adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
31,532 Commits 27 Branches 1,043 Tags
7fa8e4faaefa5720d779e5ebd63ffcd2bba7e01c
Commit Graph

7950 Commits

Author SHA1 Message Date
jvazquez-r7 aaab4b401a Fix indenting and use primer 2015-03-04 10:46:34 -06:00
jvazquez-r7 0e57277dc1 Do cleanup 2015-03-04 10:33:57 -06:00
jvazquez-r7 b9ed8178a9 Solve conflicts on ms13_071_theme 2015-03-04 10:28:52 -06:00
Matthew Hall 4757698c15 Modify primer to utilise file_contents macro. 2015-03-04 09:52:00 +00:00
jvazquez-r7 80b76436bb Land #4831, @wchen-r7's update for MS14-064 exploit 
* Support Windows XP with VBScript technique
 2015-03-03 19:19:49 -06:00
sinn3r 7591e9ece3 Unbreak the comment 2015-03-03 19:14:18 -06:00
sinn3r 79e7bf7f9c Update comments and description 2015-03-03 19:13:15 -06:00
William Vu ecd7ae9c3b Land #4857, symantec_web_gateway_restore module 2015-03-02 15:00:10 -06:00
sinn3r ad28f9767f Use include 2015-03-02 14:41:25 -06:00
sinn3r cb140434f9 Update 2015-03-02 12:59:21 -06:00
OJ 905a539a00 Add exploit for Seagate Business NAS devices 
This module is an exploit for a pre-authenticated remote code execution
vulnerability in Seagate Business NAS products.
 2015-03-01 13:25:28 +10:00
sinn3r 4a1fbbdc3b Use datastore to find payload name 2015-02-28 19:56:32 -06:00
sinn3r ef9196ba6c Correct comment 2015-02-27 13:27:49 -06:00
sinn3r 7b6c39058a Correct target name 2015-02-27 13:24:57 -06:00
sinn3r 90aff51676 Add CVE-2014-7285, Symantec Web Gateway restore.php Command Injection 2015-02-27 12:31:29 -06:00
Tod Beardsley 94b4bc24bd Minor word choice changes 
[See #4804]
 2015-02-24 12:29:11 -06:00
Brent Cook cf913e521c Land #4832 @wvu-r7 remove and merge duplicate hash key initializers 2015-02-24 08:38:09 -06:00
William Vu 5cdb678654 Fix invalid use of RPORT (should be RHOST) 2015-02-24 05:24:09 -06:00
William Vu aa1e1a5269 Fix duplicate hash key "Platform" 
In modules/exploits/windows/mssql/mssql_linkcrawler.rb.
 2015-02-24 05:19:56 -06:00
William Vu 57642377cc Fix duplicate hash key "MinNops" 
In modules/exploits/windows/backupexec/name_service.rb.
 2015-02-24 05:19:55 -06:00
William Vu f2c96b4fdd Fix duplicate hash key "DefaultOptions" 
In modules/exploits/windows/browser/ntr_activex_stopmodule.rb.
 2015-02-24 05:19:54 -06:00
William Vu b671c9b496 Fix duplicate hash key "DefaultOptions" 
In modules/exploits/windows/browser/oracle_autovue_setmarkupmode.rb.
 2015-02-24 05:19:53 -06:00
William Vu 2e90f266fa Fix duplicate hash key "massage_array" 
In modules/exploits/windows/browser/ms13_090_cardspacesigninhelper.rb.
 2015-02-24 05:19:52 -06:00
William Vu e618c2f112 Fix duplicate hash key "DefaultOptions" 
In modules/exploits/windows/browser/cisco_playerpt_setsource_surl.rb.
 2015-02-24 05:19:51 -06:00
William Vu 2ffa368c18 Fix duplicate hash key "DefaultOptions" 
In modules/exploits/windows/browser/ntr_activex_check_bof.rb.
 2015-02-24 05:19:50 -06:00
William Vu a8f0af4409 Fix duplicate hash key "DefaultOptions" 
In modules/exploits/windows/browser/cisco_playerpt_setsource.rb.
 2015-02-24 05:19:49 -06:00
