adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

55054 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
bwatters-r7 a9e1bac5fb Remove extra stuff that was part of the staged attempt at pingback. 
It is no longer required because pingback is now a single.
 2019-05-30 11:40:54 -05:00
asoto-r7 4092221ca9 Ruby pingback payload (bind and reverse) 2019-05-30 11:40:09 -05:00
asoto-r7 920b034b03 Python pingback payload (reverse only) 2019-05-30 11:40:08 -05:00
asoto-r7 2184ad35b7 python pingback_bind_tcp: send UUID as raw bytes instead of ASCII 2019-05-30 11:40:08 -05:00
asoto-r7 0bcb94f989 Remove 'workspace' option from Mdm::Payload.create 2019-05-30 11:40:08 -05:00
asoto-r7 ce0525cb11 Update metasploit_data_models from 3.0.8 to 3.0.10 2019-05-30 11:40:05 -05:00
asoto-r7 27c41a165a Python pingback payload (bind only) 2019-05-30 11:38:47 -05:00
asoto-r7 ec01713d7e Linux pingback payloads 2019-05-30 11:38:47 -05:00
Aaron Soto c89fd1cc3f Add error handling for users without a database configured 2019-05-30 11:38:46 -05:00
Aaron Soto 6ac80d0f5a Enable database support in msfvenom to allow for saving UUIDs 2019-05-30 11:38:46 -05:00
Aaron Soto e83bdf7c7e Record UUID upon pingback_reverse_tcp generation and callback 2019-05-30 11:38:46 -05:00
Aaron Soto a61dd66d95 Record UUID upon reverse_tcp_pingback generation and callback 2019-05-30 11:38:40 -05:00
bwatters-r7 b12128a8d0 Fix odd edge case converting binary to hex string 2019-05-30 11:37:34 -05:00
bwatters-r7 1ab0a04f60 Use nonvolitile register for the counter 
Change option name to match convention
 2019-05-30 11:37:33 -05:00
bwatters-r7 b818d6d9d3 Updated to have a handler 2019-05-30 11:37:33 -05:00
bwatters-r7 a2f55947e6 Add support for pingback as a single and session... 2019-05-30 11:37:33 -05:00
bwatters-r7 e233ee38ea Let's try it as a single this time.... 2019-05-30 11:34:06 -05:00
bwatters-r7 c9c78ba707 Add new files 2019-05-30 11:34:06 -05:00
bwatters-r7 bd65f81627 Add pingback changes 2019-05-30 11:33:46 -05:00
bwatters-r7 535dc343b9 Maybe stage the new files, too 2019-05-30 11:30:55 -05:00
Aaron Soto e1271317ac REST API for async-callbacks, removed array datatypes, cleaned up Swagger 2019-05-30 11:30:55 -05:00
Aaron Soto afddfff3be WIP: REST API for async-callbacks, added UUID search 2019-05-30 11:30:55 -05:00
Aaron Soto 84acf0d09d WIP: Remove PUT and DELETE endpoints 2019-05-30 11:30:55 -05:00
Aaron Soto 86c054c5e3 Bring pingback-payload changes into public framework 2019-05-30 11:30:19 -05:00
Aaron Soto 85d35e6c87 WIP: REST API for async-callbacks 2019-05-30 11:25:48 -05:00
Shelby Pace 74812ffe4d Update modules/exploits/linux/http/librenms_addhost_cmd_inject.rb 
Co-Authored-By: @shellfail <jrobles@rapid7.com>
 2019-05-30 10:52:34 -05:00
Shelby Pace 8c11a1c95a Update modules/exploits/linux/http/librenms_addhost_cmd_inject.rb 
Co-Authored-By: @shellfail <jrobles@rapid7.com>
 2019-05-30 10:51:57 -05:00
Metasploit eaaaab98f7 Bump version of framework to 5.0.26 5.0.26 2019-05-30 06:38:42 -07:00
Jacob Robles 4f6d55b773 Update documentation 2019-05-30 06:30:38 -05:00
Metasploit 4b3feb6280 automatic module_metadata_base.json update 5.0.25 2019-05-29 22:25:02 -07:00
William Vu 622e67d20a Land #11900, normalize_uri style fix 2019-05-30 00:16:16 -05:00
William Vu a0c6035380 Prefer initial slash in normalize_uri 
I missed the indirect call in check. This decides on a style.

