adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

13654 Commits

Author SHA1 Message Date
bwatters-r7 40d5f46277 Lad #10017, D-Link DSL-2750B Unauthenticated OS Command Injection 
Merge branch 'land-10017' into upstream-master
 2018-05-22 10:54:33 -05:00
lucyoa 6cc1a8dcbd Rubocop fixes 2018-05-22 10:34:05 -04:00
phra 6d4ad57beb refactor: use Rex built-in encoders 2018-05-21 22:14:39 +02:00
Kevin Kirsche 93e9c96a1c Adjust link / name ordering to be alphabetical by key (not sorted by value) 2018-05-21 14:42:13 -04:00
Tim W 88ab836e15 Land #9987, AF_PACKET chocobo_root exploit 2018-05-21 17:05:53 +08:00
Tim W 9e9dff8b6a fix file cleanup on failed exploitation 2018-05-21 16:47:09 +08:00
Tim W cd0161ada2 fix gcc for shell_reverse_tcp payloads on ubuntu 2018-05-21 16:46:42 +08:00
lucyoa 6ae55aadd4 Fixing documentation, improving exploits code 2018-05-20 12:55:46 -04:00
Brendan Coles aa033bf5c1 Fix cleanup 2018-05-20 16:19:25 +00:00
Kevin Kirsche c665a32eb9 Add privileged and fix PayloadType hash style 2018-05-19 19:06:50 -04:00
phra c9ab44234a refactor: remove predefined cmd stager flavor, increase linemax 2018-05-19 15:55:11 +02:00
phra d239fb17db refactor: update code as requested 2018-05-19 15:50:10 +02:00
Kevin Kirsche d9d226376c Fix missing comma 2018-05-19 09:23:23 -04:00
Kevin Kirsche 4bf259e767 Add github and EDB ID number 2018-05-19 09:04:18 -04:00
Kevin Kirsche b0f556639f Change rand text length and remove disable nops 2018-05-19 09:02:00 -04:00
phra 8a1cb1e560 fix: fix indentation 2018-05-19 03:27:35 +02:00
phra 5d37451dc8 fix: use print_error instead of puts 2018-05-19 03:26:49 +02:00
phra b010d23427 exploits: add CVE-2018-1000049 exploit module, fixes #10063 2018-05-19 03:10:06 +02:00
bwatters-r7 294b263159 Land #9966, Add Reliable Datagram Sockets (RDS) Privilege Escalation exploit 
Merge branch 'land-9966' into upstream-master
 2018-05-18 17:06:04 -05:00
Touhid M Shaikh 12457d14f7 vTiger CRM v6.3.0 (CVE:2015-6000,CVE:2016-1713) 
an attacker may choose to upload a file containing PHP code and run this code by accessing the resulting PHP file.
 2018-05-19 01:13:10 +05:30
Kevin Kirsche 6d0c6a7051 Randomize the starting letter 2018-05-18 15:14:40 -04:00
Kevin Kirsche 1efa5c4061 Move to PayloadType instead of Compat 2018-05-18 14:55:33 -04:00
Kevin Kirsche 599979be37 Add AKA and remove filename 2018-05-18 14:49:12 -04:00
Kevin Kirsche 0951aca881 Fix require that’s included by mixin 2018-05-18 13:31:20 -04:00
Kevin Kirsche 35ee1b5fa1 Use https instead of http in the comments 2018-05-18 13:10:47 -04:00
Kevin Kirsche 8f0242344d Fix style to use curly braces instead of pipes 2018-05-18 13:06:38 -04:00
Kevin Kirsche f1b9088609 Fix msf/core include requirement 
```
modules/exploits/unix/dhcp/rhel_dhcp_client_command_injection.rb - [WARNING] Explicitly requiring/loading msf/core is not necessary
```

removes `require msf/core`
 2018-05-18 13:04:55 -04:00
Kevin Kirsche 164f3ef48d Add CVE-2018-1111 exploit 2018-05-18 12:47:08 -04:00
Brent Cook 37f1e44a12 Land #10009, Add initial check support to external modules 2018-05-18 09:31:31 -05:00
Brendan Coles eb3733ffb4 unless 2018-05-17 17:42:55 +00:00
Tim W 629c5a82f1 default to aarch64 2018-05-17 20:48:25 +08:00
Tim W 6594cbb5cc Land #9947, AF_PACKET packet_set_ring exploit 2018-05-17 18:43:52 +08:00
Tim W dc227153c4 fix gcc on shell_reverse_tcp session 2018-05-17 18:43:27 +08:00
Tim W ce5b24eda0 fork early and cleanup files in module 2018-05-17 00:32:01 +08:00
William Vu 739d58135f Move EXE generation in struts_code_exec_parameters 2018-05-16 06:15:40 -05:00
William Vu 6ec0272ff5 Land #8727, CVE-2017-9791 exploit 2018-05-16 05:41:26 -05:00
William Vu eaec1d7486 Clean up module 2018-05-16 05:39:17 -05:00
William Vu 436e414b93 Land #7815, CVE-2016-9299 exploit 2018-05-16 05:29:41 -05:00
William Vu 959cbde6eb Clean up module 2018-05-16 05:29:25 -05:00
Brendan Coles c5f980f633 GoodRanking 2018-05-16 02:38:19 +00:00
Green-m 492be19aa0 Use && instead of and 2018-05-15 05:18:38 -04:00
Green-m a61d202586 Delete blank, fix typo and use single quote instead. 2018-05-15 04:27:36 -04:00
Green-m 03a7bb72af Add exploit module for apache hadoop unauthorized command execution 2018-05-15 03:47:20 -04:00
zerosum0x0 4a64401a58 fix ms17-010 similar to 4a56ecf3ae 2018-05-14 15:45:20 -06:00
Aaron Soto f5a43f2ed0 Land #9991, Remove need for temp file with xdebug_unauth_exec 2018-05-14 08:55:38 -05:00
lucyoa 8dd7a27f7b Fixes according to code review 2018-05-14 05:46:23 -04:00
lucyoa f65361258b Adding vulnerable firmwares to description 2018-05-13 15:08:32 -04:00
lucyoa 382364a3ff Adding documentation, improving description 2018-05-13 15:04:40 -04:00
lucyoa c3ad02121c Exploit for D-Link DSL2750B OS Command Injection vulnerability 2018-05-13 13:58:35 -04:00
Tim W ed5f2bffa9 Land #9919, add libuser roothelper privilege escalation exploit 2018-05-12 17:11:21 +08:00