adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

55054 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nicholas Starke 6bd1489f62 Adding version checking to wemo module 
Addresses Github Issue 11452 by parsing out the version
information returned in /setup.xml. New code then performs
a version check, and then alerts the user to whether or not
it is likely the remote host is vulnerable given that version
check.
 2019-02-23 12:06:57 -06:00
William Vu 659621a40b Add CMDSTAGER::TEMP with WritableDir fallback 2019-02-23 02:34:30 -06:00
Metasploit aa0ba91d92 automatic module_metadata_base.json update 2019-02-22 16:13:04 -08:00
William Vu fec109a6d3 Land #11465, author name fixes in a couple modules 2019-02-22 18:00:47 -06:00
William Vu fc9245fa66 Fix author names in a couple modules 
It me.
 2019-02-22 17:02:15 -06:00
Metasploit eb33555164 automatic module_metadata_base.json update 2019-02-22 14:39:24 -08:00
William Vu e1a200e6c5 Land #11463, NOCVE for Wemo exploit 2019-02-22 16:29:38 -06:00
Metasploit bbd8008ebe automatic module_metadata_base.json update 2019-02-22 11:33:55 -08:00
William Vu 194881a8b2 Add NOCVE 2019-02-22 13:26:53 -06:00
Brent Cook 789122b8ee Land #11460, Changing print_line to print_good 2019-02-22 13:23:02 -06:00
Brent Cook f7e3af212c Land #11462, Add Reliability REPEATABLE_SESSION to Wemo exploit 2019-02-22 13:16:23 -06:00
William Vu c76714ccc6 Add Reliability REPEATABLE_SESSION to Wemo exploit 
Notes copied from auxiliary/admin/wemo/crockpot where it didn't apply.
 2019-02-22 13:11:59 -06:00
Brent Cook 2363ceaab9 Land #11444, change default web service port to 5443 2019-02-22 12:39:22 -06:00
Brent Cook 52aae1e077 Land #11451, update module authors to consume JSON cache 2019-02-22 12:37:19 -06:00
John Q. Public 1eaba65da0 Update hp_sys_mgmt_login.rb 2019-02-22 11:33:36 -06:00
John Q. Public bfbda99086 Added user notification to line 56 2019-02-22 10:36:49 -06:00
John Q. Public 339918b3ef Update manageengine_deviceexpert_traversal.rb 
Changed print_status on line 80 to print_good and added a check for /scheduleresult.de with a return is not a 200 status code.
 2019-02-22 09:27:20 -06:00
John Q. Public 9cf8ac81e4 Changing print_line to print_good 
Changing print_line to print_good on lines 258 and 267 in iis_shortname_scanner.rb
 2019-02-22 09:01:11 -06:00
y_k_oo7 81204c82c1 fixed Docs 2019-02-22 15:05:10 +05:30
Metasploit 3871e45196 Bump version of framework to 5.0.9 2019-02-21 21:30:00 -08:00
Jeffrey Martin 5bd34e7d4c cleaner read of JSON cache 2019-02-21 23:20:43 -06:00
Jeffrey Martin 98e95eeb18 remove unused imports and vars 2019-02-21 23:14:55 -06:00
Jeffrey Martin dd864e8f6e enhance -f for evasion type 2019-02-21 23:11:39 -06:00
Jeffrey Martin dcaf477097 support -f from JSON 2019-02-21 23:10:07 -06:00
Jeffrey Martin 1bae9ccf31 update module authors to consume JSON cache 2019-02-21 22:56:04 -06:00
Metasploit 885259f58a automatic module_metadata_base.json update 5.0.8 2019-02-21 20:49:24 -08:00
Pearce Barry ae8e131cab Land #11449, enhance BigDecimal deprecation message suppression 2019-02-21 22:40:24 -06:00
Jeffrey Martin 087d653cd0 enhance BigDecimal deprecation message suppression 
When BigDecimal.new is called without keyword arguments
pass along only the *arg list.
 2019-02-21 21:47:03 -06:00
y_k_oo7 9696083eb8 Updated Docs 2019-02-22 01:34:28 +05:30
Jacob Robles c09c15649f SideEffects Stability Reliability check 2019-02-21 12:38:26 -06:00
y_k_oo7 97c4d8e6d9 Enhanced winrm_cmd module 2019-02-22 00:04:03 +05:30
Metasploit a3d0c93ff7 Bump version of framework to 5.0.8 2019-02-21 10:07:03 -08:00
Jacob Robles 5214b90fdf Land #11292, Add exploit for Nuuo CMS SQL injection 5.0.7 2019-02-21 11:05:53 -06:00
Jacob Robles 1cd7dc8bc9 Update rank, add note 2019-02-21 10:12:02 -06:00
Pedro Ribeiro 382d760540 Merge pull request #6 from jrobles-r7/nuuo_cms_sqli 
Nuuo cms sqli update
 2019-02-21 22:02:16 +07:00
Jacob Robles 696640a340 Timeout and cleanup files 2019-02-21 06:48:10 -06:00
Jacob Robles 4a4637d7a3 Move execute shell 2019-02-21 06:48:09 -06:00
Brent Cook d19ad1a725 change default database web service port to 5443 
The current default is port 8080, which in addition to conflicting with almost any local web app/server you might be running, also makes it seem like this is a plaintext connection, when this is really TLS. Switching to 5443 is somewhat unique (it's not in /etc/services), complements the default database port of 5343, and also decodes to TLS by default in Wireshark.
 2019-02-21 04:04:42 -06:00
Garvit Dewan c48a6ddbdf Add /boot/grub2/user.cfg path to grub_password 2019-02-21 14:17:15 +05:30
asoto-r7 efba6d2d9c Reverse engineered JSOs 2019-02-20 16:45:47 -06:00
terrorbyte 449307c7df Additional style fixes 2019-02-20 15:33:33 -06:00
terrorbyte 364460a787 Fixed heredoc and advanced options casing. 2019-02-20 14:42:56 -06:00
asoto-r7 0f9a796d2f Reverse engineered JSOs, used new ysoserial functionality 2019-02-20 14:28:09 -06:00
asoto-r7 5f84cbc078 Reverse engineered JSOs, used new ysoserial functionality 2019-02-20 14:12:24 -06:00
Pedro Ribeiro 26f2b61612 Merge pull request #5 from rapid7/master 
aaa
 2019-02-20 23:38:44 +07:00
Metasploit a30213782b automatic module_metadata_base.json update 2019-02-20 07:25:22 -08:00
Jacob Robles c179e5cdad Land #11291, Add Nuuo CMS session bruteforcing module 2019-02-20 09:13:33 -06:00
Jacob Robles 49307ae6c7 Deregister unused options 2019-02-20 08:09:06 -06:00
Metasploit 3a346fbb98 automatic module_metadata_base.json update 2019-02-20 05:59:43 -08:00
Brent Cook bf3256a64a Land #11392, only compute prompt expansions as-needed 2019-02-20 07:48:05 -06:00