metasploit-gs

Author	SHA1	Message	Date
Quentin Kaiser	b3563b1bc2	Cleaner version of check function thanks to @bcoles.	2018-12-18 19:33:30 +01:00
Brendan Coles	5e134d7d8d	Update modules/exploits/multi/misc/consul_service_exec.rb Co-Authored-By: QKaiser <QKaiser@users.noreply.github.com>	2018-12-18 19:27:19 +01:00
Brendan Coles	5192c081ee	Update modules/exploits/multi/misc/consul_service_exec.rb Co-Authored-By: QKaiser <QKaiser@users.noreply.github.com>	2018-12-18 19:27:08 +01:00
Quentin Kaiser	6ad40deac3	print_status will never throw a JSON::ParseError exception.	2018-12-18 19:15:13 +01:00
Quentin Kaiser	a52ffbcead	Missing disclosure date.	2018-12-18 17:03:09 +01:00
Quentin Kaiser	a3d020a7e2	Add support for authorization with X-Consul-Token ACL header.	2018-12-18 16:56:03 +01:00
Quentin Kaiser	1839144978	Cleaner to define this as a Hash, then call .to_json on it.	2018-12-18 16:53:49 +01:00
Quentin Kaiser	177ae2f927	fail_with is not allowed in check method. Use vprint_error and return a CheckCode instead. Cleaner response check in check function. Usage of CheckCode instead of Exploit::CheckCode.	2018-12-18 16:33:53 +01:00
Quentin Kaiser	0feadf636b	Define in RPORT and SSL in register_options rather than DefaultOptions. Support for echo and printf command stager flavors + support for curl and wget command stager flavors (hence reactivation of SRVHOST, SRVPORT, URIPATH and SSLCert).	2018-12-18 16:29:36 +01:00
Quentin Kaiser	0acdcd98f2	Merge branch 'master' into consul_service_exec	2018-12-18 16:27:08 +01:00
Quentin Kaiser	f487f978c2	Merge branch 'consul_exec' of github.com:QKaiser/metasploit-framework into consul_exec	2018-12-18 16:09:18 +01:00
Quentin Kaiser	08541cd7b9	Merge branch 'master' into consul_exec	2018-12-18 16:07:08 +01:00
Quentin Kaiser	a1e1e4a4f4	Remove useless comment.	2018-12-18 16:05:50 +01:00
Quentin Kaiser	b80e5715d4	Add support for authorization with X-Consul-Token ACL header.	2018-12-18 16:02:39 +01:00
Quentin Kaiser	551f8c5e92	Support for echo and printf command stager flavors + support for curl and wget command stager flavors (hence reactivation of SRVHOST, SRVPORT, URIPATH and SSLCert).	2018-12-18 15:48:58 +01:00
Quentin Kaiser	f290221a66	Cleaner response check in check function. Usage of CheckCode instead of Exploit::CheckCode.	2018-12-18 15:36:52 +01:00
Quentin Kaiser	aeec5cf23e	Cleaner to define this as a Hash, then call .to_json on it. Better support of agent definition in check function.	2018-12-18 15:31:30 +01:00
Quentin Kaiser	e51530688b	fail_with is not allowed in check method. Use vprint_error and return a CheckCode instead.	2018-12-18 15:09:04 +01:00
Quentin Kaiser	4682cf5796	Define in register_options rather than DefaultOptions.	2018-12-18 15:04:28 +01:00
Andres Rodriguez	a10a5e74c4	Use of send_request_cgi instead of raw socket(incomplete responses) and other small fixes	2018-12-17 15:10:36 -08:00
Andres Rodriguez	8072b038ed	Use of send_request_cgi instead of raw socket(incomplete responses) and other small fixes	2018-12-17 15:09:08 -08:00
