adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

1005 Commits

Author SHA1 Message Date
Brent Cook 8489bcdfd9 This fixes broken links to the community.rapid7.com blog 
Performed mechanically with sed, spot-checked that the new blog can consume these links.
 2020-02-18 09:06:11 -06:00
Brendan Coles 326fd26219 Check for nil response due to connection failure 2020-01-05 21:39:34 +00:00
dwelch-r7 951fd7b93e Replace double quotes with single quotes 2019-10-08 11:44:41 +01:00
dwelch-r7 25937c9e35 Use uri param and clean up logging 2019-10-07 17:15:04 +01:00
dwelch-r7 4eb068c9b0 Update target 2019-10-07 15:25:27 +01:00
dwelch-r7 02376c88fe Use httpclient over tcpclient 2019-10-07 15:20:30 +01:00
dwelch-r7 b723d026ab Address code review comments 
Use strings in info hash, port is an integer, remove version number from
name
 2019-10-06 15:27:29 +01:00
dwelch-r7 06661df510 Make rubocop happy 2019-10-04 15:12:51 +01:00
dwelch-r7 938c3a0e76 Add module docs 2019-10-03 23:22:21 +01:00
dwelch-r7 e13463eb7c remove default exit func 2019-10-03 16:24:29 +01:00
dwelch-r7 c8c4d8ad77 Add new bad char 2019-10-03 15:46:26 +01:00
dwelch-r7 20d21b45de Move module location 2019-10-02 16:08:54 +01:00
William Vu 32334c2386 Update all module splats from http:// to https:// 2019-08-15 18:10:44 -05:00
Adam Cammack cf9b94a964 Set needs_cleanup flag for exploits that need it 
The `needs_cleanup` flag needs to be set per-module when an exploit
needs an interactive session to clean up. Some `FileDropper` exploits
need additional cleanup to what the mixin provides, but since all
`FileDropper`s already mark themselves as needing cleanup those are not
covered here. A few of these could potentially be refactored to use the
original exploitation method to clean up or to compile the list of
files/commands to clean up ahead of time, but that is out of the scope
of this fix.
 2019-08-02 10:23:53 -05:00
Adam Cammack 5e64f8560a Fix whitespace 2019-08-02 10:23:41 -05:00
Jacob Robles bbf0cb4d9d Land #11653, Apache Tika CVE-2018-1335 RCE 2019-08-01 17:43:57 -05:00
h00die 060183c034 tika 1.15-1.17 2019-07-30 16:55:06 -04:00
h00die f053768801 restrict tika versions 2019-07-30 07:32:30 -04:00
Jacob Robles efc61a4934 Use cmdstager 2019-06-26 10:15:25 -05:00
Jacob Robles 7c3e566a23 Update check 
Handle nil error code and fix version extraction based
on both of the possible Apache Tika return pages.
 2019-06-26 10:15:25 -05:00
Wei Chen 2fb129ad41 Allow check in exploit to be optional 2019-06-25 17:13:55 -05:00
Wei Chen 16cfd3f4ac Fix typos 2019-06-18 15:49:40 -05:00
Wei Chen 585a4340b2 Add exploit for CVE-2019-0232: Apache Tomcat CGIServlet RCE 2019-06-18 15:28:11 -05:00
Wei Chen fcd360891f Check #attributes for nil, and make sure target is oats console 2019-05-24 10:06:47 -05:00
Wei Chen 388a391b9a Update oats_weblogic_console and its doc 2019-05-22 15:14:17 -05:00
Wei Chen 6cd943e0ce Sometimes attributes could be nil if hitting an unexpected page 2019-05-20 10:48:29 -05:00
Wei Chen 5a46fdf535 Find frsc value from hidden input instead of using rkelly (js) 2019-05-18 19:25:44 -05:00
Wei Chen 592b8302ab Make sure to calls super for setup, also update doc for output 2019-05-18 18:08:25 -05:00
Wei Chen c2567f2ee3 Fix bug on cleanup ready status & more verbose 2019-05-18 17:50:29 -05:00
Wei Chen 40d4b3dfd3 Add doc and update the module title 2019-05-16 16:31:25 -05:00
Wei Chen 39b8dce342 Update the description 2019-05-16 16:25:23 -05:00
Wei Chen 27554cf19a Add the completed version of oats_weblogic_console.rb 2019-05-16 16:24:31 -05:00
Wei Chen 03dbb2fc2c Work in progress for oats_weblogic_console 2019-05-10 13:27:08 -05:00
William Vu 496f270b30 Update use_single_quotes to wrap_double_quotes 2019-03-29 18:14:56 -05:00
h00die ff5b790028 apache tika exploit msftidy 2019-03-28 22:07:01 -04:00
h00die dc33998374 apache tika exploit 2019-03-28 22:05:05 -04:00
William Vu b7bc52d20b Fix HTTP/SMB mixin order to restore SSL option 
Mixin order matters. Mixins kinda suck.
 2019-01-29 11:09:34 -06:00
Wei Chen 27d6fffdad Land #11125, Import/generate ysoserial Java serialization objects 2019-01-15 17:09:56 -06:00
William Vu e9a8d5708a Land #11234, @bcoles revisionism 2019-01-11 20:15:34 -06:00
Brendan Coles 24f807490f revisionism 2019-01-10 19:19:14 +00:00
Jacob Robles 0c984fa232 Fix messages /successfuly/successfully 2019-01-09 06:32:22 -06:00
asoto-r7 60f3cfbb79 ysoserial: Cleaned up ysoserial payload in hp_imc_java_deserialize 2018-12-18 15:17:51 -06:00
asoto-r7 cd2dbf0edf ysoserial: Modified hp_imc_java_deserialize to use the library 2018-12-14 16:13:17 -06:00
asoto-r7 0f82b207c4 hp_imc_java_deserialize: Repro steps for JSONSS ysoserial payload sections 2018-12-03 17:03:04 -06:00
asoto-r7 3f930ff141 hp_imc_java_deserialize: Default WfsDelay to 10 seconds to increase reliability 2018-12-03 16:36:37 -06:00
Carsten Maartmann-Moe cbdcd367ee Minor print out mod 2018-11-16 20:31:34 +01:00
Brendan Coles 6f094799b6 Update modules/exploits/windows/http/hp_imc_java_deserialize.rb 
Print payload length

Co-Authored-By: carmaa <carsten@carmaa.com>
 2018-11-16 20:20:52 +01:00
Brendan Coles 709befea5c Update modules/exploits/windows/http/hp_imc_java_deserialize.rb 
Fixed if/else block return

Co-Authored-By: carmaa <carsten@carmaa.com>
 2018-11-16 20:19:23 +01:00
Carsten Maartmann-Moe 680393d4d6 Refined check method to actually verify vulnerability 2018-11-15 22:31:31 +01:00
Carsten Maartmann-Moe 541283a4dd Tidied up set_payload 2018-11-12 20:45:49 +01:00