security d0509fecf4 Improve the method of setting the cmdstager flavor 2020-06-24 06:50:00 -04:00
kalba-security 18926e874c Fix file_traversal_path check 2020-06-23 15:26:14 -04:00
kalba-security d1792bdf51 Add extra suggestion from code review 2020-06-18 16:48:46 -04:00
kalba-security 57f40053da Improve autoselect (incorporate suggestions from code review) 2020-06-18 16:39:11 -04:00
Shelby Pace 738dd4b5ce Land #12277, add Agent Tesla panel rce module 2020-06-18 15:06:15 -05:00
Shelby Pace 1d6e7313ce remove ForceExploit option 2020-06-18 15:05:02 -05:00
gwillcox-r7 199d7db222 Fix up items mentioned by @space-r7 during her review 2020-06-18 09:56:20 -05:00
gwillcox-r7 275ed6429e Fix up rubocop errors in the module 2020-06-17 15:11:55 -05:00
gwillcox-r7 eebacb8fbb Make adjustments so that this module only supports Windows so that we can land this for now. Linux support may be added in the future. 2020-06-17 14:56:40 -05:00
gwillcox-r7 c29cf491ed Add idea for trying to fix up not being able to write to disk, may need further improvements 2020-06-17 12:36:00 -05:00
gwillcox-r7 25f32d68d5 Add in some RuboCop fixes 2020-06-17 11:15:10 -05:00
gwillcox-r7 c7bcd9152c Add in support to detect if the PHP payload was not uploaded successfully. 2020-06-17 11:13:24 -05:00
gwillcox-r7 3787849a6b Fix cleanup code for Windows, should now have good working Windows code 2020-06-16 14:49:09 -05:00
gwillcox-r7 cc0ab19dea Clear up release date and add more comments explaining purpose of some of the resource links 2020-06-16 12:17:13 -05:00
gwillcox-r7 b6dfbe926c Simplify the Description field of the exploit 2020-06-16 11:58:51 -05:00
RAMELLA Sébastien 876836bcce update doc and fix module syntax. 2020-06-16 10:47:51 -05:00
RAMELLA Sébastien fbffefbdb2 add. original module edb reference. 2020-06-16 10:47:50 -05:00
RAMELLA Sébastien 1ab77af898 fix. remove setup function initialization 2020-06-16 10:47:50 -05:00
RAMELLA Sébastien 624c69bebf add. authenticated exploitation 2020-06-16 10:47:50 -05:00
RAMELLA Sébastien 1a9431d965 fix. json parser and add random number into sqli 2020-06-16 10:47:49 -05:00
RAMELLA Sébastien c704dba44c add. agent tesla panel rce exploit module 2020-06-16 10:47:49 -05:00
kalba-security b5ad7a8511 Use session_created, update documentation 2020-06-15 13:37:59 -04:00
kalba-security 8bc35859ff Remove comment left from testing 2020-06-15 13:22:06 -04:00