Andres Rodriguez	3fb723cc1b	Use of send_request_cgi instead of raw socket(incomplete requests) and other small fixes	2018-12-17 15:04:55 -08:00
Andres Rodriguez	b9cccc2e8f	Improvements on code quality and documentation	2018-12-17 00:15:48 -08:00
Andres Rodriguez	f05ea634a3	Improvements on code quality and documentation	2018-12-16 23:42:59 -08:00
Andres Rodriguez	48df4be54e	Improvements on code quality and documentation	2018-12-16 12:47:52 -08:00
Andres Rodriguez	1ecc5461bf	Metasploit module for CVE 2017-3248, Weblogic serialization RCE RMI UnicastRef	2018-12-16 06:21:09 -08:00
Andres Rodriguez	8ce7643e41	Some improvements in code and documentation.	2018-12-15 21:07:53 -08:00
Andres Rodriguez	873d048b89	Some improvements in code and documentation.	2018-12-15 20:42:17 -08:00
Brendan Coles	4c14642b99	Update modules/exploits/multi/misc/weblogic_deserialize_rawobject.rb Co-Authored-By: acamro <acamro@users.noreply.github.com>	2018-12-15 23:23:23 -05:00
Brendan Coles	8dfd8aa4cd	Update modules/exploits/multi/misc/weblogic_deserialize_rawobject.rb Co-Authored-By: acamro <acamro@users.noreply.github.com>	2018-12-15 23:23:14 -05:00
Andres Rodriguez	29c70b8585	Some fixes of sintax errors	2018-12-15 19:44:05 -08:00
Andres Rodriguez	826c93ff8a	Sintax error in an elseif	2018-12-15 19:41:35 -08:00
Andres Rodriguez	25a447fa35	Removed line at the end of file (to pass all tests)	2018-12-15 19:21:37 -08:00
Andres Rodriguez	d8f19ff6c8	Removed line at the end of file (to pass all tests)	2018-12-15 19:19:47 -08:00
Andres Rodriguez	a936d3f78f	Metasploit module for CVE 2016-3510, Weblogic serialization RCE Marshalled Object	2018-12-15 19:12:33 -08:00
Andres Rodriguez	82db6025c9	Some fixes to pass msftidy.	2018-12-15 18:32:17 -08:00
Andres Rodriguez	446144ba8e	Metasploit module for CVE 2015-4852, Weblogic serialization RCE Raw Object	2018-12-15 18:26:34 -08:00
Milton-Valencia	3f1aa425b4	msftidy....lol	2018-12-13 11:03:41 -06:00
Milton-Valencia	2e26ceac8f	added comments	2018-12-13 10:55:09 -06:00
Milton-Valencia	565f2e3e38	wait wrong	2018-12-09 19:23:54 -06:00
Milton-Valencia	ee2ed46143	added date based on man page	2018-12-09 19:17:22 -06:00
Shelby Pace	6712363bb5	Land #10737 , add TeamCity XML-RPC exploit module	2018-11-27 14:59:37 -06:00
Shelby Pace	56f14733a9	changed cmd_stager flavor to printf	2018-11-27 14:23:56 -06:00
Quentin Kaiser	1d337e9987	No debug.	2018-10-29 13:46:07 +01:00
Quentin Kaiser	e76f3ab22f	No debug.	2018-10-29 13:44:16 +01:00
Dylan Pindur	94e45b12b1	Replace cmd generation with built-in stager module	2018-10-07 10:15:10 +08:00
Dylan Pindur	0f34f94496	Add back SSL options for tc-agent-xmlrpc-module	2018-10-05 15:11:13 +08:00
Dylan Pindur	8ae0bcbacd	Refactor if statements to be cleaner	2018-10-05 09:48:44 +08:00
Dylan Pindur	11d9b44922	Add exploit module for TeamCity Agent XMLRPC	2018-10-03 18:33:10 +08:00
William Vu	4c036e70c1	Fix http://seclists.org links to https:// I have no idea how this happened in my own code. I was seeing https://.	2018-09-15 18:54:45 -05:00

1 2 3 4 5 ...

408 Commits