adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
57,151 Commits 27 Branches 1,043 Tags
77526bd6f45bea54ca8c06da930eddbd2c19e370
Commit Graph

14426 Commits

Author SHA1 Message Date
Spencer McIntyre ffebf48242 Land #13830, Add QEMU/KVM target for CVE-2019-0708 2020-07-16 16:00:16 -04:00
bwatters eb863048f0 Land #13741, CVE-2020-5741: Plex rce on Windows 
Merge branch 'land-13741' into upstream-master
 2020-07-16 10:20:50 -05:00
Brendan Coles 090b80eea7 Add Msf::Post::Unix.is_root? method 2020-07-12 00:47:56 +00:00
adfoster-r7 7e7881fbfa Land #13730, Add Pandora FMS Events Remote Code Execution (CVE-2020-13851) module and docs 2020-07-11 13:10:47 +01:00
Jeffrey Martin c61f34ed16 Land #13596, [GSoC] SQLi library with support to MySQL (and MariaDB) 2020-07-10 13:45:47 -05:00
kalba-security 957042f0a3 Nuke redundant force-exploit advanced option 2020-07-09 17:24:19 -04:00
kalba-security df42399f61 Add installation instructions to docs 2020-07-09 17:20:07 -04:00
kalba-security dc34acd070 Push to test autocheck issue 2020-07-09 16:43:18 -04:00
kalba-security 6bb20f41d8 Code review changes 2020-07-09 15:21:13 -05:00
kalba-security 36397a3e8f Add cmdstager support 2020-07-09 15:21:12 -05:00
kalba-security 3ac3dcb3cf Incorporate suggestios from code review 2020-07-09 15:21:12 -05:00
kalba-security c2abb40890 Fix HTTP timeout 2020-07-09 15:21:12 -05:00
kalba-security 3eceeca911 Add Pandora FMS Events Remote Code Execution module and docs 2020-07-09 15:21:12 -05:00
Stefan Pietsch 4c1b075679 Add QEMU/KVM target for CVE-2019-0708 2020-07-08 23:32:16 +02:00
William Vu 398c13a1b2 Add Mikhail Klyuchnikov's writeup as a reference 2020-07-08 14:36:42 -05:00
William Vu ee240393f4 Credit Mikhail Klyuchnikov for CVE-2019-19781 2020-07-08 14:35:16 -05:00
William Vu d726a2cdcb Fix a few final things 2020-07-07 12:06:05 -05:00
h00die 456bf6b948 update escapes 2020-07-07 01:17:26 -04:00
William Vu c8176b803a Add version information to the description 2020-07-06 16:24:22 -05:00
William Vu 7ef4cb64ad Tweak timeouts to avoid a race condition 2020-07-06 14:30:27 -05:00
William Vu be90526d5f Add vuln discovery credit and reference 2020-07-06 14:26:52 -05:00
William Vu 41bb4d3a8d Add dir_trav method back in 
I was wondering why I refactored it away. Oh, I needed it.
 2020-07-05 18:23:45 -05:00
William Vu 1f765d0e1f Upgrade CheckCodes, since the dir traversal passed 2020-07-05 16:29:53 -05:00
William Vu 6e7701ba21 Add rudimentary check method 2020-07-05 16:18:03 -05:00
William Vu 0417e88ff2 Add F5 BIG-IP TMUI RCE (CVE-2020-5902) 2020-07-05 15:22:15 -05:00
William Vu 36b5d237fa Make cmd/unix target types consistent to :unix_cmd 
There were some using :unix_command, and it was just an oversight.
 2020-07-05 11:16:47 -05:00
Brendan Coles f9a5de87f8 Land #13789, Add OpenSIS Unauthenticated PHP Code Execution module 2020-07-04 15:49:45 +00:00
h00die 89332d0056 native python for plex unpickle 2020-07-03 19:37:18 -04:00
EgiX b286eda4d1 Update opensis_chain_exec.rb 2020-07-03 18:00:36 +02:00
EgiX 3866d875e1 Update modules/exploits/unix/webapp/opensis_chain_exec.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2020-07-03 17:38:33 +02:00
EgiX 60ec23c271 Update opensis_chain_exec.rb 2020-07-01 23:38:07 +02:00
William Vu 01899d4843 Land #13787, AutoCheck mixin refactor with prepend 2020-07-01 14:49:03 -05:00
William Vu 08c1402be9 Land #13733, AnyDesk GUI CVE-2020-13160 exploit 2020-07-01 14:47:07 -05:00
William Vu 5ec31d2e41 Update recent modules to use prepend 2020-07-01 14:43:15 -05:00
William Vu ffc07d6c8f Merge remote-tracking branch 'upstream/master' into pr/13787 2020-07-01 14:42:16 -05:00
Spencer McIntyre a27bf9df38 Fix some grammatical mistakes and set a default target for anydesk 2020-07-01 15:27:33 -04:00
wvu-r7 e0fbc9fd05 Correct whitespace change 
Seems like a typo.
 2020-07-01 11:00:04 -05:00
Shelby Pace e2f6330755 Land #13725, fix error / clean up atutor exploit 2020-06-30 13:32:34 -05:00
William Vu 755d2d3261 Use subpar regex validation on LEAK_FILE 2020-06-30 11:17:26 -05:00
EgiX bd3f772bbc Add openSIS Unauthenticated PHP Code Execution 
This PR is for a module that exploit multiple vulnerabilities in openSIS 7.4 and prior versions which could be abused by unauthenticated attackers to execute arbitrary PHP code with the permissions of the webserver. The module has been successfully tested with openSIS version 7.3 and 7.4 running on a LAMP system.
 2020-06-30 15:35:32 +02:00
Alan Foster b841246536 Update autocheck to use prepend instead of include, add ForceExploit functionality 2020-06-30 11:40:46 +01:00
h00die a99a3c2d75 working albumn_name length thanks to acammack 2020-06-30 00:28:57 -04:00
Shelby Pace 2b1af9acaa Land #13610, add atutor auth dir trav / rce 2020-06-29 11:58:34 -05:00
Shelby Pace ad48170a18 replace forceexploit with autocheck 2020-06-29 11:54:01 -05:00
Shelby Pace f2c79ca1ef add changes for linux 2020-06-29 10:43:26 -05:00
William Vu 3ba619acee Land #13521, Bolt CMS authenticated RCE 2020-06-28 23:50:53 -05:00
William Vu 156eea4292 Fix cleanup blocking on payload execution 2020-06-28 23:07:10 -05:00
William Vu b81629d099 Clean up module 2020-06-28 23:07:10 -05:00
Niboucha Redouane 2c4ca04dca Rename the factory method for SQLi classes, and add a check on the class to instanciate 2020-06-27 14:51:54 +02:00
Jeffrey Martin aa6c037dbd refactor mixin as factory for sqli classes 2020-06-26 15:09:01 -05:00