adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

3242 Commits

Author SHA1 Message Date
William Vu 5c14aea1a0 Fix target_platform check (it's empty, not nil) 2019-06-25 12:56:36 -05:00
William Vu cf140f0840 Make SRVHOST the callback address 2019-06-25 12:43:04 -05:00
Shelby Pace 2af76c1997 add documentation and finished module 2019-06-25 11:21:15 -05:00
William Vu 44ad25ae34 Land #12008, struts2_content_type_ognl 302 fix 2019-06-25 00:40:58 -05:00
James Lee 303bfaa7eb Don't worry about response code 
I found one that returned a 302
 2019-06-24 13:53:31 -05:00
Shelby Pace 54aff89563 add requests to create, remove, clean db backups 2019-06-21 16:00:56 -05:00
Shelby Pace e43fc2d921 added skeleton, check method 2019-06-20 14:05:41 -05:00
Wei Chen 8920152eca Add a ZDI reference for CVE-2019-5420 Rails exploit 2019-06-20 10:43:21 -05:00
suzu991154 cdce03f42d fix_os_check 2019-06-03 16:17:23 +09:00
suzu991154 0a6f1d5538 Add support for Windows 10(10240) to CVE-2015-5122 2019-06-01 14:44:30 +09:00
William Vu a0c6035380 Prefer initial slash in normalize_uri 
I missed the indirect call in check. This decides on a style.

If a URI part contains a slash, we begin with a slash.
 2019-05-30 00:08:17 -05:00
William Vu 0b4cc5b547 Update go_go_gadget2 2019-05-22 15:03:44 -05:00
William Vu 6d004862e4 Update go_go_gadget1 2019-05-22 15:03:44 -05:00
William Vu be89a4d9c5 Update exploit method 2019-05-22 15:03:05 -05:00
William Vu f70b3d13a0 Update metadata 2019-05-22 15:03:05 -05:00
William Vu 73aabd1adc Land #11861, WebLogic AsyncResponseService updates 2019-05-22 14:23:45 -05:00
Shelby Pace 0d6008862b Land #11805, add bsd targets to sshexec 2019-05-20 14:16:10 -05:00
Wei Chen 6847fcc199 Update CVE reference and datastore options for WebLogic exploit 2019-05-20 13:10:06 -05:00
bwatters-r7 966582a10c Land #11833, moodle_cmd_exec nil check 
Merge branch 'land-11833' into upstream-master
 2019-05-20 13:08:11 -05:00
William Vu 0328814241 Indent ternary statement in struts2_rest_xstream 2019-05-20 12:35:52 -05:00
Wei Chen ad08c4e56b Land #11828, Add CVE-2017-18357: Shopware Object Instantiation 2019-05-17 18:22:48 -05:00
Wei Chen 9b46e7a347 Normalize PHP payload path 2019-05-17 18:20:59 -05:00
Shelby Pace 730f912fea Land #11802, add GetSimple CMS RCE module 2019-05-16 11:30:21 -05:00
Shelby Pace 6210a28f32 added checks to at, changed some uris 2019-05-15 15:40:27 -05:00
stevenseeley 1df703b85f added some vprint_error calls in the check 2019-05-13 17:36:06 -05:00
stevenseeley e8fec2a77b don't override the check method 2019-05-12 20:08:52 -05:00
h00die 74fbcaf908 moodle_cmd_exec nil check 2019-05-10 14:02:01 -04:00
stevenseeley bca160f4c4 final commit: fixed check method to not print as suggested by @bcoles 2019-05-10 09:45:21 -05:00
stevenseeley 6427cb31bf fixed regex a lil 2019-05-09 22:53:39 -05:00
stevenseeley 5ff8394df0 @bcoles is a purist :p 2019-05-09 22:21:26 -05:00
stevenseeley 7953f85c16 updated error message to be NoAccess 2019-05-09 21:29:48 -05:00
stevenseeley a700fcec5d changed regex as suggested by @bcoles 2019-05-09 21:18:14 -05:00
stevenseeley e769ae5c90 fixed some error conditions, changed regex as suggested by @bcoles 2019-05-09 21:14:54 -05:00
stevenseeley 2ff1adb1be fixed timing of exec 2019-05-09 20:58:14 -05:00
stevenseeley 6ffd1d5e95 updated module to address @bcoles's comments 2019-05-09 20:53:49 -05:00
stevenseeley 65c3163518 updated module credits with original discoverer 2019-05-09 17:35:47 -05:00
stevenseeley ba2baa7652 updated module randomization a little more 2019-05-09 16:14:35 -05:00
stevenseeley 2649fa0d65 added a new line at the end 2019-05-09 15:35:00 -05:00
stevenseeley 9b200840a4 added module for CVE-2017-18357 2019-05-09 15:19:01 -05:00
stevenseeley aaa0dd2532 added module for CVE-2017-18357 2019-05-09 15:17:43 -05:00
stevenseeley 89e3a07518 added module for CVE-2017-18357 2019-05-09 15:08:33 -05:00
William Vu 413929b7f6 Land #11598, Postgres COPY FROM PROGRAM exploit 2019-05-07 01:12:44 -05:00
asoto-r7 f89b0e848f Land PR#11780, exploit/multi/misc/weblogic_deserialize_asyncresponseservice 2019-05-06 15:36:47 -05:00
asoto-r7 abfe4fd2c2 weblogic_deserialize_asyncresponseservice: Added check method, improved exception handling, minimizing XML strings 2019-05-06 15:16:50 -05:00
Cha0s bd349b8a23 Removed Spaces EOL 2019-05-04 23:24:20 -05:00
Cha0s 4bf0adeade Module corrections 
Corrections in: author metadata, references, removing handler, removing unused  code branch and vulnerable variable, improve module description
 2019-05-04 23:11:40 -05:00
Brendan Coles 60fb3b2319 Add BSD target to exploit/multi/ssh/sshexec module 2019-05-02 20:40:14 +00:00
Waqas Ali 48b7f7c904 Update (removed parenthesis) modules/exploits/multi/http/getsimplecms_unauth_code_exec.rb 
(removed parenthesis)

Co-Authored-By: truerandom <masterofdisaster@ciencias.unam.mx>
 2019-05-02 02:03:54 -05:00
Waqas Ali 75c78b761e Update (removed parenthesis) modules/exploits/multi/http/getsimplecms_unauth_code_exec.rb 
(removed parenthesis)

Co-Authored-By: truerandom <masterofdisaster@ciencias.unam.mx>
 2019-05-02 02:03:46 -05:00
Waqas Ali 3a7ebbdc3d Update (removed parenthesis) modules/exploits/multi/http/getsimplecms_unauth_code_exec.rb 
(removed parenthesis)

Co-Authored-By: truerandom <masterofdisaster@ciencias.unam.mx>
 2019-05-02 02:03:26 -05:00