adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

13654 Commits

Author SHA1 Message Date
Benjamin 9d0b434f35 Initial commit Cisco RV320 and RV325 remote code execution 2019-02-25 15:51:05 +01:00
bcoles 9249f2a119 Update modules/exploits/unix/webapp/drupal_sa_core_2019_003.rb 
Co-Authored-By: rotemreiss <reiss.r@gmail.com>
 2019-02-25 08:53:19 -05:00
bcoles 8912c1a943 Update modules/exploits/unix/webapp/drupal_sa_core_2019_003.rb 
Co-Authored-By: rotemreiss <reiss.r@gmail.com>
 2019-02-25 08:53:02 -05:00
bcoles d279e092cb Update modules/exploits/unix/webapp/drupal_sa_core_2019_003.rb 
Co-Authored-By: rotemreiss <reiss.r@gmail.com>
 2019-02-25 08:46:30 -05:00
rotemreiss eabd0b485c Update ranking 2019-02-25 08:08:06 -05:00
rotemreiss e93dffb32c Add new exploit for Drupal SA-CORE-2019-003 2019-02-25 07:57:04 -05:00
Nicholas Starke 7c7a233d67 Addressing PR Comments 2019-02-23 14:41:11 -06:00
Nicholas Starke 6bd1489f62 Adding version checking to wemo module 
Addresses Github Issue 11452 by parsing out the version
information returned in /setup.xml. New code then performs
a version check, and then alerts the user to whether or not
it is likely the remote host is vulnerable given that version
check.
 2019-02-23 12:06:57 -06:00
William Vu fc9245fa66 Fix author names in a couple modules 
It me.
 2019-02-22 17:02:15 -06:00
William Vu 194881a8b2 Add NOCVE 2019-02-22 13:26:53 -06:00
William Vu c76714ccc6 Add Reliability REPEATABLE_SESSION to Wemo exploit 
Notes copied from auxiliary/admin/wemo/crockpot where it didn't apply.
 2019-02-22 13:11:59 -06:00
Jacob Robles 5214b90fdf Land #11292, Add exploit for Nuuo CMS SQL injection 2019-02-21 11:05:53 -06:00
Jacob Robles 1cd7dc8bc9 Update rank, add note 2019-02-21 10:12:02 -06:00
Jacob Robles 696640a340 Timeout and cleanup files 2019-02-21 06:48:10 -06:00
Jacob Robles 4a4637d7a3 Move execute shell 2019-02-21 06:48:09 -06:00
asoto-r7 efba6d2d9c Reverse engineered JSOs 2019-02-20 16:45:47 -06:00
terrorbyte 449307c7df Additional style fixes 2019-02-20 15:33:33 -06:00
terrorbyte 364460a787 Fixed heredoc and advanced options casing. 2019-02-20 14:42:56 -06:00
asoto-r7 0f9a796d2f Reverse engineered JSOs, used new ysoserial functionality 2019-02-20 14:28:09 -06:00
asoto-r7 5f84cbc078 Reverse engineered JSOs, used new ysoserial functionality 2019-02-20 14:12:24 -06:00
Jacob Robles 1acc565335 Land #11290, Add Nuuo CMS file upload exploit 2019-02-20 07:43:37 -06:00
William Vu 0c8b260737 Revert ARCH_CMD payload to cmd/unix/generic 
There is no telnetd, so cmd/unix/bind_busybox_telnetd won't work.
 2019-02-19 13:23:25 -06:00
Jacob Robles 73048edd97 Minor updates 
exploit:nuuo_cms_sqli
 2019-02-19 12:26:31 -06:00
William Vu bad53aeaf1 Genericize exploit (less Crock-Pot verbiage) 2019-02-19 12:13:08 -06:00
Jacob Robles 2b71410807 Minor updates 
exploit:nuuo_cms_fu
 2019-02-19 12:11:50 -06:00
terrorbyte 99ae0d125f Added systemd lower privlege service persistence 
Update the module to support systemd --user as a target for the
service_persistence module. This creates a file in a set of "supported"
local directories and triggers the systemctl calls with --user. The unit
files in question can be seen documented in systemd.unit(5)
 2019-02-15 15:04:03 -06:00
William Vu 1be838d1fd Add Belkin Wemo UPnP RCE (tested on Crock-Pot) 2019-02-14 12:45:36 -06:00
rwincey a0b5291c30 Space slipped in 2019-02-13 10:25:21 -05:00
rwincey e716c24f2d Style police :P 2019-02-13 00:35:54 -05:00
Zack Flack 42fa436940 apply rubocop fixes, remove unless statements 2019-02-12 20:25:58 +08:00
Zack Flack 16628806e1 generate relative path to /etc/passwd 2019-02-12 18:43:15 +08:00
rwincey b55fdc7323 Minor updates 2019-02-11 21:39:43 -05:00
Wei Chen c5bff76dc7 Cosmetic changes for office_exel_slk module and documentation 2019-02-11 12:37:17 -06:00
Wei Chen 18afc8f546 Bring PR 11249 up to date with upstream master 2019-02-11 12:19:21 -06:00
Ziconius b49b7ca9db Remove unneeded require 2019-02-11 11:24:04 -05:00
Zack Flack 5fde493add refactor version check, reduce verbosity 2019-02-11 23:50:09 +08:00
Ziconius 08e1f86390 Add Webmin 1900 Remote Code Exec Module 
Adding Webmin RCE module affecting Webmin <= 1.900. Module attempts to
use the Running Processes (proc) permission to determine upload dir,
if the permission is not set the module fails. The user can attempt the
exploit without this permission by setting the 'GUESSUPLOAD' opt to
true.

The default path is in an array of 1 to allow for other OS/Version
default paths to be added in future.
 2019-02-11 10:45:03 -05:00
rwincey f1675cddad Documentation 2019-02-10 23:16:45 -05:00
rwincey ced3ad0bfd BMC Patrol CMD Exec Module 2019-02-10 22:26:24 -05:00
Zack Flack 92063560eb add version check, tweak payload execution for aix 2019-02-10 23:33:24 +08:00
Imran E. Dawoodjee 6d0797986b PowerShell check less strict, updated docs. 2019-02-10 14:26:13 +08:00
Tim W f589db6831 Land #11152, add macOS adobe flash player type confusion RCE 2019-02-09 18:46:48 +08:00
Tim W 5c1f4a4703 fix include -> include? 2019-02-09 18:46:35 +08:00
Wei Chen a380bb6df1 Land #11239, Add check for writable and nosuid WritableDir 2019-02-08 19:14:54 -06:00
Wei Chen 18a4af1d1d Land #11279, improve imap_open exploit to be more robust 2019-02-08 18:28:08 -06:00
Brent Cook 5fc7167beb Merge remote-tracking branch 'upstream/master' into land-10812- 2019-02-07 09:31:02 -06:00
Wei Chen 3a12592976 Land #11072, Add nuuo_nvrmini_upgrade_rce 2019-02-06 22:30:45 -06:00
Wei Chen c8d79cb7c0 Make minor changes for nuuo module 2019-02-06 22:26:31 -06:00
Pearce Barry 0dbad5d2e3 Land #11349, Add Evince CBT File Command Injection module 2019-02-06 17:54:07 -06:00
Zack Flack 619d51c768 add inital port of perl exploit 2019-02-06 19:42:40 +08:00