adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
51,355 Commits 27 Branches 1,043 Tags
91fec97cd7ea32e23cfc2da93d9ec28f445313f2
Commit Graph

26096 Commits

Author SHA1 Message Date
Jacob Robles 91fec97cd7 Update run logic, fix create_credential usage 2019-04-11 06:54:19 -05:00
Jacob Robles 54abfcbc2c Update check logic 2019-04-11 06:21:40 -05:00
Jacob Robles 1b2b752bef Remove rescue that is handled in HttpClient mixin 2019-04-11 06:20:48 -05:00
Jacob Robles 9385fbc3b7 Change date format 2019-04-11 06:18:52 -05:00
Synacktiv e9dd2f4f06 Store the whole JSON response 2019-04-09 13:59:44 +02:00
Synacktiv b2422ab661 Remove use of service_details 2019-04-09 13:45:17 +02:00
Synacktiv 3d51fdb003 Improve send_sql_request 2019-04-09 13:42:43 +02:00
Synacktiv ab1926b7ee Create wp_google_maps_sql_injection.rb 2019-04-08 10:50:41 +02:00
Pearce Barry 7e62a69e16 Land #11660, Update use_single_quotes to wrap_double_quotes 2019-04-06 15:44:39 -05:00
Shelby Pace fff129ae9f Land #11587, add Wordpress core RCE module 2019-04-04 15:22:56 -05:00
Shelby Pace 6efd80e139 added note in info 2019-04-04 15:19:58 -05:00
Shelby Pace 2884d9afcb modified checks, added function 2019-04-04 15:09:12 -05:00
William Vu e164c2350c Properly encode command input with XML entities 
REXML would make this less ghetto.
 2019-04-03 19:10:27 -05:00
Shelby Pace d5ac1e3a33 minor adjustments to indentation and requests 2019-04-03 19:03:47 -05:00
Ben Schmeckpeper 7d1f6afd4a Remove trailing space from CVE reference 2019-04-03 09:21:55 -05:00
todb-r7 9e3984ea51 Remove duplicate CVE for Mailcleaner module 
See #11304
 2019-04-02 12:51:09 -05:00
wilfried 3081b13a1f Adding payload in exploit code 2019-04-02 10:24:48 +02:00
surefire 1b6cd64016 Land #11136, exploit/multi/misc/weblogic_deserialize_unicastref 2019-04-01 18:15:26 -05:00
surefire 40191e5a01 Dissected JSOs, randomized strings, copied T3 header breakdown from @acamro 2019-04-01 18:05:45 -05:00
William Vu 06397bb087 Land #11636, postgres_createlang version check fix 2019-04-01 15:21:57 -05:00
surefire f292befed4 Land #11134, exploit/multi/misc/weblogic_serialize_marshalledobject 2019-04-01 14:11:30 -05:00
surefire 4d0e47044b Fixed a hardcoded payload length resulting in 40% failures 2019-04-01 14:05:39 -05:00
Brendan Coles ddbd7ba080 Case insensitive match 2019-04-01 18:58:14 +00:00
William Vu 5867158238 Land #11595, can_flood post module 2019-04-01 12:38:46 -05:00
William Vu f5f4c4bec2 Clean up module 2019-04-01 12:24:35 -05:00
PietroBiondi 2afd27a671 1)Fixed documentation format 2)Refactoring and more efficient loop 2019-03-30 17:12:15 +01:00
William Vu 496f270b30 Update use_single_quotes to wrap_double_quotes 2019-03-29 18:14:56 -05:00
Brent Cook 82b7c926fe Land #11579, Add support for splunk 7.2.4 to splunk_upload_app_exec 2019-03-29 16:22:26 -05:00
Brent Cook 9c38d58e9f Land #11625, add es file explorer open port CVE-2019-6447 module 2019-03-29 15:46:09 -05:00
William Vu 269cb4bca6 Land #11635, Authors check for msftidy 2019-03-29 10:45:31 -05:00
William Vu af494300ec Add timwr as an author to his own modules 2019-03-29 10:44:58 -05:00
Brent Cook 0a24266029 Land #11482, RV320 Unauthenticated RCE 2019-03-28 17:53:05 -05:00
h00die 1e6850fa53 land #11623 oracle 12 support for hashdumper 2019-03-28 10:07:54 -04:00
h00die 2a311931d3 oracle hashdump cleanup 2019-03-28 10:06:56 -04:00
7043mcgeep f2a19d5e32 Final revisions 2019-03-27 21:53:52 -05:00
Wei Chen 927d20cb95 Land #11592, Add CMS Made Simple (CMSMS) Showtime2 File Upload RCE 2019-03-27 15:21:07 -05:00
Wei Chen 38bdccb91a Use instance variables instead of datastore options 2019-03-27 15:17:32 -05:00
fabiocogno fdb1f4adea Update cmsms_showtime2_rce.rb 
Fix to CSRF Token stealing function for older versions of CMSMS
 2019-03-27 20:09:14 +01:00
h00die 3f9c9341f9 add 2016 authors 2019-03-26 19:39:17 -04:00
asoto-r7 399532154d Fix a git snafu when landing #11131 
While landing PR #11131, I tripped over my own shoelaces and overwrote `weblogic_deserialize_rawobject.rb` with `weblogic_deserialize_unicastref.rb`, destroying my changes and introducing a great deal of confusion.

This PR gets us back to where we should have been, with #11131 landed and a few changes to add randomization and expanding on the T3 protocol.
 2019-03-26 17:54:37 -05:00
asoto-r7 385cfd679a Land #11131, Weblogic_serialize_rawobject CVE-2015-4852 2019-03-26 17:07:04 -05:00
asoto-r7 26b67bbf91 Fix two-byte error, add randomization, T3 notes from @acamro 2019-03-26 16:45:17 -05:00
asoto-r7 5f5d475c2e Add expected traceback error to documentation 2019-03-26 16:44:45 -05:00
asoto-r7 f9361324bd Merge branch 'weblogic_serialize_rawobject' of git://github.com/acamro/metasploit-framework into acamro-weblogic_serialize_rawobject 2019-03-26 16:38:27 -05:00
Brendan Coles d9fc7af68e Fix version detection 2019-03-26 20:17:34 +00:00
h00die 75ec3e7df6 add date and more docs 2019-03-26 16:13:42 -04:00
Brent Cook b2d047b0b1 Land #11622, merge common hash identifier code between modules 2019-03-26 13:12:00 -05:00
Shelby Pace d185e8a018 indentation fix 2019-03-25 14:54:46 -05:00
Shelby Pace 3a8b09f08e added checks on scan method 2019-03-25 14:48:19 -05:00
Shelby Pace 59f5c291c9 removed spare spaces and modified some indentation 2019-03-25 14:25:09 -05:00