adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
56,792 Commits 27 Branches 1,043 Tags
876836bcce89fc2dc46ebc700ecea4ef3b510c21
Commit Graph

2059 Commits

Author SHA1 Message Date
RAMELLA Sébastien 876836bcce update doc and fix module syntax. 2020-06-16 10:47:51 -05:00
RAMELLA Sébastien fbffefbdb2 add. original module edb reference. 2020-06-16 10:47:50 -05:00
RAMELLA Sébastien 1ab77af898 fix. remove setup function initialization 2020-06-16 10:47:50 -05:00
RAMELLA Sébastien 624c69bebf add. authenticated exploitation 2020-06-16 10:47:50 -05:00
RAMELLA Sébastien 1a9431d965 fix. json parser and add random number into sqli 2020-06-16 10:47:49 -05:00
RAMELLA Sébastien c704dba44c add. agent tesla panel rce exploit module 2020-06-16 10:47:49 -05:00
Shelby Pace 51fca24a38 Land #13545, add drag / drop file upload rce 2020-06-04 10:35:03 -05:00
Shelby Pace 329ba1091f add session_created, fix typo 2020-06-04 10:32:17 -05:00
h00die 0df1a2a502 more error handling 2020-06-04 06:45:29 -04:00
h00die 434a1f587f rubocop 2020-06-03 10:44:48 -04:00
h00die a2e385e565 more fixes 2020-06-03 10:42:25 -04:00
Zenofex 8f587e4c6f A user reported that the CVE-2020-12720 modules were not properly handling cases where a table prefix was not used, this guard clauses was redundant in that the one inside the get_table_prefix method is already checking the result of the SQL injection performed. 2020-06-02 19:16:35 -05:00
h00die ff067088fd docs 2020-06-02 16:24:04 -04:00
h00die 41b512ecda dnd multi file upload rce 2020-05-30 21:07:46 -04:00
Zenofex 7bf2a802b1 Check for existance of res in guard clauses through getindexablecontent exploit and aux module. 2020-05-28 20:00:19 -05:00
Zenofex e5dcb2e23c Switch to use res.get_json_document from JSON.parse and more cleanup. 2020-05-28 11:16:44 -05:00
Zenofex b8e8606977 Added actions to module for dumpuser/dumpall option (and removed module option) plus misc syntax formatting. 2020-05-28 10:13:18 -05:00
Zenofex 7ef7af0d30 Ran msftidy across documentation and made recommended changes to clean up module for MSF pull request. 2020-05-26 17:31:02 -05:00
Zenofex e7d7ddc213 Initial push of vbulletin_getIndexableContent auxillary and exploit modules + documentation. 2020-05-23 03:20:46 -05:00
Spencer McIntyre 2c61fd0aff Update Apache Shiro RCE module docs 2020-04-28 14:24:17 -04:00
L daf31a3178 Avoid server load balancing 2020-04-27 10:50:34 -05:00
L 64ecd1f95a fixed 2020-04-27 10:50:09 -05:00
L 5732b0f038 fixed 2020-04-27 10:50:09 -05:00
L f8f90e5b98 Add default payload 2020-04-27 10:50:09 -05:00
L 6835d2cd9f Replace <tab> to space 2020-04-27 10:50:09 -05:00
L 1116635477 fixed 2020-04-27 10:50:09 -05:00
L 0516f6e5de Add shiro_rememberme_v124_deserialize Module 2020-04-27 10:50:09 -05:00
William Vu 823c29a127 Update post-RuboCop style in my recent modules 
Mostly 80 columns (yeah, I know) and additional whitespace to complement
the lack of alignment.
 2020-04-22 10:52:00 -05:00
William Vu 7fe0d4ddad Add another blank line 2020-04-17 11:05:01 -05:00
William Vu 4952ec3e5b Fix RuboCop's mistakes in recently landed modules 2020-04-17 10:21:17 -05:00
Alan Foster f2c3fc5f00 Rubocop recently landed modules 2020-04-17 11:55:04 +01:00
William Vu 287ce98155 Don't be lazy anymore and pack lengths as shorts 2020-04-15 15:47:51 -05:00
William Vu 3f8bff2b5a Fix bad regex on length of "Metasploit" string 
It won't match a char because it's a newline. While sticking "m" on the
end of the regex would work, there is zero reason we can't hardcode the
length, since the string is fixed.

irb(main):001:0> "\nhi" =~ /.hi/
=> nil
irb(main):002:0> "\nhi" =~ /.hi/m
=> 0
irb(main):003:0>
 2020-04-15 15:47:50 -05:00
William Vu 4bf2c5edf8 Rename exploit_class to constructor_class 2020-04-15 15:47:50 -05:00
William Vu 79501472ae Wrap jenkins_metaprogramming Base64 at 80 columns 
I think I chose Rex::Text::DefaultWrap (60 columns) before to offer a
consistent wrap regardless of indentation. Kind of a dumb waste of
space.
 2020-04-15 15:47:50 -05:00
William Vu 80817204c9 Improve jenkins_metaprogramming here docs 
Hat tip @adfoster-r7 for the indirect reminder!
 2020-04-15 15:47:50 -05:00
William Vu a73a542399 Add a comment to appease the @gwillcox-r7 god 2020-04-14 23:10:28 -05:00
William Vu c02f74637f Update print and comments 2020-04-14 23:06:38 -05:00
William Vu 0dedf9225e s/for/of/ 2020-04-14 22:56:09 -05:00
William Vu c95823d71d Comment convenience method 2020-04-14 22:07:13 -05:00
William Vu 8f4aa7b761 Comment more comments 2020-04-14 22:04:25 -05:00
William Vu 99c5912cc7 Comment another comment and move stuff around 2020-04-14 21:59:43 -05:00
William Vu b9382230f6 Comment my comments to myself 2020-04-14 21:41:51 -05:00
William Vu c9c3f87203 Note tested version in module 2020-04-14 14:01:59 -05:00
William Vu 5fbaf87c96 Move ClassLoader to HTTP::ClassLoader 
Also note the SSL workaround.
 2020-04-14 14:01:18 -05:00
William Vu 9b59a8e194 Be more verbose and validate classloader server 2020-04-14 14:01:18 -05:00
William Vu 06f54765c3 Remove res.code == 200 check again 
It really isn't necessary when we're looking for just the header.
 2020-04-14 14:01:18 -05:00
William Vu 6f77f27ed5 Move deregister_options from module to mixin 
Whoops, forgot this.
 2020-04-14 14:01:18 -05:00
William Vu c21bb7e9dd Bump a CheckCode to Detected 
We get the Liferay-Portal header.
 2020-04-14 14:01:18 -05:00
William Vu 69e1714d9a Don't be lazy anymore and pack lengths as shorts 2020-04-14 14:01:18 -05:00