adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
40,637 Commits 27 Branches 1,043 Tags
7ef4db1465e617efaa8cd85d968b754d0ccd660c
Commit Graph

771 Commits

Author SHA1 Message Date
Adam Cammack fe0a3c8669 Update themoon exploit to use wget command stager 2017-01-03 15:50:57 -06:00
William Vu afd8315e1d Remove apache_continuum_cmd_exec CmdStager flavor 
It is inferred from the platform, and we don't want to override it
needlessly. :bourne is what worked during testing, but it won't always
work. Now we can override the flavor with CMDSTAGER::FLAVOR.
 2016-12-27 16:24:16 -06:00
William Vu 1d6ee7192a Land #7427, new options for nagios_xi_chained_rce 2016-11-30 17:11:02 -06:00
William Vu 3e8cdd1f36 Polish up USER_ID and API_TOKEN options 2016-11-30 17:10:52 -06:00
William Webb 6c6221445c Land #7543, Create exploit for CVE-2016-6563 / Dlink DIR HNAP Login 2016-11-21 09:59:50 -06:00
Brent Cook 005d34991b update architecture 2016-11-20 19:09:33 -06:00
Brent Cook f313389be4 Merge remote-tracking branch 'upstream/master' into land-7507-uuid-arch 2016-11-20 19:08:56 -06:00
wchen-r7 4596785217 Land #7450, PowerShellEmpire Arbitrary File Upload 2016-11-17 17:47:15 -06:00
Jeffrey Martin c458d662ed report correct credential status as successful 2016-11-14 12:27:22 -06:00
Jeffrey Martin 4ae90cbbef Land #7191, Add exploit for CVE-2016-6267 - Trend Micro Smart Protection Server authenticated RCE. 2016-11-14 12:06:02 -06:00
Pedro Ribeiro 908713ce68 remove whitespace at end of module name 2016-11-14 08:35:34 +00:00
Pedro Ribeiro 50f578ba79 Add full disclosure link 2016-11-08 22:15:19 +00:00
Pedro Ribeiro 95bd950133 Point to proper link on github 2016-11-07 17:59:29 +00:00
Pedro Ribeiro f268c28415 Create dlink_hnap_login_bof.rb 2016-11-07 17:45:37 +00:00
Alex Flores 45d6012f2d fix check method 2016-10-30 14:57:42 -04:00
OJ 57eabda5dc Merge upstream/master 2016-10-29 13:54:31 +10:00
Quentin Kaiser c7b775ac1c Fix detection following @bwatters-r7 recommendations. Remove safesync exploit that shouldn't be here. 2016-10-28 18:03:56 +00:00
OJ 1d617ae389 Implement first pass of architecture/platform refactor 2016-10-28 07:16:05 +10:00
wolfthefallen 684feb6b50 moved STAGE0 and STAGE1 into datastore 2016-10-18 11:47:38 -04:00
wolfthefallen e806466fe3 correct carriage return and link issue 2016-10-17 10:31:39 -04:00
wolfthefallen 7e68f7d2a4 EmpirePowerShell Arbitrary File Upload (Skywalker) 2016-10-17 10:03:07 -04:00
Brent Cook cfddc734a8 Land #7286, WiFi pineapple preconfig command injection module 2016-10-14 12:57:42 -05:00
Brent Cook e05a325786 Land #7285, WiFi pineapple command injection via authentication bypass 2016-10-14 12:57:05 -05:00
h00die 9d2355d128 removed debug line 2016-10-10 10:23:51 -04:00
h00die 2ad82ff8e3 more nagios versatility 2016-10-10 10:21:49 -04:00
Brendan 04f8f7a0ea Land #7266, Add Kaltura Remote PHP Code Execution 2016-09-21 17:14:49 -05:00
Mehmet Ince 2d3c167b78 Grammar changes again. 2016-09-20 23:51:12 +03:00
Mehmet Ince 0f16393220 Yet another grammar changes 2016-09-20 19:48:40 +03:00
Mehmet Ince fb00d1c556 Another minor grammer changes 2016-09-20 19:23:28 +03:00
Brendan 251421e4a7 Minor grammar changes 2016-09-20 10:37:39 -05:00
Mehmet Ince 385428684f Move module and docs under the exploit/linux/http folder 2016-09-20 12:45:23 +03:00
catatonic c06ee991ed Adding WiFi pineapple command injection via authenticaiton bypass. 2016-09-06 17:22:25 -07:00
catatonic 8d40dddc17 Adding WiFi pineapple preconfig command injection module. 2016-09-06 17:18:36 -07:00
Quentin Kaiser e4d118108a Trend Micro SafeSync exploit. 2016-09-06 19:33:23 +00:00
William Vu fed2ed444f Remove deprecated modules 
psexec_psh is undeprecated because users have been reporting
idiosyncrasies between it and psexec in the field.
 2016-09-03 12:43:01 -05:00
Pearce Barry 226ded8d7e Land #6921, Support basic and form auth at the same time 2016-08-25 16:31:26 -05:00
wchen-r7 c64e1b8fe6 Land #7181, NUUO NVRmini 2 / Crystal / NETGEAR ReadyNAS Surveillance 2016-08-08 16:04:33 -05:00
wchen-r7 cb04ff48bc Land #7180, Add exploit for CVE 2016-5674 / Nuuo / Netgear unauth RCE 2016-08-08 15:55:39 -05:00
Quentin Kaiser 1320647f31 Exploit for Trend Micro Smart Protection Server (CVE-2016-6267). 2016-08-08 18:47:46 +00:00
Pedro Ribeiro 3b64b891a6 Update nuuo_nvrmini_unauth_rce.rb 2016-08-05 21:53:25 +01:00
Pedro Ribeiro 746ba4d76c Add bugtraq reference 2016-08-05 21:53:08 +01:00
Pedro Ribeiro 2aca610095 Add github link 2016-08-04 17:38:31 +01:00
Pedro Ribeiro 7d8dc9bc82 Update nuuo_nvrmini_unauth_rce.rb 2016-08-04 17:38:14 +01:00
Pedro Ribeiro b48518099c add exploit for CVE 2016-5674 2016-08-04 16:55:21 +01:00
Pedro Ribeiro 0deac80d61 add exploit for CVE 2016-5675 2016-08-04 16:54:38 +01:00
wchen-r7 1e1866f583 Fix #7158, tiki_calendar_exec incorrectly reports successful login 
Fix #7158
 2016-07-28 17:03:31 -05:00
Brendan 4720d77c3a Land #6965, centreon useralias exec 2016-07-26 15:02:36 -07:00
Brent Cook b08d1ad8d8 Revert "Land #6812, remove broken OSVDB references" 
This reverts commit 2b016e0216, reversing
changes made to 7b1d9596c7.
 2016-07-15 12:00:31 -05:00
Brent Cook 2b016e0216 Land #6812, remove broken OSVDB references 2016-07-11 22:59:11 -05:00
William Webb 52c6daa0f2 Land #7048, Riverbed SteelCentral NetProfiler and NetExpress Remote 
Command Injection
 2016-07-10 18:54:12 -05:00