adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

13654 Commits

Author SHA1 Message Date
caleBot e9ad5a7dca Update ueb9_api_storage.rb 2017-10-20 14:05:15 -06:00
caleBot 16b6248943 Update ueb9_bpserverd.rb 2017-10-20 13:58:12 -06:00
caleBot 5c0bcd8f0a Update ueb9_bpserverd.rb 2017-10-20 13:56:25 -06:00
caleBot abc749e1e8 Update ueb9_api_storage.rb 2017-10-20 13:48:29 -06:00
caleBot 8febde8291 Update ueb9_api_storage.rb 2017-10-20 12:23:53 -06:00
Kent Gruber 7cd532c384 Change targetr to target to fix small typo bug on one failure 
The target object seems to have a typo where it is referred to as
“targetr” which I’d guess isn’t exactly what we’d like to do in this
case. So, I’ve changed that to “target” in order to work.

So, I’ve simply fixed that small typo.
 2017-10-19 19:55:58 -04:00
mumbai 04a24e531b New module 2017-10-18 21:37:26 -04:00
Wei Chen c67a5872cd Land #9055, Add exploit for Sync Breeze HTTP Server 
Land #9055
 2017-10-13 17:34:03 -05:00
Wei Chen 3a2c6128be Support automatic targeting 2017-10-13 16:53:22 -05:00
bwatters-r7 294230c455 Land #8509, add Winsxs bypass for UAC 2017-10-11 16:24:52 -05:00
Jeffrey Martin cfaa34d2a4 more style cleanup for tomcat_jsp_upload_bypass 2017-10-11 15:53:35 -05:00
Jeffrey Martin 9885dc07f7 updates for style 2017-10-11 15:29:47 -05:00
Jeffrey Martin 1786634906 Land #9059, Tomcat JSP Upload via PUT Bypass 2017-10-11 15:05:00 -05:00
root 03e7797d6c fixed msftidy errors and added documentation 2017-10-11 07:57:01 -04:00
h00die e976a91b15 land #9053 RCE for rend micro imsva 2017-10-10 19:27:06 -04:00
Wei Chen a4bc3ea3c2 Merge branch 'pr9032' into upstream-master 
Land #9032, Improve CVE-2017-8464 LNK exploit

Land #9032
 2017-10-10 17:11:51 -05:00
Mehmet Ince fb16f1fbda Disabling bind type payloads 2017-10-10 09:37:24 +03:00
peewpw facc38cde1 set timeout for DELETE request 2017-10-09 21:53:31 -04:00
Mehmet Ince a2d32b460c Fixing grammer issue 2017-10-09 22:31:13 +03:00
Mehmet Ince c14c93d450 Integrate OfficeScan 11 exploitation and fix grammer issues 2017-10-09 22:11:42 +03:00
jakxx ef282ea154 Sync Breeze HTTP Server v10.0.28 BOF 
Added support for v10.0.28 to Sync Breeze BOF module
 2017-10-09 13:50:24 -04:00
bwatters-r7 fc5ab96ad6 Merging to prep for testing 
Merge branch 'master' of github.com:rapid7/metasploit-framework into upstream-master
 2017-10-09 10:31:30 -05:00
bwatters-r7 7df18e378d Fix conflicts in PR 8509 by mergeing to master 2017-10-09 10:30:21 -05:00
Martin Pizala 6d28a579f3 send_request_cgi instead of send_request_raw 2017-10-09 13:12:48 +02:00
peewpw be8680ba3d Create tomcat_jsp_upload_bypass.rb 
Created a module for CVE-2017-12617 which uploads a jsp payload and executes it.
 2017-10-08 21:48:47 -04:00
Mehmet Ince 395c82050b Adding Trend Micro IMSVA Widget RCE 2017-10-08 18:15:32 +03:00
Mehmet Ince 79c9123261 Adding Trend Micro OfficeScan widget rce module 2017-10-08 17:54:18 +03:00
Martin Pizala 33ec3c3d69 Error handling and style 2017-10-08 13:51:16 +02:00
Martin Pizala d8ff99b1f6 Change to ARCH_X64, remove python dependency 2017-10-08 13:51:07 +02:00
h00die 7a87e11767 land #8781 Utilize Rancher Server to exploit hosts 2017-10-07 13:04:34 -04:00
Maurice Popp b7184e87c0 fixing a type 2017-10-07 14:16:01 +02:00
Maurice Popp 8d50c34e4b codefixing 2017-10-07 14:06:58 +02:00
Martin Pizala 34d119be04 Payload space, error handling and style" 2017-10-07 01:12:24 +02:00
William Webb d9e0d891a1 Land #9010, Remove checks for hardcoded SYSTEM account name 2017-10-06 13:42:18 -05:00
h00die 7535fe255f land #8736 RCE for orientdb 2017-10-06 14:35:42 -04:00
caleBot 752d21e11c forgot a comma 2017-10-06 10:47:42 -06:00
caleBot 63e3892392 fixed issues identified by msftidy 2017-10-06 10:16:01 -06:00
caleBot 78e262eabd fixed issues identified by msftidy 2017-10-06 10:15:30 -06:00
caleBot 36610b185b initial commit for UEB9 exploits - CVE-2017-12477, CVE-2017-12478 2017-10-06 09:38:33 -06:00
Maurice Popp 770547269b added documentation, and fixed 4 to 2 indentation 2017-10-06 15:39:25 +02:00
Brent Cook 9d2e8b1e4d Land #8003, Evasions for delivering nops/shellcode into memory 2017-10-05 16:44:36 -05:00
Spencer McIntyre e4d99a14b6 Fix EXITFUNC back to process for the RCE too 2017-10-05 11:38:08 -04:00
Spencer McIntyre 4729c885f1 Cleanup the CVE-2017-8464 LPE module 2017-10-05 11:10:37 -04:00
Spencer McIntyre d0ebfa1950 Change the template technicque to work as an LPE 2017-10-05 10:30:28 -04:00
Spencer McIntyre 825ad940e6 Update the advanced option names and a typo 2017-10-05 10:16:31 -04:00
Spencer McIntyre 482ce005fd Update the advanced option names and a typo 2017-10-05 10:11:00 -04:00
Pearce Barry 7400082fdb Land #9040, Add CVE and Vendor article URL to the denyall_waf_exec module 2017-10-04 09:12:48 -05:00
Mehmet Ince 110f3c9b4a Add cve and vendor article to the denyall_waf_exec module 2017-10-04 12:11:58 +03:00
William Vu 10dafdcb12 Fix #9036, broken refs in bypassuac_comhijack 
Each ref needs to be an individual array.
 2017-10-03 13:36:29 -05:00
ashish gahlot 9ff6efd3a3 Remove broken link 2017-10-02 20:43:55 +05:30