adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

1951 Commits

Author SHA1 Message Date
jvazquez-r7 11a3f59b0b Return false if there isn't a positive answer 2015-05-01 14:06:57 -05:00
jvazquez-r7 093c2e3ace Do minor style cleanup 2015-05-01 13:56:48 -05:00
jvazquez-r7 d38adef5cc Make TOMCAT_PATH optional 2015-05-01 13:54:39 -05:00
jvazquez-r7 d2a7d83f71 Avoid long sleep times 2015-05-01 13:51:52 -05:00
jvazquez-r7 8fcf0c558d Use single quotes 2015-05-01 13:20:27 -05:00
jvazquez-r7 4224008709 Delete print_debug/vprint_debug 2015-04-21 11:14:03 -05:00
wchen-r7 4f903a604c Fix #5103, Revert unwanted URI encoding 
Fix #5103. By default, Httpclient will encode the URI but
we don't necessarily want that. These modules originally
didn't use URI encoding when they were written so we should
just keep them that way.
 2015-04-17 13:59:49 -05:00
Christian Mehlmauer 352e170624 more failure reasons 2015-04-16 22:04:11 +02:00
Christian Mehlmauer 8c5890d506 more fixes 2015-04-16 21:56:42 +02:00
Christian Mehlmauer ba6548db75 be consistent about naming 2015-04-16 21:44:56 +02:00
Christian Mehlmauer 4dc402fd3c moar fail_with's 2015-04-16 21:16:52 +02:00
Jon Cave c6f062d49e Ensure that local variable upload_path is defined 
Merge `upload_payload` and `parse_upload_response` so that the
`upload_path` variable is defined for use in error messages in the event
of failure.
 2015-04-10 10:58:20 +01:00
Pedro Ribeiro 4808d61af3 Add OSVDB id and full disclosure URL 2015-04-09 16:32:22 +01:00
Pedro Ribeiro cf8b92b747 Create zcm_file_upload.rb 2015-04-07 16:05:51 +01:00
William Vu e1af495d21 Add extra release fixes 2015-04-06 13:08:40 -05:00
Tod Beardsley 1e6d895975 Description fixes on #4784, jboss exploit 
Also, needed to run through msftidy.

[See #4784]
 2015-04-06 12:34:49 -05:00
William Vu 56dc7afea6 Land #5068, @todb-r7's module author cleanup 2015-04-03 16:00:36 -05:00
scriptjunkie 0f7c644fff Land #4784, JBoss Seam 2 upload exec exploit 2015-04-02 22:32:35 -05:00
Tod Beardsley 4bbec88882 Various other one-off nonhuman author credits 
[See #5012]
 2015-04-02 15:25:47 -05:00
Tod Beardsley 6532fad579 Remove credits to Alligator Security Team 
All but one of these modules credits both a team name and individual
team members. We should just be crediting team members. The domain
persists in all the other credits.

The one that didn't was credited to dflah_ specifically, so merely
changed the author name.

Longer description, if needed, wrapped at 72 characters.

[See #5012]
 2015-04-02 15:12:22 -05:00
g0tmi1k 127d07342e Remove trailing space 2015-03-20 01:36:56 +00:00
g0tmi1k 7426e72317 Grammar - traq_plugin_exec 2015-03-20 01:31:01 +00:00
g0tmi1k 5709d49aae Clean up traq_plugin_exec 2015-03-20 01:19:46 +00:00
jvazquez-r7 b6146b1499 Use print_warning 2015-03-12 17:22:03 -05:00
Julian Vilas fe822f8d33 Modify automatic file cleanup 2015-03-10 00:45:20 +01:00
Julian Vilas 0ef303cb6c Fix Java payload 2015-03-10 00:01:27 +01:00
Julian Vilas 2eb0011a99 Autotrigger JSP shell at docBase 2015-03-07 20:41:08 +01:00
Julian Vilas 3be2bde5a2 Use bypass for bulletin S2-020 2015-03-07 19:14:20 +01:00
jvazquez-r7 9f3f8bb727 Merging #3323 work 2015-03-05 15:44:15 -06:00
jvazquez-r7 c388fd49c2 Fix print message 2015-03-05 15:43:54 -06:00
jvazquez-r7 e1a4b046a0 Add support for tomcat 7 to struts_code_exec_classloader 2015-03-05 15:40:24 -06:00
sinn3r 8978b1d7b5 Add a version 2015-03-05 11:29:44 -06:00
Ricardo Almeida 32188f09d6 Update phpmoadmin_exec.rb 
Changes:
Added required comment at the top of the file;
Changed Class name "Metasploit3" >> "Metasploit4";
Standard name/email format for public PoC author.
 2015-03-05 12:56:08 +00:00
Ricardo Almeida 95962aab0d Update phpmoadmin_exec.rb 
Changes:
"Check if vulnerable" code improvement;
Payload delivery code improvement;
Minor indent issues.

Thanks for your feedback guys :)
 2015-03-05 12:46:53 +00:00
Ricardo Almeida 9530e15c81 Update phpmoadmin_exec.rb 
Changes:
Changed description section;
Changed 'URL' to 'EDB' in references section;
Added newline at the end.
 2015-03-04 21:59:08 +00:00
Ricardo Almeida c19895ac85 Update phpmoadmin_exec.rb 
Changes:
Added new URL;
Added CVE number;
Corrected the disclosure date;
Corrected the normalize_uri() function syntax.
 2015-03-04 21:31:44 +00:00
Ricardo Almeida 4d67e0e1bb Add PHPMoAdmin RCE 2015-03-04 18:17:31 +00:00
vulp1n3 69b37976c1 Fix disclosure date. 2015-02-17 17:29:52 -08:00
vulp1n3 a19a5328f1 Add JBoss Seam 2 upload execute module 
Versions of the JBoss Seam 2 framework  < 2.2.1CR2 fails to properly
sanitize inputs to some JBoss Expression Language expressions.  As a
result, attackers can gain remote code execution through the
application server.  This module leverages RCE to upload and execute
a meterpreter payload. CVE-2010-1871
 2015-02-17 17:25:01 -08:00
jvazquez-r7 1f4fdb5d18 Update from master 2015-02-10 10:47:17 -06:00
William Vu a7156cf4a8 Fix zabbix_script_exec datastore 2015-02-05 02:53:22 -06:00
jvazquez-r7 fbf32669c6 Use single quote 2015-02-04 09:47:27 -06:00
julianvilas de09559cc8 Change HTTP requests to succeed when going through HTTP proxies 2015-02-04 15:32:14 +01:00
Julian Vilas f983c8171e Modify description to match both Struts 1.x and 2.x versions 2015-01-30 12:35:38 +01:00
Julian Vilas 1a11ae4021 Add new references about Struts 1 2015-01-29 23:27:52 +01:00
Julian Vilas 4cc5844baf Add Struts 1 support 2015-01-29 23:12:34 +01:00
Tod Beardsley bae19405a7 Various grammar, spelling, word choice fixes 2015-01-26 11:00:07 -06:00
jvazquez-r7 d8aa282482 Delete some double quotes 2015-01-22 18:21:25 -06:00
jvazquez-r7 4c72b096b6 Switch variable from file_name to operation 2015-01-22 18:20:11 -06:00
jvazquez-r7 b003d8f750 Do final cleanup 2015-01-22 18:17:14 -06:00