adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
47,411 Commits 27 Branches 1,043 Tags
6d3db92fb235b5b438d35eb042c682a7b04bf1f5
Commit Graph

24345 Commits

Author SHA1 Message Date
Tim W 70a1df70a1 Land #9753, Linux BPF sign extension local privesc 2018-07-18 18:44:14 +08:00
William Vu 5650412cc2 Land #10317, nil fix for enum_dns 2018-07-17 13:03:06 -05:00
Jacob Robles 677b22698d Land #10273, [clean up] iis_webdav_scstoragepathfromurl 2018-07-17 09:33:32 -05:00
Brendan Coles 6bf184dbcf Update tested versions 2018-07-17 06:24:16 +00:00
William Vu 9a7c34e6e9 Land #10064, Claymore Dual Miner API RCE 2018-07-16 18:02:20 -05:00
Brendan Coles 7524af35ec Check if IPRANGE was supplied - Fix #10316 2018-07-15 15:38:56 +00:00
Jacob Robles 134417b598 Account for nil 2018-07-14 10:44:09 -05:00
Jacob Robles 6e450973b9 Land #10295, Add QNAP Q'Center change_passwd Command Execution exploit 2018-07-14 10:09:46 -05:00
Jacob Robles 18e65abc54 Fix link 2018-07-14 10:03:01 -05:00
Brendan Coles 9bdec97b2e Fix bpf_sign_extension_priv_esc 2018-07-13 23:01:17 +00:00
Brent Cook 72e5b94eb8 Land #10293, fixup php/base64 and add docs for cmd/unix/reverse_bash 2018-07-13 17:15:22 -05:00
Brendan Coles 4e72dff791 Update module references 2018-07-14 05:03:13 +10:00
Wei Chen b40a146723 Land #10297, Add priv escalation mod for CVE-2018-8897 2018-07-13 10:54:25 -05:00
bwatters-r7 f33d12676f Added License, make msftidy happy, and include original cve project 
readme document.
 2018-07-13 10:19:41 -05:00
bwatters-r7 4fa2a4775d Update the target check and added cleanup 2018-07-13 09:27:41 -05:00
Wei Chen 9ba0a72ea1 Rename file 2018-07-13 01:11:37 -05:00
Wei Chen e1e8444188 Clean up ruby code for CVE-2018-8897 2018-07-13 01:06:21 -05:00
Brendan Coles a020d48caf Move module documentation to documentation directory 2018-07-13 04:46:25 +00:00
Wei Chen f02c05e530 This one is the same as cve_2018_8897_exe.rb 2018-07-12 22:09:44 -05:00
William Vu c9001699cd Land #10027, Hadoop unauthed command execution 2018-07-12 21:58:49 -05:00
William Vu 50252c75d6 Clean up module 
With a little rubocop -a.
 2018-07-12 21:58:00 -05:00
William Vu 2f37482535 Land #10278, gitlist_arg_injection fixes 2018-07-12 19:03:52 -05:00
Wei Chen e613b2570a Land #10299, Add 88 CVEs to various auxiliary and exploit modules 2018-07-12 18:26:07 -05:00
William Vu 88bbc50104 Utilize uniq to make char array more readable 
Hat tip @bcoles.
 2018-07-12 17:59:12 -05:00
bwatters-r7 cfcb77afd0 Rename to please msftidy 2018-07-12 17:41:06 -05:00
William Vu 3546286049 Add missed ARCH_CMD to top-level Arch array 
It's not necessary because of targets, but it's required for printing.
 2018-07-12 17:37:06 -05:00
asoto-r7 1a3a4ef5e4 Revised 88 aux and exploit modules to add CVEs / references 2018-07-12 17:34:52 -05:00
bwatters-r7 156b822401 First stab at cve-2018-8897 2018-07-12 17:31:53 -05:00
Brendan Coles 4b62f41369 Add QNAP Q'Center change_passwd Command Execution exploit 2018-07-12 20:00:17 +00:00
William Vu 3dda19f3c6 Update documentation in cmd/unix/reverse_bash 
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=146464
https://bugs.launchpad.net/ubuntu/+source/bash/+bug/215034
 2018-07-12 13:29:33 -05:00
William Vu 1f0535618d Document bareword string deprecation in php/base64 2018-07-12 13:29:33 -05:00
William Vu 378930e5f4 Prefer %w array over quoted array in php/base64 
irb(main):001:0> ["(",")",".","_","c","h","r","e","v","a","l","b","s","6","4","d","o"] == %w{( ) . _ c h r e v a l b s 6 4 d o}
=> true
irb(main):002:0>
 2018-07-12 13:29:33 -05:00
Brendan Coles 904de2dd09 Land #10238, Add ManageEngine Exchange Reporter Plus RCE exploit 2018-07-12 16:07:32 +00:00
Kacper Szurek 486225c2a8 Code review changes 
Use target_uri, split url inside normalize function, replace print with vprint, return CheckCode::Appears
 2018-07-12 14:27:28 +02:00
William Vu acb20e5a29 Land #9780, CouchDB auth bypass and RCE 2018-07-12 03:36:17 -05:00
William Vu a08420e0d0 Land #10286, Docker server version scanner 2018-07-12 03:08:41 -05:00
William Vu cce3b6f369 Clean up module 2018-07-12 02:57:14 -05:00
William Vu f53080ee60 Fix exploit and do final cleanup 2018-07-12 02:13:30 -05:00
William Vu 167745c124 Selectively add RuboCop fixes 2018-07-11 22:49:46 -05:00
William Vu ccc3267166 Correct rubocop -a 
We'll update .rubocop.yml later.
 2018-07-11 22:49:46 -05:00
William Vu ca5e496b8f Run rubocop -a 2018-07-11 21:40:19 -05:00
Agora Security 7d8b9a90d7 Add more reporting 2018-07-11 17:22:48 -04:00
Agora Security 30c43e22d9 Fix typo 2018-07-11 17:04:31 -04:00
Agora Security bb8ac4a7ab Add info & update_info 2018-07-11 16:52:16 -04:00
Shelby Pace 1ded8ffb29 Land #10260, Add phpMyAdmin v4.8.1/4.8.0 LFI RCE 2018-07-11 11:10:52 -05:00
Agora Security 1f0045fa03 Improve Description 2018-07-11 01:27:10 -04:00
Agora Security 00f4d3967c Add basic reporting 2018-07-11 00:47:43 -04:00
Agora Security d488b51264 Use peer instead of ip & port 2018-07-11 00:41:55 -04:00
Agora Security 5a89642ddd Simplify the module greatly 2018-07-11 00:15:56 -04:00
Agora Security ffc2f044cc Remove lines that were not required 2018-07-11 00:04:44 -04:00