adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

13654 Commits

Author SHA1 Message Date
Gabor Seljan 483865b815 Fix reference 2017-01-11 23:28:23 +01:00
wchen-r7 abab1f17c9 Merge master to cisco_cve_2016_6433 and make sure I have the latest 2017-01-11 14:39:52 -06:00
Brent Cook 2585c8c8b5 Land #7461, convert futex_requeue (towelroot) module to use targetting and core_loadlib 2017-01-11 13:24:25 -06:00
Gabor Seljan 24014d8465 Minor code formatting 2017-01-10 22:59:42 +01:00
Pedro Ribeiro c0880985bc fix duplicate entry for platform 2017-01-10 01:17:44 +00:00
wchen-r7 74cea5dd04 Use Linux payloads instead of cmd/unix/interact 
As of now, cmd/unix/interact causes msfconsole to freeze, so
we can't use this.
 2017-01-09 11:11:17 -06:00
wizard32 467a476598 Update websphere_java_deserialize.rb 2017-01-08 13:33:01 +02:00
Gabor Seljan 9162374ae3 Add automatic targeting 2017-01-08 11:23:18 +01:00
Gabor Seljan d2472712f3 Add module for DiskBoss Enterprise (EDB-40869) 2017-01-07 19:44:38 +01:00
wchen-r7 e331066d6d Add CVE-2016-6433 Cisco Firepower Management Console UserAdd Exploit 2017-01-06 17:05:25 -06:00
wizard32 829f7da7e0 Update websphere_java_deserialize.rb 2017-01-06 18:39:04 +02:00
Pedro Ribeiro 13bca2ebc7 add httpusername and password for auto auth 2017-01-06 16:33:51 +00:00
wizard32 538a1bf21d 'WfsDelay' Option added 
20sec added on 'WfsDelay' Option for first time exploit run due to the delay of powershell to load all the available modules.
 2017-01-06 18:11:48 +02:00
wizard32 c55e2e58f0 'raw_headers' Updated 2017-01-05 15:19:17 +02:00
wizard32 1d82ee0470 'raw_headers' field Updated 2017-01-05 15:17:17 +02:00
wizard32 c29a9ac00f Show Info updated 2017-01-05 14:18:38 +02:00
wizard32 1a38caa230 Encode - Decode code Updated 2017-01-05 13:07:34 +02:00
wizard32 9f4be89391 Update websphere_java_deserialize.rb 
Update information "Options" field
 2017-01-05 12:38:54 +02:00
William Vu 19319f15d4 Land #7626, Eir D1000 modem exploit 2017-01-04 17:02:39 -06:00
Pedro Ribeiro d95a3ff2ac made changes suggested 2017-01-04 23:02:10 +00:00
William Vu b0e79076fe Switch to wget CmdStager and tune timing 
We don't want to trample the device with requests.
 2017-01-04 16:42:53 -06:00
wizard32 82e49fb27e Update websphere_java_deserialize.rb 2017-01-04 10:23:48 +02:00
William Vu 94d76cfb06 Merge remote-tracking branch 'upstream/master' into tr-069-ntpserver-command-injection 2017-01-03 17:04:04 -06:00
Brent Cook 7585999e18 Land #7782, Update themoon exploit to use wget command stager 2017-01-03 16:30:12 -06:00
wchen-r7 ed74b239e3 Land #7768, PHPMailer Sendmail Argument Injection exploit 2017-01-03 16:04:05 -06:00
wchen-r7 3155af679a Fix a typo 2017-01-03 16:03:45 -06:00
Adam Cammack fe0a3c8669 Update themoon exploit to use wget command stager 2017-01-03 15:50:57 -06:00
wizard32 b06c5bac2f Invalid CVE format and Spaces at EOL fixed 2017-01-03 21:45:22 +02:00
wizard32 0722944b47 Invalid CVE format fixed 2017-01-03 21:38:32 +02:00
wizard32 8534fde50f Websphere Java Deserialization (RCE) 
This module exploits a vulnerability in IBM's WebSphere Application Server. An unsafe deserialization call of unauthenticated Java objects exists to the Apache Commons Collections (ACC) library, which allows remote arbitrary code execution. Authentication is not required in order to exploit this vulnerability.
 2017-01-03 16:04:51 +02:00
phroxvs a9a83bc21c fix for uninitialized constant in Net::SSH on OS X 2017-01-03 06:16:07 -05:00
phroxvs 3c2486b9f5 initial version of CVE-2016-7456 exploit 2017-01-03 03:39:22 -05:00
phroxvs 589084896a initial version of CVE-2016-7456 exploit 2017-01-03 03:36:49 -05:00
Pedro Ribeiro 9d3e90e8e5 cleanup 2017-01-02 17:32:38 +00:00
Pedro Ribeiro 4c29d23c8a further cleaning 2016-12-31 17:02:34 +00:00
Pedro Ribeiro 956602cbfe add final wnr2000 sploits 2016-12-31 16:49:05 +00:00
Spencer McIntyre cd90fd3b1c Fix PHPMailer targets since 5.2.20 is not affected 2016-12-30 15:31:15 -05:00
Spencer McIntyre 1eab4b3a7d Add an optional explicit triggeruri for phpmailer 2016-12-30 14:24:07 -05:00
Spencer McIntyre 64037b0d6e Use a proper target instead of VERSION 2016-12-29 17:37:16 -05:00
Spencer McIntyre c9dd7a50b6 Add the PHPMailer Argument Injection exploit 2016-12-29 17:17:06 -05:00
William Vu 9d0ada9b83 Land #7749, make drb_remote_codeexec great again 2016-12-28 06:11:48 -06:00
William Vu cfca4b121c Clean up module 2016-12-28 06:10:46 -06:00
William Vu afd8315e1d Remove apache_continuum_cmd_exec CmdStager flavor 
It is inferred from the platform, and we don't want to override it
needlessly. :bourne is what worked during testing, but it won't always
work. Now we can override the flavor with CMDSTAGER::FLAVOR.
 2016-12-27 16:24:16 -06:00
Pedro Ribeiro 870e8046b5 add sploits 2016-12-27 21:12:35 +00:00
Brent Cook 57e4bcbf71 Land #7454, add CVE-2013-6282, put_user/get_user exploit for Android 2016-12-24 14:44:34 -06:00
joernchen of Phenoelit 679ebf31bd Minor fix to make dRuby great again 2016-12-23 15:12:22 +01:00
joernchen of Phenoelit d69acd116d Make dRuby great again 2016-12-22 15:37:16 +01:00
William Vu 934b05e736 Land #7310, at(1) persistence module 2016-12-22 03:33:58 -06:00
William Vu b65a62ba93 Clean up module 2016-12-22 03:33:08 -06:00
Tim 25a8283af3 fork early and use WfsDelay 2016-12-20 00:59:27 +08:00