adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

1951 Commits

Author SHA1 Message Date
bcoles e0a3e01d26 Update modules/exploits/multi/http/cmsms_showtime2_rce.rb 
Co-Authored-By: fabiocogno <fabio.cogno@gmail.com>
 2019-03-20 14:13:25 +01:00
bcoles 365e032452 Update modules/exploits/multi/http/cmsms_showtime2_rce.rb 
Co-Authored-By: fabiocogno <fabio.cogno@gmail.com>
 2019-03-20 14:13:12 +01:00
bcoles 49bb5a1624 Update modules/exploits/multi/http/cmsms_showtime2_rce.rb 
Co-Authored-By: fabiocogno <fabio.cogno@gmail.com>
 2019-03-20 14:13:00 +01:00
bcoles 050aa7a98c Update modules/exploits/multi/http/cmsms_showtime2_rce.rb 
Co-Authored-By: fabiocogno <fabio.cogno@gmail.com>
 2019-03-20 14:12:47 +01:00
bcoles fe0d5e0c97 Update modules/exploits/multi/http/cmsms_showtime2_rce.rb 
Co-Authored-By: fabiocogno <fabio.cogno@gmail.com>
 2019-03-20 14:12:35 +01:00
Fabio Cogno 43f74b1cf2 Add CMS Made Simple (CMSMS) Showtime2 File Upload RCE 2019-03-19 23:48:46 +01:00
Matteo Malvica a2d6c77fb8 indentation fixes 2019-03-19 15:28:24 +01:00
Matteo Malvica 985f3748e5 Update splunk_upload_app_exec.rb 2019-03-19 15:08:51 +01:00
Matteo Malvica c9dcdf1b66 new error logic 2019-03-19 14:58:31 +01:00
Matteo Malvica 98a7938837 Update splunk_upload_app_exec.rb 2019-03-19 14:42:56 +01:00
bcoles aff77e58bf Update modules/exploits/multi/http/splunk_upload_app_exec.rb 
Co-Authored-By: avanzo <matteo@malvica.com>
 2019-03-19 13:57:19 +01:00
bcoles 109b2bcf7e Update modules/exploits/multi/http/splunk_upload_app_exec.rb 
Co-Authored-By: avanzo <matteo@malvica.com>
 2019-03-19 13:46:57 +01:00
bcoles f98ad82583 Update modules/exploits/multi/http/splunk_upload_app_exec.rb 
Co-Authored-By: avanzo <matteo@malvica.com>
 2019-03-19 13:46:44 +01:00
Matteo Malvica 983442d690 Update splunk_upload_app_exec.rb 2019-03-18 19:04:45 +01:00
Matteo Malvica 3316e8c4bf fixed standard payload syntax 2019-03-18 19:00:33 +01:00
Matteo Malvica 2f1ee95073 Update splunk_upload_app_exec.rb 2019-03-18 15:11:04 +01:00
Matteo Malvica 7a31fc2d17 added splunk 7.2.4 support 2019-03-18 09:12:00 +01:00
William Vu a1e6d4d19a Update note about staging payloads over HTTPS 2019-03-16 13:36:58 -05:00
William Vu 621fa8e4db Fix issues and refactor module 2019-03-16 00:38:48 -05:00
William Vu 0fa2d985e7 Add Jenkins ACL bypass and metaprogramming RCE 2019-03-16 00:32:36 -05:00
William Vu f35a13d795 Fix exploit/multi/http/oracle_ats_file_upload 2019-02-25 11:35:34 -06:00
William Vu f534fd9755 Fix exploit/multi/http/apache_jetspeed_file_upload 2019-02-25 11:32:06 -06:00
William Vu 53bf15b184 Fix exploit/multi/http/struts2_rest_xstream 2019-02-25 11:18:27 -06:00
Wei Chen 3a12592976 Land #11072, Add nuuo_nvrmini_upgrade_rce 2019-02-06 22:30:45 -06:00
Wei Chen c8d79cb7c0 Make minor changes for nuuo module 2019-02-06 22:26:31 -06:00
William Vu b7bc52d20b Fix HTTP/SMB mixin order to restore SSL option 
Mixin order matters. Mixins kinda suck.
 2019-01-29 11:09:34 -06:00
Brendan Coles 24f807490f revisionism 2019-01-10 19:19:14 +00:00
Jacob Robles 2f939481e7 Land #11206, add coldfusion ckeditor file upload 2019-01-10 07:27:38 -06:00
Jacob Robles b81f59e7b1 Fix targets and syntax changes 2019-01-10 06:39:45 -06:00
Qazeer a63c057c3a Integrate bcoles' comments (filename generation, conditional block improvement, etc.) 2019-01-06 22:50:46 +01:00
Qazeer c03466d2f2 Fixed date format issue and added Bugtraq ID 2019-01-06 14:34:40 +01:00
Qazeer 4644ad8966 Add CVE-2018-15961 Adobe ColdFusion CKEditor unrestricted file upload 2019-01-06 04:55:20 +01:00
William Vu 38bdee19e8 Fix TARGETURI support in struts2_namespace_ognl 2018-12-14 13:08:50 -06:00
bwatters b109321b44 Kill unless not 2018-12-11 10:16:16 -06:00
Berk Dusunur f94559a36a Update nuuo_nvrmini_upgrade_rce.rb 2018-12-06 07:09:44 +03:00
Berk Dusunur 9d7389b448 Update nuuo_nvrmini_upgrade_rce.rb 2018-12-06 07:04:24 +03:00
Berk Dusunur cbe3f0eec9 Update nuuo_nvrmini_upgrade_rce.rb 2018-12-06 06:36:29 +03:00
Berk Dusunur 4880dcbda8 Update nuuo_nvrmini_upgrade_rce.rb 2018-12-06 06:34:13 +03:00
Berk Dusunur ca558d4b14 Update nuuo_nvrmini_upgrade_rce.rb 2018-12-06 06:26:34 +03:00
Berk Dusunur c72065987b Update nuuo_nvrmini_upgrade_rce.rb 2018-12-06 06:19:16 +03:00
Berk Dusunur 3ac5096e1a Create nuuo_nvrmini_upgrade_rce.rb 2018-12-06 05:51:10 +03:00
William Vu 90b9204703 Update DisclosureDate to ISO 8601 in my modules 
Basic msftidy fixer:

