adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

13654 Commits

Author SHA1 Message Date
bwatters-r7 cfcb77afd0 Rename to please msftidy 2018-07-12 17:41:06 -05:00
William Vu 3546286049 Add missed ARCH_CMD to top-level Arch array 
It's not necessary because of targets, but it's required for printing.
 2018-07-12 17:37:06 -05:00
asoto-r7 1a3a4ef5e4 Revised 88 aux and exploit modules to add CVEs / references 2018-07-12 17:34:52 -05:00
bwatters-r7 156b822401 First stab at cve-2018-8897 2018-07-12 17:31:53 -05:00
Brendan Coles 4b62f41369 Add QNAP Q'Center change_passwd Command Execution exploit 2018-07-12 20:00:17 +00:00
Brendan Coles 904de2dd09 Land #10238, Add ManageEngine Exchange Reporter Plus RCE exploit 2018-07-12 16:07:32 +00:00
Kacper Szurek 486225c2a8 Code review changes 
Use target_uri, split url inside normalize function, replace print with vprint, return CheckCode::Appears
 2018-07-12 14:27:28 +02:00
William Vu acb20e5a29 Land #9780, CouchDB auth bypass and RCE 2018-07-12 03:36:17 -05:00
William Vu f53080ee60 Fix exploit and do final cleanup 2018-07-12 02:13:30 -05:00
William Vu 167745c124 Selectively add RuboCop fixes 2018-07-11 22:49:46 -05:00
William Vu ccc3267166 Correct rubocop -a 
We'll update .rubocop.yml later.
 2018-07-11 22:49:46 -05:00
William Vu ca5e496b8f Run rubocop -a 2018-07-11 21:40:19 -05:00
Shelby Pace 1ded8ffb29 Land #10260, Add phpMyAdmin v4.8.1/4.8.0 LFI RCE 2018-07-11 11:10:52 -05:00
Erin Bleiweiss ef3ea2dd44 Land #10280, Use default CheckCode in ETERNALBLUE 2018-07-10 17:39:42 -05:00
Shelby Pace 10cd6c99d9 Land #10231, Monstra Fileupload Exec 2018-07-10 14:23:15 -05:00
Shelby Pace 07dca243ff changed grammar, removed redundant code 2018-07-10 14:13:57 -05:00
Brent Cook 1af360d7e0 Land #10108, add IBM QRadar SIEM exploit 2018-07-10 11:52:32 -05:00
Shelby Pace 171fa562a3 added parsing for repos in Gitlist source 2018-07-10 11:32:46 -05:00
William Vu f64c9588e9 Undefine check method and let the base class do it 
Preserve the to-do without rewording - should be enough.
 2018-07-10 11:05:00 -05:00
Adam Cammack 1fddbdb8ef Specify the command option external modules 2018-07-10 10:24:07 -05:00
William Vu 533d87efa4 Return CheckCode::Unsupported in ETERNALBLUE 
Defining a check method in the module overrides it.
 2018-07-09 16:01:24 -05:00
Shelby Pace 5776b64a1b modified exploit 2018-07-09 13:56:33 -05:00
Shelby Pace f5e40b14a3 removed double eval as suggested 2018-07-09 13:24:31 -05:00
Jacob Robles 4f039de2fc Fix CVE numbers 2018-07-09 13:22:08 -05:00
flandini 7d8a95de9f Fixed requested changes for PR 2018-07-09 12:44:38 -05:00
Shelby Pace 44b9798afb modified regex, id=filesmanager lines 2018-07-09 10:55:29 -05:00
Jacob Robles bf24ce847a Fix token issues 2018-07-09 09:29:11 -05:00
Touhid M Shaikh bc33078e01 fixed comma 
fixed comma
 2018-07-09 12:27:58 +05:30
Touhid M Shaikh 6f6ad86e2c fix tab 
fix tab and space.
 2018-07-09 11:49:11 +05:30
Wei Chen 5fc5a47cd2 Update CVE references for exploit modules 
These are based on cross references by EDB, OSVDB, module short
name, blog post and BID.
 2018-07-08 18:46:04 -05:00
Brendan Coles f14d06b9d1 Fix ufo_privilege_escalation 2018-07-08 11:05:30 +00:00
Brendan Coles a634e6347d minor code cleanup 2018-07-08 06:09:38 +00:00
Touhid M Shaikh 4a835b2493 fix warning, and version 
fix warning, and version and indentation
 2018-07-07 17:27:09 +05:30
Shelby Pace b5fb970aec Land #10133, Add HID discoveryd RCE exploit 2018-07-06 14:32:29 -05:00
Wei Chen 545e91af00 Land #10262, Add GitList argument injection exploit module 2018-07-06 14:28:20 -05:00
Wei Chen 82c74eb765 Small changes 2018-07-06 14:25:58 -05:00
Shelby Pace b1456df757 made suggested changes 2018-07-06 12:48:38 -05:00
Jacob Robles fe1b17684a Add Targets and Session file inclusion 2018-07-06 12:17:26 -05:00
Shelby Pace 5d0652fab1 changed inconsistent capitalization 2018-07-05 15:56:41 -05:00
Shelby Pace 2b452d5681 added documentation and check 2018-07-05 15:47:21 -05:00
Jacob Robles cb078b9586 Drop database 2018-07-05 14:58:30 -05:00
Brent Cook 05a0d79be7 Land #10219, Add HP VAN SDN Controller exploit 2018-07-05 14:21:44 -05:00
Jacob Robles 43096d9d78 Add phpMyAdmin v4.8.1/4.8.0 LFI RCE 
Module and Doc
 2018-07-05 13:33:35 -05:00
William Vu 53d5d82498 Rename module to match new vector 2018-07-05 13:31:16 -05:00
Shelby Pace 507fd22958 added http post and generating payload 2018-07-05 13:21:22 -05:00
William Vu 762b4b5e53 Simplify creds auth by checking X-Auth-Token alone 
It's a lot more direct than checking for the redirect.
 2018-07-05 13:20:27 -05:00
William Vu 2b069f45ca Clarify how we're using the auth token for creds 
In the service token's case, the service token *is* the auth token.
 2018-07-05 13:05:23 -05:00
flandini b00f0e87e0 Add SonicWall XML-RPC Remote Code Execution exploit module 2018-07-05 12:06:13 -05:00
Mehmet İnce a272dcabd7 Fix typos and additional updates regarding to review 2018-07-05 13:33:40 +01:00
Mehmet İnce 3b8149216f print a verbose error message 2018-07-04 23:20:58 +01:00