adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

13654 Commits

Author SHA1 Message Date
Quentin Kaiser cbcc2f2088 Moved to Cmdstager. 2019-03-28 11:03:01 +01:00
p0w1 1e0ab44033 Fix Space EOL 2019-03-28 10:56:59 +01:00
p0w1 0470e76f45 Fix Code Style 2019-03-28 10:56:12 +01:00
Quentin Kaiser a9fcd13257 Removed unnecessary includes. 2019-03-28 10:53:07 +01:00
Quentin Kaiser 1a564a6f70 Uppercase words. 2019-03-28 10:49:10 +01:00
Quentin Kaiser 7794cc0234 No need for parenthesis. 2019-03-28 10:48:38 +01:00
Quentin Kaiser fbaebc14be Shrink to oneliner. 2019-03-28 10:45:17 +01:00
Quentin Kaiser cef8dc2fa2 << is preferred. 2019-03-28 10:42:33 +01:00
p0w1 430c2f42b1 Fix Code Style 2019-03-28 10:03:11 +01:00
Wei Chen 927d20cb95 Land #11592, Add CMS Made Simple (CMSMS) Showtime2 File Upload RCE 2019-03-27 15:21:07 -05:00
Wei Chen 38bdccb91a Use instance variables instead of datastore options 2019-03-27 15:17:32 -05:00
fabiocogno fdb1f4adea Update cmsms_showtime2_rce.rb 
Fix to CSRF Token stealing function for older versions of CMSMS
 2019-03-27 20:09:14 +01:00
p0w1 19324ee6b9 Fix EOL 2019-03-27 17:13:54 +01:00
p0w1 6175870c55 Style Fixes 2019-03-27 17:12:08 +01:00
Quentin Kaiser de6f49305c Correct disclosure date format. 2019-03-27 14:22:37 +01:00
Quentin Kaiser 6fde3ea566 These files have nothing to do here. 2019-03-27 14:20:34 +01:00
Quentin Kaiser ed7d9a10ac Release of Awindinc SNMP exploit. 2019-03-27 14:13:36 +01:00
Jacob 592cc6cc2d Update postgres_copy_from_program_cmd_exec.rb 2019-03-27 10:40:14 +00:00
p0w1 b95b8988ad Remove Space at EOL 2019-03-27 11:20:53 +01:00
p0w1 ee50471bb5 Fix check function 2019-03-27 11:12:07 +01:00
p0w1 5fd5725a34 Added RCE Exploit for logistcs software 2019-03-27 10:23:49 +01:00
asoto-r7 399532154d Fix a git snafu when landing #11131 
While landing PR #11131, I tripped over my own shoelaces and overwrote `weblogic_deserialize_rawobject.rb` with `weblogic_deserialize_unicastref.rb`, destroying my changes and introducing a great deal of confusion.

This PR gets us back to where we should have been, with #11131 landed and a few changes to add randomization and expanding on the T3 protocol.
 2019-03-26 17:54:37 -05:00
asoto-r7 26b67bbf91 Fix two-byte error, add randomization, T3 notes from @acamro 2019-03-26 16:45:17 -05:00
asoto-r7 5f5d475c2e Add expected traceback error to documentation 2019-03-26 16:44:45 -05:00
asoto-r7 f9361324bd Merge branch 'weblogic_serialize_rawobject' of git://github.com/acamro/metasploit-framework into acamro-weblogic_serialize_rawobject 2019-03-26 16:38:27 -05:00
Jacob 3c66b4fad2 Update postgres_copy_from_program_cmd_exec.rb 2019-03-26 20:22:55 +00:00
Jacob 242f48744e Update postgres_copy_from_program_cmd_exec.rb 2019-03-26 20:18:50 +00:00
Brendan Coles d9fc7af68e Fix version detection 2019-03-26 20:17:34 +00:00
Jacob 4ef10013db COMMAND removed 2019-03-26 18:59:52 +00:00
Jacob 0d6cbc90c5 Update postgres_copy_from_program_cmd_exec.rb 2019-03-26 18:54:20 +00:00
Shelby Pace d185e8a018 indentation fix 2019-03-25 14:54:46 -05:00
Shelby Pace 3a8b09f08e added checks on scan method 2019-03-25 14:48:19 -05:00
Shelby Pace 59f5c291c9 removed spare spaces and modified some indentation 2019-03-25 14:25:09 -05:00
Jacob 91e869a970 Update postgres_copy_from_program_cmd_exec.rb 2019-03-24 22:48:42 +00:00
Jacob 3b0f399730 Update postgres_copy_from_program_cmd_exec.rb 2019-03-24 22:44:31 +00:00
Quentin Kaiser 9baaedce4e Indicate potential DoS in description. Define exploit stance explicitly. 2019-03-24 22:29:07 +01:00
Quentin Kaiser 5c048e7cd6 CISCO-SA not supported. 2019-03-24 22:20:31 +01:00
bcoles 55939a64a0 Update modules/exploits/multi/postgres/postgres_copy_from_program_cmd_exec.rb 
Co-Authored-By: Greenwolf <48361984+Greenwolf@users.noreply.github.com>
 2019-03-24 19:32:29 +00:00
Jacob 74464a2087 Update postgres_copy_from_program_cmd_exec.rb 2019-03-24 18:17:43 +00:00
Quentin Kaiser be73f56610 Only got researchers name, no email. 2019-03-24 17:50:31 +01:00
Quentin Kaiser 4451225da7 Add httpd service reloading. 2019-03-24 17:49:55 +01:00
Jacob 3c0a9d0748 Update postgres_copy_from_program_cmd_exec.rb 2019-03-24 15:37:10 +00:00
bcoles f14b213725 Update modules/exploits/multi/postgres/postgres_copy_from_program_cmd_exec.rb 
Co-Authored-By: Greenwolf <48361984+Greenwolf@users.noreply.github.com>
 2019-03-24 15:36:25 +00:00
Jacob 27b3717add Update postgres_copy_from_program_cmd_exec.rb 2019-03-24 15:35:59 +00:00
bcoles 5e470a538d return unless res 2019-03-23 19:38:14 +11:00
Brendan Coles ccc8d9cdab return unless res 2019-03-23 08:51:25 +00:00
Quentin Kaiser 5562af39d3 Use CmdStager instead of hardcoded wget command. 2019-03-22 20:10:29 +01:00
wilfried 8853d6d5b5 Adding documentation + cleaning files from the exploit 2019-03-22 17:37:04 +01:00
Quentin Kaiser ef2c4310a4 Exploit for CVE-2019-1663 on Cisco RV130(W). 2019-03-22 17:34:12 +01:00
bcoles 567be6fa11 Update modules/exploits/multi/postgres/postgres_copy_from_program_cmd_exec.rb 
Co-Authored-By: Greenwolf <48361984+Greenwolf@users.noreply.github.com>
 2019-03-22 11:18:07 +00:00