adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
56,866 Commits 27 Branches 1,043 Tags
769b4ab5dc8efe72a960e645e1cdffbddbc91539
Commit Graph

28936 Commits

Author SHA1 Message Date
dwelch-r7 ef86fb95e8 Land #13748, replace off with false in instructions 2020-06-22 13:55:15 +01:00
h00die 6e93dcf8c2 Land #13645, Trend Micro WebSecurity RCE 2020-06-22 06:51:26 -04:00
h00die c61857be96 off to false 2020-06-21 16:21:40 -04:00
h00die 6a3633c2c0 fixing up some styles and such 2020-06-20 12:05:48 -04:00
mdisec 260607e8f9 Adding check on exploit method 2020-06-19 19:00:52 +03:00
mdisec 7ab5474175 Change check method and regex for cookie 2020-06-19 16:15:11 +03:00
Shelby Pace 738dd4b5ce Land #12277, add Agent Tesla panel rce module 2020-06-18 15:06:15 -05:00
Shelby Pace 1d6e7313ce remove ForceExploit option 2020-06-18 15:05:02 -05:00
Brendan Coles b068b717d4 Land #13605, ibm_openadmin_tool_soap_welcomeserver_exec: b64 encode payload 
Ensure the payload is sent base64 encoded then base64 decoded upon execution.
This mitigates potential payload corruption issues due to quoting or URL
encoding of request data on the server side.
 2020-06-18 18:08:32 +00:00
mdisec 229760a826 Fixing document file and module improvements 2020-06-18 20:11:55 +03:00
Shelby Pace db4006e9f6 Land #13607, add Cayin exploit modules 2020-06-18 10:33:49 -05:00
gwillcox-r7 199d7db222 Fix up items mentioned by @space-r7 during her review 2020-06-18 09:56:20 -05:00
gwillcox-r7 275ed6429e Fix up rubocop errors in the module 2020-06-17 15:11:55 -05:00
gwillcox-r7 eebacb8fbb Make adjustments so that this module only supports Windows so that we can land this for now. Linux support may be added in the future. 2020-06-17 14:56:40 -05:00
h00die 17bef31bc6 check shodan API key 2020-06-17 14:22:07 -04:00
gwillcox-r7 c29cf491ed Add idea for trying to fix up not being able to write to disk, may need further improvements 2020-06-17 12:36:00 -05:00
gwillcox-r7 25f32d68d5 Add in some RuboCop fixes 2020-06-17 11:15:10 -05:00
gwillcox-r7 c7bcd9152c Add in support to detect if the PHP payload was not uploaded successfully. 2020-06-17 11:13:24 -05:00
h00die 7bd2ba3aed remove debugging 2020-06-17 12:04:18 -04:00
h00die c2c931030f review comments 2020-06-17 11:47:11 -04:00
Tod Beardsley 655a323467 Add CVE-2020-7356 for Cayin xPost 2020-06-17 09:57:29 -05:00
Tod Beardsley dc54145fa9 Add CVE-2020-7357 as a reference for Caiyn CMS 2020-06-17 09:56:10 -05:00
gwillcox-r7 3787849a6b Fix cleanup code for Windows, should now have good working Windows code 2020-06-16 14:49:09 -05:00
gwillcox-r7 cc0ab19dea Clear up release date and add more comments explaining purpose of some of the resource links 2020-06-16 12:17:13 -05:00
gwillcox-r7 b6dfbe926c Simplify the Description field of the exploit 2020-06-16 11:58:51 -05:00
h00die 783257ce4e fix author 2020-06-16 12:19:54 -04:00
RAMELLA Sébastien 876836bcce update doc and fix module syntax. 2020-06-16 10:47:51 -05:00
RAMELLA Sébastien fbffefbdb2 add. original module edb reference. 2020-06-16 10:47:50 -05:00
RAMELLA Sébastien 1ab77af898 fix. remove setup function initialization 2020-06-16 10:47:50 -05:00
RAMELLA Sébastien 624c69bebf add. authenticated exploitation 2020-06-16 10:47:50 -05:00
RAMELLA Sébastien 1a9431d965 fix. json parser and add random number into sqli 2020-06-16 10:47:49 -05:00
RAMELLA Sébastien c704dba44c add. agent tesla panel rce exploit module 2020-06-16 10:47:49 -05:00
gwillcox-r7 135d90e1dc Land #13628, Fix dead link in postgres_payload.rb 2020-06-16 09:30:51 -05:00
Adam Galway 2c4d158086 Land #13170, Blind RCE exploit for Zivif Cameras 2020-06-16 13:05:35 +01:00
Adam Galway 4eba47f421 Land #13303, Arista TACAS+ Shell Escape 2020-06-16 12:49:05 +01:00
Silas Cutler 801ae57f12 Update zivif_ipcheck_exec.rb 
Removed single space at the end of line 44
 2020-06-15 23:13:20 -04:00
Silas Cutler 5f29af114b Added documentation and set default payload 2020-06-15 15:51:28 -04:00
Silas Cutler c01595799e Removed +x flag on zivif module 2020-06-15 15:05:58 -04:00
silascutler 7787cc171e Fixed tab/space problem and unmarked file executable 2020-06-15 16:37:05 +00:00
silascutler 79a4e73b69 Updated to use current epoch time in HTTP request and removed trailing whitespace 2020-06-15 15:31:27 +00:00
Silas Cutler c27ebf25ba Update modules/exploits/unix/http/zivif_ipcheck_exec.rb 
Co-authored-by: adamgalway-r7 <adam_galway@rapid7.com>
 2020-06-15 11:10:01 -04:00
Shelby Pace 1cb57a7e79 Land #13444, add GOG Galaxy Client Privesc 2020-06-15 08:53:12 -05:00
Shelby Pace 21ccb229b2 rubocop changes 2020-06-15 08:48:51 -05:00
Shelby Pace 34366ea680 add notes, finish check 2020-06-15 08:36:32 -05:00
SecurityBytesMe d4fb1be83a Update check code for arista_tacacs_shell.rb 2020-06-14 15:13:30 -07:00
SecurityBytesMe ffc49ccf83 General cleanup 2020-06-14 15:10:41 -07:00
SecurityBytesMe 34e3e3c9e8 Removal of Exploit:: on CheckCode 2020-06-14 15:06:42 -07:00
SecurityBytesMe ff402ea9ac applied linting and cleaning return checks 
rubocop and msftidy applied
modified check return codes
 2020-06-14 14:55:43 -07:00
mdisec a0740f4698 Add trend micro websecurity rce 2020-06-14 20:33:46 +03:00
Alexandre ZANNI 2027b17b6e postgres_payload: fix deadlink 
Replace the original link (dead) by the cached version in web archive.
 2020-06-14 16:39:46 +02:00