adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
46,254 Commits 27 Branches 1,043 Tags
94de5a4e42cfb1dc0fdfc1233707f71b6d9a628b
Commit Graph

2578 Commits

Author SHA1 Message Date
Jacob Robles d6cf32fad8 Land #9821, osCommerce 2.3.4.1 - Remote Code Execution 2018-05-02 07:29:15 -05:00
Aaron Soto c4bca03fea Land #9908, msfd_rce_remote and msfd_rce_browser 2018-04-27 18:54:17 -05:00
Daniel Teixeira 37c578e16d Update oscommerce_installer_unauth_code_exec.rb 2018-04-06 17:10:53 +01:00
Daniel Teixeira dee01189ca Update oscommerce_installer_unauth_code_exec.rb 2018-04-06 15:41:21 +01:00
Daniel Teixeira 50c3f53e03 Update oscommerce_installer_unauth_code_exec.rb 2018-04-06 14:39:45 +01:00
Daniel Teixeira 0c829a5c6b Update oscommerce_installer_unauth_code_exec.rb 2018-04-06 14:35:33 +01:00
Daniel Teixeira cbdb3a35b2 Update oscommerce_installer_unauth_code_exec.rb 2018-04-06 14:14:11 +01:00
Daniel Teixeira 6698f1b64b Update oscommerce_installer_unauth_code_exec.rb 2018-04-06 13:05:40 +01:00
Daniel Teixeira 806c72ebcb Update and rename oscommerce.rb to oscommerce_installer_unauth_code_exec.rb 2018-04-06 11:29:29 +01:00
Daniel Teixeira 3efd17a801 Rename osCommerce.rb to oscommerce.rb 2018-04-06 10:46:00 +01:00
Daniel Teixeira 0d254b4e5c Update osCommerce.rb 2018-04-06 10:40:28 +01:00
Daniel Teixeira b5681cb954 osCommerce Module 2018-04-05 20:28:14 +01:00
Brent Cook 81c78a51c2 Land #9794, Added support for regional dialects 2018-04-05 12:56:07 -05:00
Chris Higgins 1fa40bfe3b Land #8539, ProcessMaker Plugin Upload exploit 2018-04-03 20:52:17 -05:00
Brent Cook 8f7d9f3ac8 rename module 2018-04-03 13:44:55 -05:00
Brent Cook 19eef59f23 add disclosure date, fix target 2018-04-03 13:39:11 -05:00
Brent Cook cd7831a2a3 An unforgettable luncheon 2018-04-03 13:39:11 -05:00
Brendan Coles dfb3a421fe Remove require statement 2018-04-03 12:56:06 +00:00
Brendan Coles d860d7af5b require 'rex/tar' 2018-04-03 06:34:30 +00:00
William Vu c19fc4c18f Land #9423, PSH for jenkins_xstream_deserialize 2018-03-26 17:09:16 -05:00
h00die 0028e2c5ba documentation update 2018-03-24 19:25:59 -04:00
Brendan Coles ac9f506b45 Update tested versions 2018-03-20 02:49:56 +00:00
Touhid M Shaikh ea3378753b syntax error fixed on 70 line 
improve check payload was uploaded or not condition using AND condition on line 121
 2018-03-13 14:15:03 +05:30
Touhid M Shaikh 5e30982184 check fucktion and some words fixed 
all changes done which is bcoles suggested
 2018-03-12 21:03:34 +05:30
Touhid M Shaikh 9b0ba4a6fa clipbucket_fileupload_exec 2018-03-12 14:17:13 +05:30
Jacob Robles 86dd382e6a Land #9554, Eclipse Equinoxe OSGi console RCE 2018-03-07 08:41:31 -06:00
Sonny Gonzalez 883654f0ea Land #9653, fix Y2k38 issue (until Jan 1, 2038) 2018-03-01 09:13:41 -06:00
Brent Cook 27bd2a4a9f workaround Y2k38 issues in java certificate generation 2018-03-01 08:41:28 -06:00
Brent Cook 325ad7256e if multi/handler is disabled, exit 2018-02-27 04:30:09 -06:00
attackdebris 2939695991 Add ARCH_CMD and general fixup 2018-02-26 16:59:36 -05:00
Brendan Coles f98b4b0540 require 'rubygems/package' 2018-02-22 04:28:56 +00:00
Quentin Kaiser 9e3f12665e Plaintext for console type to see what's going on. 2018-02-17 20:11:05 +01:00
Quentin Kaiser e877151895 Attempt at clarifying network exchange using Telnet class IAC related constants. 2018-02-17 14:00:57 +01:00
Quentin Kaiser e86169c217 Clean up Telnet IAC negotation and xplain obscure hex bytes. 2018-02-15 23:08:17 +01:00
Quentin Kaiser 5fbeb74f0c Remove osx platform and fix date. 2018-02-13 23:57:53 +01:00
Quentin Kaiser 0259e794ba OSGi console remote command execution. 2018-02-13 23:38:18 +01:00
Brendan Coles 1177efef89 Update tested versions 2018-02-10 16:32:20 +00:00
Brendan Coles 41dbae29a6 Add MagniComp SysInfo mcsiwrapper Privilege Escalation exploit 2018-02-05 13:47:09 +00:00
bwatters-r7 8be2b1f59e Land # 9407, Add BMC Server Automation RSCD Agent RCE exploit module 
Merge branch 'land-9407' into upstream-master
 2018-01-31 13:35:29 -06:00
Aaron Soto c390696ddf Land #9379, Oracle Weblogic RCE exploit and documentation 2018-01-25 21:47:18 -06:00
Brent Cook d1569f8280 Land #9413, Expand the number of class names searched when checking for an exploitable JMX server 2018-01-22 16:49:01 -06:00
Brent Cook 682c915a09 Land #9267, Add targets to sshexec 2018-01-22 09:59:48 -06:00
Kevin Kirsche c7d3b5dfbb Update payload and disable check functionality 
The check functionality is broken as MSF cannot handle HttpServer and HttpClient at this time.

The payloads were updated to ensure CVE-2017-10271 is being exploited instead of CVE-2017-3506 as explained on https://blog.nsfocusglobal.com/threats/vulnerability-analysis/technical-analysis-and-solution-of-weblogic-server-wls-component-vulnerability/
 2018-01-18 13:26:44 -05:00
bwatters-r7 4c11eae774 Maybe that timeout is needed..... 2018-01-17 13:21:36 -06:00
Philippe Tranca 35bec8d3cd Fixed classes names and added RMI interfaces 2018-01-17 17:10:36 +01:00
Philippe Tranca d345008b20 Added all the classes that implement RMI server 2018-01-17 17:03:32 +01:00
bwatters-r7 f439edfa1a Fixes by the fabled wvu 2018-01-17 08:20:52 -06:00
attackdebris 1c156c3d3c Add powershell payload to module 2018-01-16 14:30:02 +00:00
Philippe Tranca dfb9941e95 Fix java_jmx_server exploit 
Add test case when discovering RMI endpoint as the previous one was not complete
 2018-01-15 12:13:09 +01:00
Nicky Bloor 333ee893d3 Tidied up platform detection, check method, and minor typos. 2018-01-14 18:28:40 +00:00