diff --git a/tools/dev/msftidy.rb b/tools/dev/msftidy.rb
index 9a21b9e398..e9ff2b21e5 100755
--- a/tools/dev/msftidy.rb
+++ b/tools/dev/msftidy.rb
@@ -442,6 +442,8 @@ class Msftidy
     # Check disclosure date format
     if @source =~ /["']DisclosureDate["'].*\=\>[\x0d\x20]*['\"](.+?)['\"]/
       d = $1  #Captured date
+      File.write(@full_filepath, @source.sub(d, Date.parse(d).to_s))
+      fixed('Probably updated traditional DisclosureDate to ISO 8601')
       # Flag if overall format is wrong
       if d =~ /^... (?:\d{1,2},? )?\d{4}$/
         # Flag if month format is wrong
 2018-11-16 12:18:28 -06:00
Jacob Robles 795aa3c99c Land #10828, git submodule url exec CVE-2018-17456 2018-11-14 12:39:13 -06:00
Jacob Robles 798d3156bc Print git command for module 2018-11-14 10:57:36 -06:00
Shelby Pace 5e85683228 removed to_s from string 2018-11-13 15:28:55 -06:00
Shelby Pace ac8932c144 update 9631 to a current branch 2018-11-13 15:15:25 -06:00
Alex Gonzalez da134f06e3 Updated check method 
Fixed check method and redundant variable declarations
 2018-11-13 16:01:40 -05:00
Spencer McIntyre caf76a6555 Add applicable notes to my exploit modules 2018-10-27 20:54:14 -04:00
Tim W b3d45586db feedback from code review 2018-10-18 12:30:46 +08:00
Tim W 64e257649f cleanup module 2018-10-18 11:45:59 +08:00