adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

1387 Commits

Author SHA1 Message Date
jvazquez-r7 386e2e3d29 Do final / minor cleanup 2014-04-09 23:19:12 -05:00
sinn3r eb9d3520be Land #3208 - Sophos Web Protection Appliance Interface Authenticated Exec 2014-04-09 11:30:59 -05:00
Brandon Perry 8428b37e59 move file to .rb ext 2014-04-09 05:17:14 -07:00
Brandon Perry 82c9b539ac Fix disclosure date, earlier than I thought 2014-04-08 21:43:49 -05:00
Brandon Perry 3013704c75 Create sophos_wpa_iface_exec 
This module exploits both bugs in http://www.zerodayinitiative.com/advisories/ZDI-14-069/
 2014-04-08 21:21:43 -05:00
Fabian Bräunlein 8dce80fd30 Added Big Endianess, improved check()-Function 
Some Fritz!Box devices also run in Big Endianess mode. However, since
"uname -a" always returns "mips" and the "file"-command is not
available, autodetection is not an easy task.

The check()-function now checks, whether the device is really
vulnerable.

Furthemore, it's possible to send 92 bytes.
 2014-04-08 21:32:36 +02:00
jvazquez-r7 fb1318b91c Land #3193, @m-1-k-3's exploit for the Fritzbox RCE vuln 2014-04-07 16:13:31 -05:00
jvazquez-r7 ceaa99e64e Minor final cleanup 2014-04-07 16:12:54 -05:00
Michael Messner b1a6b28af9 fixed disclosure date 2014-04-07 19:29:37 +02:00
Michael Messner 003310f18a feedback included 2014-04-07 19:25:26 +02:00
Tod Beardsley 7572d6612e Spelling and grammar on new release modules 2014-04-07 12:18:13 -05:00
Michael Messner 85de6ed0c9 feedback included 2014-04-07 18:20:15 +02:00
Michael Messner 11bbb7f429 fritzbox echo exploit 2014-04-07 09:12:22 +02:00
jvazquez-r7 6d72860d58 Land #3004, @m-1-k-3's linksys moon exploit 2014-04-04 14:04:48 -05:00
jvazquez-r7 0ae75860ea Code clean up 2014-04-04 14:02:12 -05:00
Tod Beardsley ffdca3bf42 Fixup on some modules for release 
There may be more coming, but if not, this should cover
this week's minor style changes.
 2014-03-31 12:42:19 -05:00
Michael Messner 4319885420 we do not need pieces ... 2014-03-26 20:45:30 +01:00
sinn3r 0c3a535434 Land #3133 - LifeSize UVC Authenticated RCE via Ping 2014-03-24 21:16:10 -05:00
sinn3r 53b25c8c93 Fix header & author e-mail format 2014-03-24 21:15:27 -05:00
Brandon Perry d2a9a26bc8 real fix for sinn3r bug 2014-03-24 18:40:48 -05:00
Brandon Perry ec35f4b13f some bugs for sinn3r 2014-03-24 18:17:50 -05:00
Brandon Perry d6f397ab6d whoops that isn't how you EDB 2014-03-22 11:48:41 -05:00
Brandon Perry 291692d6e0 Update lifesize_uvc_ping_rce.rb 2014-03-22 11:30:00 -05:00
Brandon Perry 67a3a7227b Create lifesize_uvc_ping_rce.rb 2014-03-21 21:33:12 -05:00
William Vu 170608e97b Fix first chunk of msftidy "bad char" errors 
There needs to be a better way to go about preventing/fixing these.
 2014-03-11 11:18:54 -05:00
James Lee d1ea74c5fa Make the password hash stand out as more important 2014-03-04 15:08:47 -06:00
James Lee 9a403bf630 Also extract admin hash if password auth failed 2014-03-04 14:55:47 -06:00
James Lee 423477bc52 auth_succeeded? is a better name for this method 2014-03-04 14:55:47 -06:00
James Lee 917b09086b Pull the copy-pasted verification into a method 2014-03-04 14:55:47 -06:00
James Lee 4cfda88bad Pull the copy-pasted sqli into a method 2014-03-04 14:55:47 -06:00
Michael Messner 15345da9d8 remove the wget module, remove the cmd stuff, testing bind stuff ahead 2014-02-28 22:44:26 +01:00
Michael Messner 2935f4f562 CMD target 2014-02-24 18:12:23 +01:00
Michael Messner 0126e3fcc8 cleanup 2014-02-23 21:17:32 +01:00
Michael Messner dbbd080fc1 a first try of the cmd stager, wget in a seperated module included 2014-02-23 20:59:17 +01:00
Michael Messner 3a8de6e124 replaced rhost by peer 2014-02-18 21:01:50 +01:00
Michael Messner 66e2148197 linksys themoon command execution exploit 2014-02-18 19:43:47 +01:00
Michael Messner 4dda7e6bad linksys themoon command execution exploit 2014-02-18 19:42:50 +01:00
pyoor faae51f39e Implemented @jlee-r7 requested changes 2014-02-17 10:13:18 -05:00
pyoor ca15d2d8e7 Added Pandora FMS RCE and SQLi module 2014-02-12 12:02:33 -05:00
jvazquez-r7 79d559a0c9 Fix MIME message to_s 2014-02-10 22:23:23 -06:00
Tod Beardsley 1236a4eb07 Fixup on description and some option descrips 2014-02-10 14:41:59 -06:00
sinn3r c96116b193 Land #2949 - Add module Kloxo SQLi 2014-02-08 13:45:11 -06:00
jvazquez-r7 c679b1001b Make pring_warning verbose 2014-02-07 10:23:07 -06:00
James Lee 4236abe282 Better SIGHUP handling 2014-02-06 15:21:54 -06:00
jvazquez-r7 fdb954fdfb Report credentials 2014-02-05 14:37:33 -06:00
jvazquez-r7 631559a2e8 Add module for Kloco SQLi 2014-02-05 14:18:56 -06:00
xistence 50f860757b Changes made to pandora_fms_exec module as requested 2014-02-03 14:10:27 +07:00
xistence 9a929e75e4 Added Pandora FMS RCE 2014-01-29 12:46:23 +07:00
sinn3r a7fa4e312b This module fails to load due to the missing end 2014-01-24 17:56:47 -06:00
sinn3r cdc425e4eb Update some checks 2014-01-24 12:08:23 -06:00