adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

6361 Commits

Author SHA1 Message Date
Tod Beardsley b1223165d4 Trivial grammar fixes 2014-10-14 12:00:50 -05:00
Pedro Ribeiro 4b7a446547 ... and restore use of the complicated socket 2014-10-09 18:30:45 +01:00
Pedro Ribeiro c78651fccc Use numbers for version tracking 2014-10-09 18:29:27 +01:00
Jay Smith 7dd6a4d0d9 Merge in changes from @todb-r7. 2014-10-08 13:25:44 -04:00
jvazquez-r7 411f6c8b2d Land #3793, @mfadzilr's exploit for CVE-2014-6287, HFS remote code execution 2014-10-08 12:16:09 -05:00
jvazquez-r7 98b69e095c Use %TEMP% and update ranking 2014-10-08 12:12:00 -05:00
jvazquez-r7 d90fe4f724 Improve check method 2014-10-08 12:03:16 -05:00
jvazquez-r7 25344aeb6a Change filename 2014-10-08 11:55:33 -05:00
jvazquez-r7 909f88680b Make exploit aggressive 2014-10-08 11:08:01 -05:00
jvazquez-r7 d02f0dc4b9 Make minor cleanup 2014-10-08 10:36:56 -05:00
jvazquez-r7 d913bf1c35 Fix metadata 2014-10-08 10:29:59 -05:00
Pedro Ribeiro 0a9795216a Add OSVDB id and full disclosure URL 2014-10-08 08:25:41 +01:00
Pedro Ribeiro d328b2c29d Add exploit for Track-It! file upload vuln 2014-10-07 23:50:10 +01:00
James Lee a65ee6cf30 Land #3373, recog 
Conflicts:
	Gemfile
	Gemfile.lock
	data/js/detect/os.js
	lib/msf/core/exploit/remote/browser_exploit_server.rb
	modules/exploits/android/browser/webview_addjavascriptinterface.rb
 2014-10-03 18:05:58 -05:00
sinn3r b17396931f Fixes #3876 - Move pxeexploit to local directory 2014-09-30 17:16:13 -05:00
Meatballs d5959d6bd6 Land #2585, Refactor Bypassuac with Runas Mixin 2014-09-28 09:24:22 +01:00
sinn3r 11b9a8a6ae Land #3814 - Advantech WebAccess dvs.ocx GetColor BoF 2014-09-23 15:06:21 -05:00
jvazquez-r7 b021ff4399 Add noche tags 2014-09-23 13:11:06 -05:00
jvazquez-r7 5c6236e874 Fix rop chain to allow VirtualAlloc when end of stack is too close 2014-09-23 13:08:26 -05:00
sinn3r 31ecbfdc4e Land #3756 - EMC AlphaStor Device Manager Opcode 0x75 Command Injection 2014-09-23 12:57:46 -05:00
mfadzilr a2a2ca550e add test result on different windows version 2014-09-20 20:06:30 +08:00
mfadzilr dd71c666dc added osvdb reference and software download url, use FileDropper method 
for cleanup
 2014-09-20 15:31:28 +08:00
mfadzilr 19ed594e98 using FileDropper method for cleanup 2014-09-20 10:52:21 +08:00
mfadzilr 677d035ce8 added proper regex for check function 
add comment for changed code
 2014-09-19 11:30:51 +08:00
jvazquez-r7 64ac1e6b26 Rand padding 2014-09-17 08:09:09 -05:00
jvazquez-r7 e593a4c898 Add comment about gadgets origin 2014-09-16 16:38:03 -05:00
jvazquez-r7 80f02c2a05 Make module ready to go 2014-09-16 15:18:11 -05:00
mfadzilr 978803e9d8 add proper regex 2014-09-16 21:49:02 +08:00
mfadzilr 783b03efb6 change line 84 as mubix advice, update disclosure date according to 
bugtraq security list.
 2014-09-15 17:21:05 +08:00
mfadzilr 9860ed340e run msftidy, make correction for CVE format and space at EOL (line 77) 2014-09-15 13:13:25 +08:00
mfadzilr f1d3c44f4f exploit module for HTTP File Server version 2.3b, exploiting HFS scripting commands 'save' and 'exec'. 2014-09-15 12:59:27 +08:00
mfadzilr 74ef83812a update module vulnerability information 2014-09-15 01:43:18 +08:00
mfadzilr 8b4b66fcaa initial test 2014-09-14 12:26:02 +08:00
jvazquez-r7 3a6066792d Work in rop chain... 2014-09-13 17:38:19 -05:00
jvazquez-r7 e2ef927177 Add first version for ZDI-14-255 2014-09-12 08:57:54 -05:00
sinn3r 0a6ce1f305 Land #3727 - SolarWinds Storage Manager exploit AND Msf::Payload::JSP 2014-09-09 17:21:03 -05:00
jvazquez-r7 df278dd2dc Conver to exploit 2014-09-05 14:47:33 -05:00
jvazquez-r7 d4a8b7e00d Move to exploits 2014-09-05 10:38:28 -05:00
jvazquez-r7 d041ee6629 Delete exploit modules from this branch 2014-09-05 10:29:24 -05:00
jvazquez-r7 f063dcf0f4 Land #3741, @pedrib's module for CVE-2014-5005 Desktop Central file upload 2014-09-04 15:44:21 -05:00
jvazquez-r7 f466b112df Minor cleaning on check 2014-09-04 15:43:59 -05:00
jvazquez-r7 74b8e8eb40 Change module filename 2014-09-04 15:39:34 -05:00
jvazquez-r7 7563c0bd0e Use Gem::Version 2014-09-04 14:40:13 -05:00
jvazquez-r7 2615a7a3be Favor \&\& and || operands 2014-09-04 14:35:37 -05:00
Pedro Ribeiro f0e3fa18a3 Restore the original filename 2014-09-03 21:32:05 +01:00
Pedro Ribeiro d69049008c Refactor and rename desktopcentra_file_upload 
- Rewrite check method
- Declare that v7 is also exploitable (tested and it works)
- Rename to dc_agentlogupload_file_upload to match the other DC module's naming convention
- Add CVE / OSVDB / Full disclosure references
 2014-09-02 23:12:33 +01:00
Pedro Ribeiro 05856016c9 Add exploit for CVE-2014-5005 2014-09-02 23:09:10 +01:00
jvazquez-r7 8b1791da22 Modify modules to keep old behavior 2014-08-31 01:18:53 -05:00
Spencer McIntyre 1cdf1c2c6e Land #3709, @nnam's wing ftp admin console cmd exec 2014-08-29 13:46:01 -04:00
Spencer McIntyre 8095b4893c Rename and apply rubocop style to wing_ftp_admin_exec 2014-08-29 13:42:11 -04:00