adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
37,996 Commits 27 Branches 1,043 Tags
66ec0011105ba65b4d15c6cfb76f4acc565eaf21
Commit Graph

9309 Commits

Author SHA1 Message Date
wchen-r7 28875313be Change class name to MetasploitModule 2016-04-08 14:27:52 -05:00
wchen-r7 ae46b5a688 Bring #6417 up to date with upstream-master 2016-04-08 13:41:40 -05:00
wchen-r7 c4aac2a54a Remove unwanted comments 2016-04-07 11:22:57 -05:00
James Lee 7658014fb7 Add CVEs 2016-04-07 08:39:29 -05:00
James Lee 87d59a9bfb Add exploit for ExaGrid known credentials 2016-04-07 04:17:43 -05:00
William Vu 11bf1018aa Fix typo 2016-04-06 14:20:41 -05:00
William Vu a4ef9980f4 Land #6677, atutor_sqli update 2016-04-05 19:52:44 -05:00
William Vu d9d257cb1a Fix some things 2016-04-05 19:23:11 -05:00
William Vu d23a1c4551 Bump deprecation date 2016-04-01 13:57:58 -05:00
William Vu 60bee16e8c Restore psexec_psh 
See @jabra-'s comments on #6222.
 2016-04-01 13:56:22 -05:00
wchen-r7 ae0aecdd03 Change class name for exploits/windows/ftp/pcman_put.rb 2016-03-31 19:36:02 -05:00
wchen-r7 de0e02549c Bring #6507 up to date with upstream-master 2016-03-31 19:30:45 -05:00
wchen-r7 f3336c7003 Update windows/http/easyfilesharing_seh 2016-03-31 19:24:06 -05:00
wchen-r7 dd83757966 Bring #6488 up to date with upstream-master 2016-03-31 19:11:11 -05:00
thao doan 82cec68606 Land #6427, removes the deprecated psexec_psh module; please use exploit/windows/smb/psexec instead 2016-03-30 12:58:43 -07:00
William Vu dee9adbc50 Remove deprecated psexec_psh module 2016-03-30 14:35:47 -05:00
wchen-r7 c7e63c3452 Land #6694, Add Apache Jetspeed exploit 
CVE-2016-0710
CVE-2016-0709
 2016-03-30 11:17:21 -05:00
wchen-r7 74f25f04bd Make sure to always print the target IP:Port 2016-03-30 11:16:41 -05:00
William Vu 2b90846268 Add Apache Jetspeed exploit 2016-03-23 19:22:32 -05:00
wchen-r7 102d28bda4 Update atutor_filemanager_traversal 2016-03-22 14:44:07 -05:00
wchen-r7 9cb43f2153 Update atutor_filemanager_traversal 2016-03-22 14:42:36 -05:00
Steven Seeley 3842009ffe Add ATutor 2.2.1 Directory Traversal Exploit Module 2016-03-22 12:17:32 -05:00
h00die ebc7316442 Spelling Fix 
Fixed Thorugh to Through
 2016-03-19 13:58:13 -04:00
wchen-r7 31279291c2 Resolve merge conflict for ie_unsafe_scripting.rb 2016-03-17 14:42:36 -05:00
wchen-r7 b1b68294bb Update class name 2016-03-17 14:41:23 -05:00
wchen-r7 7b2d717280 Change ranking to manual and restore BAP2 count to 21 
Since the exploit requires the target to be configured manually,
it feel more appropriate to be ManualRanking.
 2016-03-17 14:39:28 -05:00
James Lee 1375600780 Land #6644, datastore validation on assignment 2016-03-17 11:16:12 -05:00
James Lee af642379e6 Fix some OptInts 2016-03-16 14:13:18 -05:00
Brent Cook 1769bad762 fix FORCE logic 2016-03-16 09:53:09 -05:00
Brent Cook d70308f76e undo logic changes in adobe_flas_otf_font 2016-03-16 09:52:21 -05:00
wchen-r7 5ef8854186 Update ATutor - Remove Login Code 2016-03-15 17:37:37 -05:00
Adam Cammack 05f585157d Land #6646, add SSL SNI and unify SSLVersion opts 2016-03-15 16:35:22 -05:00
l0gan e29fc5987f Add missing stream.raw for hp_sitescope_dns_tool 
This adds the missing stream.raw.
 2016-03-15 11:06:06 -05:00
Brent Cook a50b21238e Land #6669, remove debug code from apache_roller_ognl_injection that breaks Windows 2016-03-13 14:14:10 -05:00
Brent Cook 23eeb76294 update php_utility_belt_rce to use MetasploitModule 2016-03-13 13:59:47 -05:00
Brent Cook a6316d326e Land #6662, update disclosure date for php_utility_belt_rce 2016-03-13 13:58:04 -05:00
Brent Cook dabe5c8465 Land #6655, use MetasploitModule as module class name 2016-03-13 13:48:31 -05:00
wchen-r7 b22a057165 Fix #6554, hardcoded File.open path in apache_roller_ognl_injection 
The hardcoded File.open path was meant for debugging purposes during
development, but apparently we forgot to remove it. This line causes
the exploit to be unusable on Windows platform.

Fix #6554
 2016-03-11 18:48:17 -06:00
Jay Turla 8953952a8f correction for the DisclosureDate based on Exploit-DB 2016-03-11 14:05:26 +08:00
James Barnett 7009682100 Landing #6659, Fix bug in MS08-067 related to incorrect service pack identification when fingerprinting 2016-03-10 14:29:29 -06:00
William Vu 8d22358892 Land #6624, PHP Utility Belt exploit 2016-03-09 14:12:45 -06:00
William Vu 52d12b68ae Clean up module 2016-03-09 14:08:26 -06:00
wchen-r7 179d38b914 Fix #6658, MS08-067 unable to find the right target for W2k3SP0 
Fix #6658.

When there is no service pack, the
Msf::Exploit::Remote::SMB#smb_fingerprint_windows_sp method returns
an empty string. But in the MS08-067 exploit, instead of check an
empty string, it checks for "No Service Pack", which causes it to
never detect the right target for Windows Server 2003 SP0.
 2016-03-09 11:05:34 -06:00
Christian Mehlmauer 3123175ac7 use MetasploitModule as a class name 2016-03-08 14:02:44 +01:00
Brent Cook f703fa21d6 Revert "change Metasploit3 class names" 
This reverts commit 666ae14259.
 2016-03-07 13:19:55 -06:00
Brent Cook 44990e9721 Revert "change Metasploit4 class names" 
This reverts commit 3da9535e22.
 2016-03-07 13:19:48 -06:00
Christian Mehlmauer 3da9535e22 change Metasploit4 class names 2016-03-07 09:57:22 +01:00
Christian Mehlmauer 666ae14259 change Metasploit3 class names 2016-03-07 09:56:58 +01:00
Brent Cook eea8fa86dc unify the SSLVersion fields between modules and mixins 
Also actually handle the 'Auto' option that we had in the crawler and remove
hardcoded defaults in modules that do not need them.
 2016-03-06 22:06:27 -06:00
Brent Cook a2c3b05416 Land #6405, prefer default module base class of simply 'Metasploit' 2016-03-06 17:10:55 -06:00