adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

27999 Commits

Author SHA1 Message Date
Clément Notin d85297c556 jboss_vulnscan: report the URL ("app") concerned by message 2019-09-13 01:04:28 +02:00
Wei Chen 97fbfa3a9f Land #12154, Add evasion module applocker_evasion_presentationhost 2019-09-12 17:41:01 -05:00
todb-r7 a9a2ce2f6a Add correct CVE for shopware module 
In PR #11828, the module author requested, and got, a new CVE for this
issue. The module should reflect that.
 2019-09-12 16:09:32 -05:00
Clément Notin b8a393ea89 jboss_vulnscan: prefix fingerprint by 'fingerprint: ' 2019-09-12 22:57:57 +02:00
Shelby Pace e21b25b20f Land #12302, add zip slip exploit 2019-09-12 07:45:51 -05:00
Shelby Pace 644988750e change permission on payload 2019-09-12 07:43:54 -05:00
Jay Turla 5fa9c5e21a Update mazda_ic_mover.rb 
Changed ```0x10``` to ```0x01```
 2019-09-12 12:49:45 +08:00
Shelby Pace 408d01cef4 Land #12276, add OpenEMR auxiliary module 2019-09-11 15:58:01 -05:00
Shelby Pace 8bfdaf6ab7 change metadata indentation 2019-09-11 15:56:46 -05:00
Clément Notin 88bdb981ad jboss_vulnscan: prefix fingerprint by 'rhost' and 'rport' 2019-09-11 19:54:32 +02:00
sinn3r cfeaca6de8 Land #12310, Add CVE info for jboss_vulnscan and jboss_status 
jboss_vulnscan and jboss_status: add CVE information
 2019-09-11 11:47:05 -05:00
Jay Turla b3240a1819 Add mazda_ic_mover module that moves the instrument cluster 
This module moves the needle of the accelorometer and speedometer of the Mazda 2 instrument cluster
 2019-09-12 00:07:42 +08:00
Will Porter 3ed9fb0383 Fix a bug caused by writing python code in a ruby file. 2019-09-11 15:39:15 +00:00
Wei Chen a63357c460 Land #12177, Add evasion module applocker_evasion_workflow_compiler 2019-09-11 10:28:16 -05:00
Clément Notin b460dc113d jboss_vulnscan & status: add CVE ref 2019-09-11 14:05:21 +02:00
William Porter 262e574fe2 Add the .csv extension to the loot file. 2019-09-10 21:32:03 -04:00
William Porter 7a8eb76a12 Use the same gsub pattern to create the ltype as is used by store_loot to sanitize characters. 2019-09-10 21:14:15 -04:00
Wei Chen 8fe1f9d172 Rephrase 2019-09-10 12:12:46 -05:00
William Porter 832d2e4300 Remove unneccesary comment. 2019-09-10 12:29:55 -04:00
Will Porter 3fc0467484 Update modules/auxiliary/sqli/openemr/openemr_sqli_dump.rb 
Remove unused path variable.

Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2019-09-10 12:27:48 -04:00
Will Porter f1f9597222 Update modules/auxiliary/sqli/openemr/openemr_sqli_dump.rb 
Use `normalize_uri` to construct the vulnerable URI.

Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2019-09-10 12:27:22 -04:00
bwatters-r7 ee660d61ea Land #12275, Update payloads to 1.3.77 
Merge branch 'land-12275' into upstream-master
 2019-09-10 11:14:56 -05:00
Wei Chen 2cd8125a40 Add zip skip 2019-09-09 12:00:53 -05:00
AZSG a990191f99 Update modbusclient.rb 2019-09-07 23:54:43 -05:00
h00die 054a092eb2 fix references in bypassuac modules 2019-09-08 00:42:21 -04:00
h00die 78c4bfee95 add url for fodhelper 2019-09-08 00:33:16 -04:00
h00die f60e8a3dbd less indents 2019-09-08 00:11:11 -04:00
h00die ce5f8d8d2f add datastore option 2019-09-08 00:06:49 -04:00
gkweb76 795e0ebeb5 Restore a "print" to "print_good" 
Aesthetics modification
 2019-09-07 09:02:04 +02:00
AZSG edcddf2736 Update modbusclient.rb 2019-09-06 22:40:31 -05:00
bwatters-r7 25b56c410d Land #12189, Add module for LibreNMS CVE-2019-10669 
Merge branch 'land-12189' into upstream-master
 2019-09-06 12:01:09 -05:00
Shelby Pace c4bd91f505 Land #12272, add October CMS file upload 2019-09-06 10:13:33 -05:00
Shelby Pace 5f7c243b48 add filedropper, fix check, add to docs 2019-09-06 09:49:09 -05:00
bwatters-r7 17acaf9720 Land #12226, fix #11574, add WSReset.exe UAC Bypass 
Merge branch 'land-12226' into upstream-master
 2019-09-06 09:19:24 -05:00
Touhid M Shaikh aaebec01a4 Update References 
Added CVE and Blog link
 2019-09-06 18:26:28 +05:30
gkweb76 a2d2475618 Fixed wrong previous commit 2019-09-05 22:12:33 +02:00
gkweb76 88d424cf3f Make the modification suggested by @acammack-r7 
Directly insert the new value in the "table", instead of modifying the screen output manually. Simpler and cleaner, thanks @acammack-r7 !
 2019-09-05 21:44:18 +02:00
Touhid M Shaikh cf4c10783a Update modules/exploits/multi/http/october_upload_bypass_exec.rb 
Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2019-09-05 23:50:18 +05:30
Touhid M Shaikh 4b416bf530 Update modules/exploits/multi/http/october_upload_bypass_exec.rb 
Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2019-09-05 23:48:43 +05:30
Touhid M Shaikh a7e205e252 Update modules/exploits/multi/http/october_upload_bypass_exec.rb 
Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2019-09-05 23:48:32 +05:30
Touhid M Shaikh 0e4e7dd9d9 Update modules/exploits/multi/http/october_upload_bypass_exec.rb 
Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2019-09-05 23:48:22 +05:30
Touhid M Shaikh bc1610ec46 Update modules/exploits/multi/http/october_upload_bypass_exec.rb 
Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2019-09-05 23:48:14 +05:30
Tim W 9f03db4582 Land #12280, add WSReset.exe UAC bypass via registry 2019-09-06 02:14:54 +08:00
Tim W 1a717a5624 minor fixes 2019-09-06 02:11:06 +08:00
Tim W 5123fdbb5e s/pkexec_helper_ptrace/ptrace_traceme_pkexec_helper/g 2019-09-06 01:00:44 +08:00
Tim W cc9d9bb483 s/bypassuac_windows_store/bypassuac_windows_store_filesys/g 2019-09-06 00:52:13 +08:00
bwatters-r7 481c13ea0f Rubocop changes 2019-09-05 11:44:00 -05:00
bwatters-r7 cf3f6c90f8 Renamed file to make room for the other UAC bypass targeting the same exe 2019-09-05 11:35:10 -05:00
bwatters-r7 b876afa20f Fixed up the code before pushing it. 2019-09-05 11:33:05 -05:00
Adam Cammack 598cf35e1e Land #12271, Don't mangle staged x86, x64 payloads 2019-09-05 11:18:45 -05:00