If a URI part contains a slash, we begin with a slash.
 2019-05-30 00:08:17 -05:00
Metasploit 472103d16b automatic module_metadata_base.json update 2019-05-29 22:00:48 -07:00
Brent Cook 810d5e356f Land #11865, expand utility for allegro_rompager_auth_bypass 2019-05-29 23:40:37 -05:00
Brent Cook dee824434f Land #11898, only require pdf-reader if used 2019-05-29 23:35:17 -05:00
Jeffrey Martin 1833c97c8c more require for pdf-reader 
In ruby 2,5+ on windows the ttfunk dependency loading causes ruby to crash so
only load this only when specifically required.
 2019-05-29 22:36:50 -05:00
Shelby Pace 590b9748c1 changed file name and documentation 2019-05-29 18:30:39 -05:00
Shelby Pace 6606e1fed4 Update modules/exploits/linux/http/librenms_cmd_injection.rb 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-05-29 18:00:59 -05:00
Shelby Pace 5253d34dd3 Update modules/exploits/linux/http/librenms_cmd_injection.rb 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-05-29 18:00:07 -05:00
Shelby Pace 34528b1512 Update modules/exploits/linux/http/librenms_cmd_injection.rb 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-05-29 17:59:55 -05:00
Shelby Pace bd0109b328 add documentation 2019-05-29 15:51:53 -05:00
Shelby Pace fa1ce20e74 add note 2019-05-29 15:50:31 -05:00
Shelby Pace de081a08cd add working exploit 2019-05-29 15:09:23 -05:00
bcoles ca8c72d586 Fix abrt package version check 2019-05-30 04:24:53 +10:00
Metasploit ec168accb1 automatic module_metadata_base.json update 2019-05-29 11:11:02 -07:00
Jacob Robles 87e9fddd2f CMD Target Update 
Generic payload auto-disables the handler so we don't have
to handle that now. Also, remove datastore modifications
in the module.
 2019-05-29 13:09:21 -05:00
Jacob Robles 61b500d148 Land #11894, Note deprecated DIAL protocol in chromecast_youtube 2019-05-29 12:51:43 -05:00
William Vu 6580f14c3a Once more, with feeling 2019-05-29 12:19:52 -05:00
William Vu 78fca9f91a Suggest CASTV2 is unsupported 2019-05-29 11:50:53 -05:00
n̸̺̳̮̖͚̺̺͍̪̰͎̰͇̯̙̋ͣͣ̆̇ͥ̕n̷̑͐̑ͩ̾͗ͣ͐̏҉̣̞̖͖͕̗̞̳̯͚̖n̶̵̫̣͓͈͓̥̣̬̠̗̤͔͖̘̫̪̱͇̤̏ͯ̿ͫͥ͐̍͂͛͊̓͜͢n̨̡̙̼̗̳̿̂ͤ̑͆ͧ́͂̈n̷̸̛͙̘̙̪͔͕͖̻̹͇̮̰̖̣͓̖̫ͪͥ̓̑͒͟͠ņͤͤͯ̌̒̽́̎ͦ̃̈͆̿͒̊ͣ͏̡͎̪̗̻̱̭̲̤͈̞̦͇͍̤̪̥̳̙͘ͅn̨͇̦̭̞̹̗̞̖̪̤̗ͩ́̋͛͂̂̿ͭͭ̈͢ʌ̸̵͉̱͍̤͍̫̰̘͚̲̝̩̤̙͗̑ͥ̃̈́͌̔̿̉͒ͦ̿̈̋́̚̚̕͢ͅʍ̸̭̰̬̖͚͓̠̮͙͓̝̥̞̥͉̏̈ͩͥͣͣ̆ d3c92488ea Update documentation/modules/auxiliary/admin/chromecast/chromecast_youtube.md 
Co-Authored-By: @shellfail <jrobles@rapid7.com>
 2019-05-29 11:47:56 -05:00