William Vu ff73b4d51a Fix duplicate hash key "DefaultOptions" 
In modules/exploits/windows/local/pxeexploit.rb.
 2015-02-24 05:19:48 -06:00
William Vu 53e45498ca Fix duplicate hash key "DefaultOptions" 
In modules/exploits/windows/http/hp_pcm_snac_update_certificates.rb.
 2015-02-24 05:19:47 -06:00
William Vu 943ff2da75 Fix duplicate hash key "DefaultOptions" 
In modules/exploits/windows/http/hp_pcm_snac_update_domain.rb.
 2015-02-24 05:19:46 -06:00
William Vu 6aa3952c91 Fix duplicate hash key "Platform" 
In modules/exploits/windows/scada/winlog_runtime_2.rb.
 2015-02-24 05:19:45 -06:00
sinn3r 8d17aa04ee Update the title too 2015-02-24 00:46:35 -06:00
sinn3r 578a545b22 Update MS14-064 for Windows XP 2015-02-23 23:08:13 -06:00
William Vu 933c4a05b4 Land #4814, ms04_011_pct improved error messages 2015-02-22 23:51:14 -06:00
William Vu 2609a2acee Land #4815, MS15-001 reference update 2015-02-21 21:05:03 -06:00
Christian Mehlmauer 7d42dcee9c Land #4769, Wordpress holding-pattern theme file upload 2015-02-21 23:13:06 +01:00
Christian Mehlmauer 9223c23eb4 Land #4808, Wordpress plugin upload module 2015-02-21 23:01:15 +01:00
sinn3r aa8a82f44f Update MS15-001 reference 2015-02-21 08:39:21 -06:00
rastating 708340ec5a Tidy up various bits of code 2015-02-21 12:53:33 +00:00
jvazquez-r7 ef62e1fc04 Land #4798, @wchen-r7's deletion of x64 support on ms13_022_silverlight_script_object 
* Ungenuine support, well deleted
 2015-02-21 01:11:09 -06:00
jvazquez-r7 ef990223d5 Move arch out of target 2015-02-21 01:10:35 -06:00
sinn3r 441c301fd3 Fix #4458, more informative errors for ms04_011 
Fix #4458
 2015-02-21 00:32:20 -06:00
rastating 76a64b31d7 Resolve msftidy issues 2015-02-21 01:41:29 +00:00
rastating 7d30b214ee Add WordPress admin shell upload module 2015-02-21 01:31:33 +00:00
sinn3r 40972220e3 Land #4804, HP Client Automation Command Injection 2015-02-20 16:56:03 -06:00
Brent Cook b624278f9d Merge branch 'master' into land-4706-smb_reflector 2015-02-20 10:26:04 -06:00
Matthew Hall e6ecdde451 Modify SMB generation code to use primer based on #3074 changes to 
implement Msf::Exploit::Remote::SMB::Server::Share as a mixin.
 2015-02-20 11:35:22 +00:00
jvazquez-r7 1633a6d4fd Read response back while staging 2015-02-20 01:06:47 -06:00
jvazquez-r7 b0c6671721 Add module for ZDI-15-038, HPCA command injection 2015-02-20 00:41:17 -06:00
sinn3r 49f4b68671 Land #4790, injecting code into eval-based Javascript unpackers 2015-02-19 12:33:52 -06:00
sinn3r 036a6089eb Drop ungenuine x64 support in ms13_022_silverlight_script_object 
The MS13-022 exploit does not actually run as x64. IE by default
still runs x86 so BES will always automatically select that target.

If IE forces x64 (which can be done manually), the BES detection
code will see it as ARCH_X86_64, and the payload generator will
still end up generating a x86 payload anyway.

If the user actually chooses a x64 payload, such as
windows/x64/meterpreter/reverse_tcp, the exploit is going to crash
because you can't run x64 shellcode on an x86 architecture.
 2015-02-19 10:39:43 -06:00