adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

1005 Commits

Author SHA1 Message Date
James Lee d46c3a1d8c Collector looks like hex, store it as a string 2016-07-29 21:57:51 -05:00
Brent Cook b08d1ad8d8 Revert "Land #6812, remove broken OSVDB references" 
This reverts commit 2b016e0216, reversing
changes made to 7b1d9596c7.
 2016-07-15 12:00:31 -05:00
Brent Cook 2b016e0216 Land #6812, remove broken OSVDB references 2016-07-11 22:59:11 -05:00
wchen-r7 14adcce8bf Missed the HTTPUSERNAME fix 2016-05-27 18:37:04 -05:00
wchen-r7 61f9cc360b Correct casing - should be HttpUsername and HttpPassword 2016-05-27 18:31:54 -05:00
wchen-r7 4dcddb2399 Fix #4885, Support basic and form auth at the same time 
When a module uses the HttpClient mixin but registers the USERNAME
and PASSWORD datastore options in order to perform a form auth,
it ruins the ability to also perform a basic auth (sometimes it's
possible to see both). To avoid option naming conflicts, basic auth
options are now HTTPUSERNAME and HTTPPASSWORD.

Fix #4885
 2016-05-27 16:25:42 -05:00
wchen-r7 99a573a013 Do unless instead "if !" to follow the Ruby guideline 2016-05-19 19:21:45 -05:00
Vex Woo b5284375a7 osb_uname_jlist - NoMethodError undefined method 'empty?' for nil:NilClass 2016-05-18 00:16:53 -05:00
Vex Woo 11fedd7353 ca_totaldefense_regeneratereports - NoMethodError undefined method 'empty?' for nil:NilClass 2016-05-18 00:15:28 -05:00
wchen-r7 816bc91e45 Resolve #6807, remove all OSVDB references. 
OSVDB is no longer a vulnerability database, therefore all the
references linked to it are invalid.

Resolve #6807
 2016-04-23 12:32:34 -05:00
Brent Cook 57cb8e49a2 remove overwritten keys from hashes 2016-04-20 07:43:57 -04:00
wchen-r7 f3336c7003 Update windows/http/easyfilesharing_seh 2016-03-31 19:24:06 -05:00
wchen-r7 dd83757966 Bring #6488 up to date with upstream-master 2016-03-31 19:11:11 -05:00
l0gan e29fc5987f Add missing stream.raw for hp_sitescope_dns_tool 
This adds the missing stream.raw.
 2016-03-15 11:06:06 -05:00
Christian Mehlmauer 3123175ac7 use MetasploitModule as a class name 2016-03-08 14:02:44 +01:00
Brent Cook f703fa21d6 Revert "change Metasploit3 class names" 
This reverts commit 666ae14259.
 2016-03-07 13:19:55 -06:00
Brent Cook 44990e9721 Revert "change Metasploit4 class names" 
This reverts commit 3da9535e22.
 2016-03-07 13:19:48 -06:00
Christian Mehlmauer 3da9535e22 change Metasploit4 class names 2016-03-07 09:57:22 +01:00
Christian Mehlmauer 666ae14259 change Metasploit3 class names 2016-03-07 09:56:58 +01:00
wchen-r7 7731fbf48f Land #6530, NETGEAR ProSafe Network Management System 300 File Upload 2016-02-26 10:39:09 -06:00
Pedro Ribeiro 044b12d3a4 Made style changes requested by OJ and others 2016-02-23 15:14:04 +07:00
Starwarsfan2099 ffce1cc321 Update easyfilesharing_seh.rb 2016-02-15 22:43:28 -05:00
Brent Cook 3d1861b3f4 Land #6526, integrate {peer} string into logging by default 2016-02-15 15:19:26 -06:00
wchen-r7 8a3bc83c4d Resolve #6553, remove unnecessary content-length header 
Rex will always generate a content-length header, so the module
doesn't have to do this anymore.

Resolve #6553
 2016-02-09 21:25:56 -06:00
Pedro Ribeiro 1f4324f686 Create file for CERT VU 777024 2016-02-04 07:54:16 +08:00
James Lee 12256a6423 Remove now-redundant peer 
These all include either Msf::Exploit::Remote:Tcp or Msf::Exploit::Remote:HttpClient
 2016-02-01 15:12:03 -06:00
Starwarsfan2099 45c88d3189 Create easyfilesharing_seh.rb 2016-01-22 13:04:03 -05:00
Jon Hart 283cf5b869 Update msftidy to catch more potential URL vs PACKETSTORM warnings 
Fix the affected modules
 2015-12-24 09:12:24 -08:00
Tod Beardsley b25aae3602 Add refs to module 
See rapid7#6344.
 2015-12-14 12:05:46 -06:00
wchen-r7 5ffc80dc20 Add ManageEngine ConnectionId Arbitrary File Upload Vulnerability 2015-12-14 10:51:59 -06:00
jvazquez-r7 0f24ca7d13 Land #6280, @wchen-r7's module for Oracle Beehive processEvaluation Vulnerability 2015-12-01 21:38:09 -06:00
wchen-r7 ea363dd495 priv to true 2015-12-01 10:23:36 -06:00
wchen-r7 2621753417 priv to true 2015-12-01 10:21:56 -06:00
wchen-r7 d5d4a4acdc Register the correct jsp to cleanup 2015-12-01 10:21:15 -06:00
wchen-r7 4e2eb7ca65 Add Oracle Beehive processEvaluation Vulnerability 2015-11-24 19:17:57 -06:00
wchen-r7 8ea0a864db Add a reference for patching 2015-11-10 23:32:22 -06:00
wchen-r7 66f3582991 Add Oracle Beehive prepareAudioToPlay Exploit Module 2015-11-10 23:05:11 -06:00
Jon Hart 43229c16e7 Correct some authors with unbalanced angle brackets 2015-11-06 13:24:58 -08:00
wchen-r7 154fb585f4 Remove bad references (dead links) 
These links are no longer available. They are dead links.
 2015-10-27 12:41:32 -05:00
Boumediene Kaddour e188bce4c9 Update minishare_get_overflow.rb 2015-10-21 16:48:31 +02:00
xistence b1f2e40b98 Add CVE/URL references to module manage_engine_opmanager_rce 2015-10-16 10:36:13 +07:00
HD Moore d67b55d195 Fix autofilter values for aggressive modules 2015-10-13 15:56:18 -07:00
Tod Beardsley 94bb94d33a Working URL for real 2015-10-09 15:07:44 -05:00
Tod Beardsley b04f947272 Fix blog post date, derp 2015-10-09 14:59:57 -05:00
Tod Beardsley 55ef6ebe91 HP SiteScope vuln, R7-2015-17 
On behalf of @l0gan, already reviewed once by @jvazquez-r7, reviewed
again by me.

For details, see:

https://community.rapid7.com/community/metasploit/blog/2017/10/09/r7-2015-17-hp-sitescope-dns-tool-command-injection
 2015-10-09 14:55:48 -05:00
Pedro Ribeiro cbbeef0f53 Update kaseya_uploader.rb 2015-10-02 13:20:59 +01:00
jvazquez-r7 a88a6c5580 Add WebPges to the paths 2015-10-01 13:22:56 -05:00
jvazquez-r7 f9a9a45cf8 Do code cleanup 2015-10-01 13:20:40 -05:00
Pedro Ribeiro 61c922c24d Create kaseya_uploader.rb 2015-09-29 11:56:34 +01:00
jvazquez-r7 37d42428bc Land #5980, @xistence exploit for ManageEngine OpManager 2015-09-16 13:19:49 -05:00