adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

2968 Commits

Author SHA1 Message Date
h00die ec63c4c419 fix negative bug, add docs 2019-11-12 22:32:07 -05:00
Shelby Pace baf27f9654 Land #12542, add Bludit File Upload Exploit 2019-11-12 15:44:34 -06:00
William Vu 3c1fa90a75 Land #12515, Pulse Secure VPN RCE 2019-11-12 02:55:01 -06:00
William Vu add013283d Land #12511, Pulse Secure VPN file read redux 2019-11-12 02:51:11 -06:00
William Vu a8e289ee9c Code-block env(1) 2019-11-12 02:46:18 -06:00
William Vu a267ad9d64 Reference env(1) as the reason we have useful RCE 2019-11-12 02:17:58 -06:00
William Vu a17b2c2041 Add module doc 2019-11-12 02:10:10 -06:00
bwatters-r7 3b57705a1f Land #11390, Add exploit module for Xorg X11 Server Local Privilege Escalation on AIX 
Merge branch 'land-11390' into upstream-master
 2019-11-11 15:42:54 -06:00
Wei Chen 717a31c7c3 Fix typos and format 2019-11-11 14:47:56 -06:00
bwatters-r7 820aa4f46c Update documents with vimeo video example and update SideEffects value 
in the module cache.
 2019-11-11 14:28:07 -06:00
Nicholas Starke 986b1dfbd5 Addressing comments on pull request 
I have updated this module as per the comments left on the pull request.
This includes adding a timeout configuration option and adding a check
for the webSocketDebuggerUrl key
 2019-11-10 15:43:01 -06:00
lle-bout 1d7cdac421 Add Wordpress Plainview Activity Monitor RCE 
Description:

```
Plainview Activity Monitor Wordpress plugin is vulnerable to OS
command injection which allows an attacker to remotely execute
commands on underlying system. Application passes unsafe user supplied
data to ip parameter into activities_overview.php.
Privileges are required in order to exploit this vulnerability, but
this plugin version is also vulnerable to CSRF attack and Reflected
XSS. Combined, these three vulnerabilities can lead to Remote Command
Execution just with an admin click on a malicious link.
```
 2019-11-10 08:27:45 +01:00
h00die f27afeae65 android hashdump docs 2019-11-09 10:11:45 -05:00
Jeffrey Martin eb07305104 Land #11695, Password Cracker Overhaul(ie hashcat) 2019-11-07 19:09:52 -06:00
dwelch-r7 876a307816 Land #9396, Linux net snmpd rw access 2019-11-07 02:52:47 +00:00
h00die f0443deb2a resolved merge conflicts for payload 1.3.79 integration 2019-11-06 21:15:11 -05:00
Shelby Pace 3d14b88a50 Land #12507, add rConfig Command Injection module 2019-11-06 13:45:15 -06:00
Brent Cook e9b36520c5 Land #12495, add Android module docs 2019-11-06 08:39:01 -08:00
Brent Cook 740687c2fa capitalize Android 2019-11-06 08:28:35 -08:00
h00die 06f7027fd8 udapted docs 2019-11-06 15:57:33 +09:00
William Vu 5235759187 Merge remote-tracking branch 'upstream/master' into pr/12220 2019-11-05 09:56:38 -06:00
Wei Chen 553601210a Add CVE-2019-16113: Bludit Directory Traversal Image Upload Exploit 2019-11-05 08:57:15 -06:00
h00die 7620cefca4 start of janus table 2019-11-04 23:31:45 +09:00
h00die 4f2fab797f janus upgrades 2019-11-04 23:31:45 +09:00
scanu92 a307f4f41a Apply suggestions from code review 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-11-03 00:32:10 +01:00
scanu92 1a4777670b Apply suggestions from code review 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-11-03 00:30:18 +01:00
Brendan Coles 6dc94bbca9 Update documentation 2019-11-02 22:37:56 +00:00
Brendan Coles f5afbe7104 Update documentation 2019-11-02 22:35:58 +00:00
Brendan Coles 0d1dd242ea Fix typos 2019-11-02 22:09:23 +00:00
Brendan Coles e0faff6944 Add documentation 2019-11-02 22:03:10 +00:00
Brendan Coles 89b277c360 Add documentation 2019-11-01 23:38:59 +00:00
Brendan Coles 08d51acd18 Update targets 2019-11-01 20:33:23 +00:00
Brendan Coles 73a8381639 Add documentation 2019-11-01 20:12:03 +00:00
sk4 af0761bcfd Add CMS Made Simple object injection exploit module 2019-11-01 12:11:38 +01:00
Brendan Coles 294cbcffb6 Land #12382, Add Linux Micro Focus (HPE) Data Protector omniresolve Privesc (CVE-2019-11660) 2019-11-01 08:06:01 +00:00
William Vu 128b9cd44b Reword related module info 2019-10-31 13:07:41 -05:00
William Vu df535676a7 Add related module info 2019-10-31 12:48:52 -05:00
Shelby Pace 0b4a0b3148 Land #12476, add Nostromo dir traversal RCE 2019-10-31 08:24:41 -05:00
Quentin Kaiser a55c5c6765 Update documentation/modules/exploit/multi/http/nostromo_code_exec.md 
s/Nostrom/Nostromo/

Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2019-10-30 15:38:50 +01:00
William Vu ac7a28d91d Add module doc 2019-10-29 23:14:53 -05:00
Brendan Coles f3bc8580c0 Add documentation 2019-10-29 15:59:18 +00:00
Quentin Kaiser f03f5e4904 Documentation updated based on latest module version. 2019-10-29 16:13:25 +01:00
Brent Cook 99ed2b7bf2 merge modules and documentation 2019-10-29 04:27:25 -05:00
Brent Cook c6ecef3dc7 Merge #11426, other grub password extraction module 2019-10-29 03:34:36 -05:00
Brendan Coles 35fdd45770 Add BSD Dump Password Hashes documentation 2019-10-27 06:52:28 +00:00
h00die 57d7c8b6b2 android docs 2019-10-25 22:15:33 -04:00
bwatters-r7 3483c50a86 Add Windows backup system sdclt uac bypass module 2019-10-25 15:01:56 -05:00
Wyatt Dahlenburg 0dd2ce9f45 Ignore keys that have passphrases 2019-10-23 23:11:13 -05:00
h00die 47fcd52f65 Land #12456 aux scanner html title docs 2019-10-23 20:58:34 -04:00
h00die 1c9eb0f788 change < to &lt; to prevent md parsing 2019-10-23 20:57:54 -04:00