adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

13654 Commits

Author SHA1 Message Date
Brandon Knight f8fb03682a Fix issue in ps_wmi_exec and powershell staging 
The staging function in the post/windows/powershell class was broken
in a previous commit as the definition for env_variable was removed and
env_prefix alone is now used. This caused an error to be thrown when
attempting to stage the payload. This changes the reference from
env_variable to env_prefix.

Additionally, the ps_wmi_exec module created a powershell script to be
run that was intended to be used with the EncodedCommand command line
option; however the script itself was never actually encoded. This
change passes the compressed script to the encode_script function to
resolve that issue.
 2017-04-28 03:31:56 -04:00
Sara Perez 18fa411189 Updated with Egypt's suggestion, also changed the target name to include other versions 2017-04-27 13:19:44 +01:00
Brent Cook 037fdf854e move common json-rpc bits to a library 2017-04-26 18:08:08 -05:00
Brent Cook a60e5789ed update mettle->meterpreter references in modules 2017-04-26 17:55:10 -05:00
Daniel Teixeira a3a4ba7605 Buffer Overflow on Dup Scout Enterprise v9.5.14 2017-04-26 15:19:00 +01:00
William Vu bbee7f86b5 Land #8263, Mercurial SSH exec module 2017-04-26 01:38:01 -05:00
William Vu f60807113b Clean up module 2017-04-26 01:37:49 -05:00
anhilo 56685bbfaa Update office_word_hta.rb 2017-04-26 11:05:21 +08:00
wchen-r7 320898697a Land #8266, Add Buffer Overflow Exploit on Disk Sorter Enterprise 2017-04-24 17:17:30 -05:00
wchen-r7 e333cb65e5 Restore require 'msf/core' 2017-04-24 17:09:02 -05:00
Matthias Brun d3aba846b9 Make minor changes 2017-04-24 23:35:36 +02:00
wchen-r7 5bbb4d755a Land #8254, Add CVE-2017-0199 - Office Word HTA Module 2017-04-24 16:05:00 -05:00
wchen-r7 6029a9ee2b Use a built-in HTA server and update doc 2017-04-24 16:04:27 -05:00
Daniel Teixeira 47898717c9 Minor documentation improvements 
Space after ,
 2017-04-24 14:47:25 +01:00
h00die 8e4c093a22 added version numbers 2017-04-22 09:45:55 -04:00
Matthias Brun 714ada2b66 Inline execute_cmd function 2017-04-21 15:32:15 +02:00
Matthias Brun 8218f024e0 Add WiPG-1000 Command Injection module 2017-04-20 16:32:23 +02:00
DanielRTeixeira f1c51447c1 Add files via upload 
Buffer Overflow on Disk Sorter Enterprise
 2017-04-19 10:57:41 +01:00
Jonathan Claudius f5430e5c47 Revert Msf::Exploit::Remote::Tcp 2017-04-18 19:27:35 -04:00
Jonathan Claudius 9a870a623d Make use of Msf::Exploit::Remote::Tcp 2017-04-18 19:17:48 -04:00
Jonathan Claudius 03e3065706 Fix MSF tidy issues 2017-04-18 18:56:42 -04:00
Jonathan Claudius 32f0b57091 Fix new line issues 2017-04-18 18:52:53 -04:00
James Lee bdeeb8ee1d Add a check 2017-04-18 16:32:06 -05:00
William Vu 3b38d0d900 Land #8262, PR ref for huawei_hg532n_cmdinject 2017-04-18 16:29:13 -05:00
Jonathan Claudius bfca4da9b0 Add mercurial ssh exec 2017-04-18 16:33:23 -04:00
Tod Beardsley 1fcc1f7417 Trailing comma. Why isn't this Lua? 2017-04-18 14:27:44 -05:00
wchen-r7 0428e12b10 Land #8216, Add CVE-2016-7552/CVE-2016-7547 exploit 2017-04-18 14:26:55 -05:00
Tod Beardsley 4ec71f9272 Add a reference to the original PR 
This was the source of first public disclosure, so may as well include
it.
 2017-04-18 14:20:25 -05:00
Sara Perez 178d68003e version check, as the name for the api key call changes on 11.0. Line 130 2017-04-18 10:32:28 +01:00
Nate Caroe 92e7183a74 Small typo fix 
Running msfconsole would generate an Ubuntu crash report (?). This seems to be the culprit.
 2017-04-17 11:14:51 -06:00
Ahmed S. Darwish e21504b22d huawei_hg532n_cmdinject: Use send_request_cgi() 'vars_get' key 
Instead of rolling our own GET parameters implementation.

Thanks @wvu-r7!
 2017-04-17 09:11:50 +02:00
nixawk 3d082814cb Fix default options 2017-04-17 01:09:48 -05:00
Ahmed S. Darwish 7daec53106 huawei_hg532n_cmdinject: Improve overall documentation 
- Add section on compiling custom binaries for the device
- Add documentation for Huawei's wget flavor (thanks @h00die)
- Abridge the module's info hash contents (thanks @wwebb-r7)
- Abridge the module's comments; reference documentation (@h00die)
 2017-04-17 08:00:51 +02:00
Ahmed S. Darwish 8a302463ab huawei_hg532n_cmdinject: Use minimum permissions for staged binary 
Use u+rwx permissions only, instead of full 777, while staging the
wget binary to target. As suggested by @wvu-r7 and @busterb.
 2017-04-17 03:27:57 +02:00
Ahmed S. Darwish 7ca7528cba huawei_hg532n_cmdinject: Spelling fixes suggested by @wvu-r7 2017-04-17 03:23:20 +02:00
Ahmed S. Darwish 7b8e5e5016 Add Huawei HG532n command injection exploit 2017-04-15 21:01:47 +02:00
nixawk fb001180c4 Fix generate_uri 2017-04-14 21:52:31 -05:00
nixawk 590816156f rename exp module 2017-04-14 21:32:48 -05:00
nixawk 1952529a87 Format Code 2017-04-14 21:30:26 -05:00
nixawk 8ab0b448fd CVE-2017-0199 exploit module 2017-04-14 13:22:59 -05:00
m0t 5e42dde6b6 msftidy clean up 2017-04-12 16:25:21 +01:00
mr_me 3c2dc68e9c improved description, no point repeating the same thing\! 2017-04-11 09:55:11 -05:00
mr_me c359e15de6 updated the print statement 2017-04-11 09:31:17 -05:00
mr_me 84ac9d905c improved the description of the module 2017-04-11 09:24:43 -05:00
m0t 374d7809b5 last fixes and tests 2017-04-11 09:48:57 +01:00
mr_me b1d127e689 satisfied travis 2017-04-10 14:11:18 -05:00
mr_me 0f07875a2d added CVE-2016-7552/CVE-2016-7547 exploit 2017-04-10 13:32:58 -05:00
William Vu 06ca406d18 Fix weird whitespace 2017-04-09 22:23:58 -05:00
Christian Mehlmauer 74dc7e478f update piwik module 2017-04-05 20:19:07 +02:00
m0t 9a0789f839 Exploit for pmmasterd Buffer Overflow (CVE-2017-6553) 2017-04-05 17:59:54 +01:00