adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

13654 Commits

Author SHA1 Message Date
Jon Hart 879db5cf38 Land #9050, @mpizala's improvements to the docker_daemon_tcp module 2017-11-21 17:13:24 -08:00
Austin 275f70e77e better saving 2017-11-21 19:34:04 -05:00
Austin db4c0fcca9 spelling 2017-11-21 19:02:14 -05:00
Austin fcea6fd8d4 actually create new file ;-; 2017-11-21 15:00:06 -05:00
Austin 39a4d193a1 Create office_ms17_11882.rb 2017-11-21 14:47:02 -05:00
Robin Verton 52356e00b7 Use stylistic suggestions from rubocop 2017-11-21 14:30:13 +01:00
h00die dd8238d146 rubocop got a donut 2017-11-20 20:08:28 -05:00
Adam Cammack dd57138423 Make external module read loop more robust 
Changes from a "hope we get at most one message at a time" model to
something beginning to resemble a state machine. Also logs error output
and fails the MSF module when the external module fails.
 2017-11-20 16:52:05 -06:00
h00die 579d012fa2 spelling 2017-11-19 08:36:27 -05:00
h00die b7f7afb3be version detect, 2.2.6 handling 2017-11-19 08:28:07 -05:00
WhiteWinterWolf 2be3433bdb Update references URLs 2017-11-17 13:27:35 +01:00
WhiteWinterWolf a636380e4b Merge the new method into drupal_drupageddon.rb 2017-11-17 13:00:15 +01:00
WhiteWinterWolf 704514a420 New exploit method for Drupageddon (CVE-2014-3704) 
This new script exploits the same vulnerability as
 *exploits/multi/http/drupal_drupageddon.rb*, but in a more efficient way.
 2017-11-16 20:47:44 +01:00
h00die f8891952c6 pfsense group member exec module 2017-11-15 21:00:58 -05:00
Adam Cammack c740f4369c Land #9197, Cleanup Mako Server exploit 2017-11-15 15:01:31 -06:00
Adam Cammack 4219959c6d Bump ranking to Excellent 2017-11-15 15:00:47 -06:00
Austin 829a7a53db verbose response. 2017-11-15 12:27:40 -05:00
Austin 4918e5856d Update polycom_hdx_traceroute_exec.rb 2017-11-15 10:41:51 -05:00
Austin d93120e2ac Create polycom_hdx_traceroute_exec.rb 2017-11-15 10:40:57 -05:00
Martin Pizala 33e5508bcb bypass user namespaces 2017-11-15 15:14:58 +01:00
Mehmet İnce 54936b6ac3 Updatig documentation and tweaking initiate_session 2017-11-15 01:04:06 +03:00
Mehmet İnce 86e47589b0 Add xplico remote code execution 2017-11-14 09:30:57 +03:00
0xFFFFFF d28ae361ca Added exploit module for Samsung SRN-1670D vuln CVE-2017-16524 
Please find my exploit module for the vulnerability CVE-2017-16524 I discovered and tested on Web Viewer 1.0.0.193 on SAMSUNG SRN-1670D
 2017-11-12 20:11:44 +01:00
William Vu f3e2f4d500 Land #9167, D-Link DIR-850L exploit 2017-11-10 18:15:39 -06:00
William Vu 3936d3baa1 Clean up module 2017-11-10 18:15:22 -06:00
Martin Pizala 971ec80fc1 Keep the python target 2017-11-10 23:11:27 +01:00
Steven Patterson df2b62dc27 Add Mako Server CMD injection Linux support, update docs, move to multi 2017-11-10 16:28:39 -05:00
William Vu ea260e87b7 Remove headers, since we didn't send them before 
http was an invalid key for setting headers, and we still got a shell.
These headers also don't seem relevant to the PUT request.
 2017-11-09 11:06:50 -06:00
William Vu 7213e6cc49 Fix #9133, makoserver_cmd_exec cleanup 2017-11-09 10:52:03 -06:00
attackdebris 500bde1150 get_vars tweak 2017-11-09 04:16:34 -05:00
h00die 52888871e3 Land #8747 RCE for Geutebrueck GCore on Windows 2017-11-08 20:22:54 -05:00
h00die 7ad151e68b gcore formatting update 2017-11-08 20:21:40 -05:00
attackdebris a04bc0a25b Add get_vars, remove a https instance 2017-11-08 16:30:59 -05:00
Adam Cammack 39916ef61a Land #9133, Command injection in Mako Server examples 2017-11-08 15:11:01 -06:00
Patrick Webster d95b333ae9 Added exploit module for HP LoadRunner command exec vuln CVE-2010-1549. 2017-11-09 03:59:18 +11:00
William Vu b7c604f941 Land #9189, s/patrick/aushack/g 2017-11-08 10:27:03 -06:00
bwatters-r7 5a07be9b96 Land #9041, Add LPE on Windows using CVE-2017-8464 2017-11-08 10:09:03 -06:00
Patrick Webster 2f6da89674 Change author name to nick. 2017-11-09 03:00:24 +11:00
Austin 0a4ce1e87b cmdstager build 
Removes the need for HTTP Server, utilizes helper CmdStager, reduces module size.
 2017-11-07 19:00:59 -05:00
Maurice Popp 6683ba501f added one missing change 2017-11-07 20:05:43 +01:00
Maurice Popp 8963d77bca multiple changes as requested by h00die 2017-11-07 20:00:56 +01:00
attackdebris 7173e7f4b4 Add CVE to module description 2017-11-07 11:05:14 -05:00
attackdebris 371f3c333a This commit adds the jenkins_xstream_deserialize module 2017-11-07 09:46:42 -05:00
Brent Cook cfeb0b7bda prefer threadsafe sleep here 2017-11-06 01:37:09 -06:00
Brent Cook 897b5b5dd1 revert passive handler stance 2017-11-06 01:37:09 -06:00
Spencer McIntyre 7d1de9bc48 Fix removing the dropped files after exploitation 2017-11-04 18:50:20 -04:00
Austin 1758ed93d4 Update dlink_850l_unauth_exec.rb 2017-11-04 11:42:49 -04:00
Austin 724c5fb963 finish 2017-11-04 11:41:07 -04:00
Austin e783cb59ea add "check" & msftidy 2017-11-04 08:53:50 -04:00
Austin 84599ed3fc Update dlink_850l_unauth_exec.rb 2017-11-04 07:58:13 -04:00