adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

6361 Commits

Author SHA1 Message Date
wchen-r7 f4db90edeb Land #7852, Firefox nsSMILTimeContainer::NotifyTimeChange() rce 2017-01-23 11:56:01 -06:00
wchen-r7 04648888b3 Be conservative and do NormalRanking 2017-01-23 11:55:30 -06:00
Brent Cook f69b4a330e handle Ruby 2.4 Fixnum/Bignum -> Integer deprecations 2017-01-22 10:20:03 -06:00
Gabor Seljan bda464fd6b Increase output 2017-01-21 10:51:58 +01:00
Gabor Seljan e3043b0889 Use random string as egg 2017-01-21 10:28:47 +01:00
Gabor Seljan c47f087c83 Fix check code 2017-01-21 09:39:09 +01:00
William Webb 0eb5342d83 disclosure date 2017-01-20 11:57:50 -06:00
William Webb d8f04ccc18 address msftidy complaints 2017-01-20 11:56:11 -06:00
William Webb fb74b2d8f3 initial commit of finished product 2017-01-20 11:01:36 -06:00
Gabor Seljan 905213cc41 Add module for DiskSavvy Enterprise (EDB-40854) 2017-01-19 20:34:00 +01:00
Gabor Seljan 483865b815 Fix reference 2017-01-11 23:28:23 +01:00
Gabor Seljan 24014d8465 Minor code formatting 2017-01-10 22:59:42 +01:00
wizard32 467a476598 Update websphere_java_deserialize.rb 2017-01-08 13:33:01 +02:00
Gabor Seljan 9162374ae3 Add automatic targeting 2017-01-08 11:23:18 +01:00
Gabor Seljan d2472712f3 Add module for DiskBoss Enterprise (EDB-40869) 2017-01-07 19:44:38 +01:00
wizard32 829f7da7e0 Update websphere_java_deserialize.rb 2017-01-06 18:39:04 +02:00
wizard32 538a1bf21d 'WfsDelay' Option added 
20sec added on 'WfsDelay' Option for first time exploit run due to the delay of powershell to load all the available modules.
 2017-01-06 18:11:48 +02:00
wizard32 c55e2e58f0 'raw_headers' Updated 2017-01-05 15:19:17 +02:00
wizard32 1d82ee0470 'raw_headers' field Updated 2017-01-05 15:17:17 +02:00
wizard32 c29a9ac00f Show Info updated 2017-01-05 14:18:38 +02:00
wizard32 1a38caa230 Encode - Decode code Updated 2017-01-05 13:07:34 +02:00
wizard32 9f4be89391 Update websphere_java_deserialize.rb 
Update information "Options" field
 2017-01-05 12:38:54 +02:00
wizard32 82e49fb27e Update websphere_java_deserialize.rb 2017-01-04 10:23:48 +02:00
wizard32 b06c5bac2f Invalid CVE format and Spaces at EOL fixed 2017-01-03 21:45:22 +02:00
wizard32 0722944b47 Invalid CVE format fixed 2017-01-03 21:38:32 +02:00
wizard32 8534fde50f Websphere Java Deserialization (RCE) 
This module exploits a vulnerability in IBM's WebSphere Application Server. An unsafe deserialization call of unauthenticated Java objects exists to the Apache Commons Collections (ACC) library, which allows remote arbitrary code execution. Authentication is not required in order to exploit this vulnerability.
 2017-01-03 16:04:51 +02:00
wchen-r7 174cd74900 Land #7532, Add bypass UAC local exploit via Event Viewer module 2016-12-01 11:16:49 -06:00
wchen-r7 1e9d80c998 Fix another typo 2016-12-01 11:16:06 -06:00
wchen-r7 b8243b5d10 Fix a typo 2016-12-01 11:15:26 -06:00
OJ 6890e56b30 Remove call to missing function 2016-12-01 07:57:54 +10:00
David Maloney d1be2d735f Land #7578, pdf-shaper exploit 
Land lsato's work on the pdf-shaper buffer overflow
exploit
 2016-11-30 11:13:12 -06:00
OJ 6ae8a2dd2e Remove unused/empty function body 2016-11-21 17:59:49 +10:00
OJ 8c036885bc Fix msftidy issues 2016-11-21 17:23:03 +10:00
OJ e226047457 Merge 'upstream/master' into the bypassuac via eventvwr mod 2016-11-21 17:18:40 +10:00
Brent Cook 005d34991b update architecture 2016-11-20 19:09:33 -06:00
Brent Cook f313389be4 Merge remote-tracking branch 'upstream/master' into land-7507-uuid-arch 2016-11-20 19:08:56 -06:00
Louis Sato 920ecf6fc5 finishing metacoms work for pdf-shaper-bo 2016-11-18 11:36:02 -06:00
wchen-r7 e1ff37f3eb Title change and handling Rex::TimeoutError exception 2016-11-16 16:23:44 -06:00
wchen-r7 7b83720b90 Bring #6638 up to date 2016-11-15 12:27:05 -06:00
wchen-r7 fa9f2b340e def setup isn't needed 2016-11-14 15:52:02 -06:00
wchen-r7 bab07b5691 Bring #7540 up to date 2016-11-14 14:59:21 -06:00
William Webb 4e40546958 Land #7502, Disk Pulse Enterprise Login Buffer Overflow 2016-11-14 10:28:53 -06:00
Chris Higgins 4e9802786c Removed spaces causing build to fail 2016-11-13 21:46:24 -06:00
scriptjunkie 268a72f210 Land #7193 Office DLL hijack module 2016-11-08 23:15:27 -06:00
Yorick Koster 3c1f642c7b Moved PPSX to data/exploits folder 2016-11-08 16:04:46 +01:00
Chris Higgins 099a5984f9 Updated with style suggestions from msftidy and rubocop. 
Also updated with commented from other contributors.
 2016-11-07 10:18:52 -06:00
Chris Higgins 689fc28d1b Added WinaXe 7.7 FTP client Server Ready buffer overflow 2016-11-06 23:35:16 -06:00
OJ 4bf966f695 Add module to bypassuac using eventvwr 
This module was inspired by the work done by Matt Nelson and Matt
Graeber who came up with the method in the first place. This works
nicely on a fully patched Windows 10 at the time of writing.
 2016-11-05 04:41:38 +10:00
OJ 3c57ff5c59 Avoid internal constants for bypassuac file path generation 2016-11-01 01:32:24 +10:00
OJ 6ce7352c45 Revert silly change in applocker bypass 2016-11-01 01:30:54 +10:00