adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
42,217 Commits 27 Branches 1,043 Tags
8ac5d2d37762161966fc3a74e29dd596fa796812
Commit Graph

21995 Commits

Author SHA1 Message Date
Adam Cammack 18d95b6625 Land #8346, Templatize shims for external modules 2017-05-10 18:15:54 -05:00
James Lee d00685a802 Don't run a DoS during wmap scans 2017-05-10 14:41:24 -05:00
Brent Cook faf01ed5ef Land #8353, add aux scanner for Intel AMT digest bypass 2017-05-09 18:45:21 -05:00
James Lee 72388a957f Land #8355, IIS ScStoragePathFromUrl 
See #8162
 2017-05-09 11:06:01 -05:00
Christian Mehlmauer 2b4ace9960 convert to "screaming snake" 2017-05-09 09:30:45 +02:00
Brent Cook cf487cc90c reverse_ncat_ssl is stable 2017-05-08 17:43:34 -05:00
Christian Mehlmauer f70b402dd9 add comment 2017-05-09 00:17:00 +02:00
Brent Cook 86365c89d1 Land #8352, style updates for lotus_domino_hashes 2017-05-08 17:11:44 -05:00
Christian Mehlmauer 806963359f fix fail with condition 2017-05-08 23:47:48 +02:00
Christian Mehlmauer f62ac6327d add @rwhitcroft 2017-05-08 23:20:12 +02:00
Christian Mehlmauer 26373798fa change rank 2017-05-08 23:07:12 +02:00
Christian Mehlmauer 962a31f879 change minimum length 2017-05-08 23:01:17 +02:00
Christian Mehlmauer 7dccb17834 auto extract values and implement brute forcing 2017-05-08 22:47:29 +02:00
Brent Cook 841f63ad20 make office_word_hta backward compat with older Rubies 2017-05-08 15:10:48 -05:00
Christian Mehlmauer 406a7f1ae2 Merge remote-tracking branch 'dmchell/dmchell-cve-2017-7269' into iis2 2017-05-08 21:51:51 +02:00
Brent Cook fede672a81 further revise templates 2017-05-08 14:26:24 -05:00
HD Moore f7ff840ef0 Add missing return, thanks bperry! 2017-05-08 14:08:59 -05:00
HD Moore 9392e48b72 Add a scanner for Intel AMT auth bypass (CVE-2017-5689) 2017-05-08 13:24:00 -05:00
William Vu b794bfe5db Land #8335, rank fixes for the msftidy god 2017-05-07 21:20:33 -05:00
Bryan Chu 88bef00f61 Add more ranks, remove module warnings 
../vmware_mount.rb
Rank = Excellent
Exploit uses check code for target availability,
the vulnerability does not require user action,
and the exploit uses privilege escalation to run
arbitrary executables

../movabletype_upgrade_exec.rb
Rank = ExcellentRanking
Exploit utilizes code injection,
has a check for availability

../uptime_file_upload_2.rb
Rank = ExcellentRanking
Exploit allows execution of arbitrary commands,
has a check for availability

../zpanel_information_disclosure_rce.rb
Rank = ExcellentRanking
Exploit allows remote code execution,
implements version check for pChart

../spip_connect_exec.rb
Rank = ExcellentRanking
Exploit utilizes code injection,
has a check for availability

../wp_optimizepress_upload.rb
Rank = ExcellentRanking
Exploit allows execution of arbitrary code,
has a check for availability

../wing_ftp_admin_exec.rb
Rank = ExcellentRanking
Exploit allows execution of arbitrary commands,
has a check for availability

../novell_mdm_lfi.rb
Rank = ExcellentRanking
Exploit allows execution of arbitrary code,
has a check for availability

../run_as.rb
Rank = ExcellentRanking
Exploit utilizes command injection,
checks system type, and does not require user action
 2017-05-07 15:41:26 -04:00
Pearce Barry af3f1fbc37 Land #8332, Canprobe Module 2017-05-07 12:20:27 -05:00
Pearce Barry c05e7b3b58 Minor corrections and a tweak to appease msftidy. 2017-05-07 11:55:20 -05:00
Pearce Barry e3d3fa8e45 Tweak internal description formatting. 2017-05-07 11:31:36 -05:00
Pearce Barry b965bdcdae Appease msftidy and Travis. 2017-05-07 11:19:32 -05:00
Brendan Coles 635a7a42e6 Update style lotus_domino_hashes 2017-05-07 16:37:48 +10:00
Jeffrey Martin 05bf16e91e Land #8331, Adding module CryptoLog Remote Code Execution 2017-05-05 18:24:14 -05:00
Mehmet Ince 720a02f5e2 Addressing Spaces at EOL issue reported by Travis 2017-05-05 11:05:17 +03:00
Mehmet Ince 58d2e818b1 Merging multiple sqli area as a func 2017-05-05 10:49:05 +03:00
darkbushido 81bcf2ca70 updating all LHOST to use the new opt type 2017-05-04 12:57:50 -05:00
Brent Cook 97095ab311 Land #8338, Fix msf/core and self.class msftidy warnings 2017-05-03 21:55:52 -05:00
Brent Cook 2d93c8e2d6 merge, don't overwrite 2017-05-03 18:17:58 -05:00
Brent Cook 0798923901 set the correct schema for linux meterpreter reverse_tcp stages 2017-05-03 16:12:45 -05:00
William Vu 64452de06d Fix msf/core and self.class msftidy warnings 
Also fixed rex requires.
 2017-05-03 15:44:51 -05:00
Mehmet Ince d04e7cba10 Rename the module as well as title 2017-05-03 19:18:46 +03:00
Mehmet Ince ae8035a30f Fixing typo and using shorter sqli payload 2017-05-03 16:45:17 +03:00
Craig Smith 9877aa9ef9 Added documentation and cleand up how STOPID worked 2017-05-02 18:57:32 -07:00
Mehmet Ince db2a2ed289 Removing space at eof and self.class from register_options 2017-05-03 01:31:13 +03:00
Mehmet Ince 77acbb8200 Adding cryptolog rce 2017-05-03 01:05:40 +03:00
Craig Smith 3519adbaef A basic CAN fuzzer. It probes the data regions of different CAN IDs. 
The default is to use a set value but can iterate the full range.  It can
also add padding if necessary.  Not checks on returns or results of fuzzing.
 2017-05-02 14:19:29 -07:00
Adam Cammack 494711ee65 Land #8307, Add lib for writing Python modules 2017-05-02 15:53:13 -05:00
William Vu 03e4ee91c2 Correct Ghostscript 9.2.1 to 9.21 as per advisory 2017-05-01 16:23:14 -05:00
William Vu 41ef1a4e90 Land #8325, cmd/unix/reverse_ncat_ssl payload 2017-05-01 14:54:52 -05:00
C_Sto 772a16f4cd fix style 2017-05-02 00:55:57 +08:00
C_Sto 9e06c3f07e fix argument arrangement 2017-05-02 00:39:00 +08:00
C_Sto 5a2afbc364 Tidy payload 2017-05-01 21:38:34 +08:00
C_Sto cfa204b8e8 add reverse ncat ssl 2017-05-01 06:57:28 +08:00
HD Moore afc804fa03 Quick Ghostscript module based on the public PoC 2017-04-28 09:56:52 -05:00
William Vu 1a402ed1d8 Add arch to smb_ms17_010 DOUBLEPULSAR detection 2017-04-26 20:59:13 -05:00
Brent Cook 037fdf854e move common json-rpc bits to a library 2017-04-26 18:08:08 -05:00
Brent Cook 480a0b4273 update payload sizes 2017-04-26 18:02:14 -05:00