adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
31,380 Commits 27 Branches 1,043 Tags
89a033c19400ae5faeb6fb2eb98b105ceaa79a1e
Commit Graph

1012 Commits

Author SHA1 Message Date
jvazquez-r7 1f4fdb5d18 Update from master 2015-02-10 10:47:17 -06:00
William Vu a7156cf4a8 Fix zabbix_script_exec datastore 2015-02-05 02:53:22 -06:00
jvazquez-r7 fbf32669c6 Use single quote 2015-02-04 09:47:27 -06:00
julianvilas de09559cc8 Change HTTP requests to succeed when going through HTTP proxies 2015-02-04 15:32:14 +01:00
Julian Vilas f983c8171e Modify description to match both Struts 1.x and 2.x versions 2015-01-30 12:35:38 +01:00
Julian Vilas 1a11ae4021 Add new references about Struts 1 2015-01-29 23:27:52 +01:00
Julian Vilas 4cc5844baf Add Struts 1 support 2015-01-29 23:12:34 +01:00
Tod Beardsley bae19405a7 Various grammar, spelling, word choice fixes 2015-01-26 11:00:07 -06:00
jvazquez-r7 d8aa282482 Delete some double quotes 2015-01-22 18:21:25 -06:00
jvazquez-r7 4c72b096b6 Switch variable from file_name to operation 2015-01-22 18:20:11 -06:00
jvazquez-r7 b003d8f750 Do final cleanup 2015-01-22 18:17:14 -06:00
jvazquez-r7 911485f536 Use easier key name 2015-01-22 18:11:48 -06:00
jvazquez-r7 eff49b5fd3 Delete files with Rex::Java::Serialization 2015-01-22 17:59:43 -06:00
jvazquez-r7 37bf66b994 Install instaget with Rex::Java::Serialization 2015-01-22 16:54:49 -06:00
jvazquez-r7 20d7fe631e Auto detect platform without raw streams 2015-01-22 15:15:08 -06:00
jvazquez-r7 ad276f0d52 Retrieve version with Rex::Java::Serialization instead of binary streams 2015-01-22 14:52:19 -06:00
jvazquez-r7 f7aaad1cf1 Delete some extraneous commas 2015-01-19 17:25:45 -06:00
jvazquez-r7 dbc77a2857 Land #4517, @pedrib's exploit for ManageEngine Multiple Products Authenticated File Upload 
* CVE-2014-5301
 2015-01-19 17:23:39 -06:00
jvazquez-r7 6403098fbc Avoid sleep(), survey instead 2015-01-19 17:22:04 -06:00
jvazquez-r7 a6e351ef5d Delete unnecessary request 2015-01-19 17:14:23 -06:00
jvazquez-r7 ed26a2fd77 Avoid modify datastore options 2015-01-19 17:11:31 -06:00
jvazquez-r7 3c0efe4a7e Do minor style changes 2015-01-19 15:36:05 -06:00
jvazquez-r7 ddda0b2f4b Beautify metadata 2015-01-19 14:59:31 -06:00
Pedro Ribeiro 3768cf0a69 Change version to int and add proper timestamp 2015-01-14 22:59:11 +00:00
David Lanner c5cfc11d84 fix cookie regex by removing a space 2015-01-12 23:13:18 -05:00
Pedro Ribeiro c76aec60b0 Add OSVDB id and full disclosure URL 2015-01-08 23:29:38 +00:00
William Vu ea793802cc Land #4528, mantisbt_php_exec improvements 2015-01-08 04:50:00 -06:00
sinn3r ef97d15158 Fix msftidy and make sure all print_*s in check() are vprint_*s 2015-01-07 12:12:25 -06:00
James Lee 3e80efb5a8 Land #4521, Pandora FMS upload 2015-01-07 11:13:57 -06:00
James Lee 1ccef7dc3c Shorter timeout so we get shell sooner 
The request to execute our payload will never return, so waiting for the
default timeout (20 seconds) is pointless.
 2015-01-07 11:11:33 -06:00
James Lee efe83a4f31 Whitespace 2015-01-07 10:19:17 -06:00
Christian Mehlmauer 09bd0465cf fix regex 2015-01-07 11:54:55 +01:00
rcnunez b3def856fd Applied changes recommended by jlee-r7 
used Rex::ConnectionError
refactor begin/rescue blocks
removed ::URI::InvalidURIError
changed @peer with peer
used Exploit::CheckCode:Appears instead of Exploit::CheckCode::Vulnerable
 2015-01-07 18:38:19 +08:00
Christian Mehlmauer eaad4e0bea fix check method 2015-01-07 11:01:08 +01:00
Christian Mehlmauer 862af074e9 fix bug 2015-01-07 09:10:50 +01:00
Christian Mehlmauer d007b72ab3 favor include? over =~ 2015-01-07 07:33:16 +01:00
Christian Mehlmauer 4277c20a83 use include? 2015-01-07 06:51:28 +01:00
Christian Mehlmauer 39e33739ea support for anonymous login 2015-01-07 00:08:04 +01:00
Christian Mehlmauer bf0bdd00df added some links, use the res variable 2015-01-06 23:25:11 +01:00
Christian Mehlmauer f9f2bc07ac some improvements to the mantis module 2015-01-06 11:33:45 +01:00
rcnunez 547b7f2752 Syntax and File Upload BugFix 
Fix unexpected ) in line 118
Fix file cleanup missing _
Fix more robust version check script
Fix file upload
 2015-01-05 19:23:22 +08:00
Pedro Ribeiro c9b76a806a Create manageengine_auth_upload.rb 2015-01-04 17:05:53 +00:00
Tod Beardsley c1718fa490 Land #4440, git client exploit from @jhart-r7 
Also fixes #4435 and makes progress against #4445.
 2015-01-01 13:18:43 -06:00
Tod Beardsley d7564f47cc Move Mercurial option to advanced, update ref url 
See #4440
 2015-01-01 13:08:36 -06:00
Tod Beardsley 914c724abe Rename module 
See rapid7#4440
 2015-01-01 13:03:17 -06:00
Jon Hart 65977c9762 Add some more useful URLs 2014-12-31 10:54:04 -08:00
Christian Mehlmauer 96fe693c54 update drupal regex 2014-12-30 09:12:39 +01:00
Jon Hart 51049152b6 Use Rex::Text.rand_mail_address for more realistic fake commit 2014-12-26 10:39:52 -08:00
Jon Hart a692656ab7 Update comments to reflect reality, minor cleanup 2014-12-23 19:09:45 -08:00
Jon Hart 59f75709ea Print out malicious URLs that will be used by default 2014-12-23 10:10:31 -08:00