adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
46,254 Commits 27 Branches 1,043 Tags
94de5a4e42cfb1dc0fdfc1233707f71b6d9a628b
Commit Graph

100 Commits

Author SHA1 Message Date
Aaron Soto 82fc4aba64 Land #9918, XDebug Unauthenticated OS command execution 2018-04-27 17:08:58 -05:00
wetw0rk c9d6d0a7a7 -51 2018-01-04 12:25:31 -06:00
wetw0rk 16d709f180 changes+filedropper 2018-01-03 14:09:30 -06:00
wetw0rk 8f0e41e159 requested changes 2018-01-01 17:30:43 -06:00
wetw0rk c47d09717d pfsense graph sploit 2018-01-01 03:18:51 -06:00
Tod Beardsley e6de25d63b Land #9316 Cambium modules and mixins, tx @juushya 
These cover several of the CVEs mentioned in

https://blog.rapid7.com/2017/12/19/r7-2017-25-cambium-epmp-and-cnpilot-multiple-vulnerabilities/
 2017-12-26 12:39:51 -06:00
juushya 8b0f2214b1 few more updates 2017-12-23 03:04:11 +05:30
juushya 038119d9df Use of get_cookies_parsed, changing dirs, marking deprecated in 2 mods, more 2017-12-23 00:14:27 +05:30
Jon Hart b29948412e Correct permissions, fixing warning 2017-12-22 07:27:11 -08:00
juushya a86abb0297 Implemented get_cookies_parsed 2017-12-22 05:36:36 +05:30
Wei Chen 37514eec17 Land #9234, Add exploit for ClickJacking vuln for pfSense 
Land #9234
 2017-12-12 14:56:21 -06:00
Wei Chen c7019e5aee Only load files once 2017-12-12 14:54:49 -06:00
Yorick Koster 942e44ceae Added local copies of the static content 2017-12-02 10:14:14 +01:00
Yorick Koster a02a02cb0c Fixed URL... 2017-11-22 11:31:23 +01:00
Yorick Koster d21d3c140e Fixed date 2017-11-22 11:15:34 +01:00
Yorick Koster 916ee05cce Add exploit module for Clickjacking vulnerability in CSRF error page pfSense 2017-11-22 11:06:22 +01:00
h00die dd8238d146 rubocop got a donut 2017-11-20 20:08:28 -05:00
h00die 579d012fa2 spelling 2017-11-19 08:36:27 -05:00
h00die b7f7afb3be version detect, 2.2.6 handling 2017-11-19 08:28:07 -05:00
h00die f8891952c6 pfsense group member exec module 2017-11-15 21:00:58 -05:00
Patrick Webster 2f6da89674 Change author name to nick. 2017-11-09 03:00:24 +11:00
William Vu a15b61a218 Fix #9160, exploit method from TcpServer 
It already starts the server and waits for us. This is what was called
when the module was still auxiliary.
 2017-11-01 19:26:00 -05:00
William Vu 87934b8194 Convert tnftp_savefile from auxiliary to exploit 
This has been a long time coming. Fixes #4109.
 2017-11-01 17:37:41 -05:00
h00die 00c593e0a2 55 pages of spelling done 2017-09-07 21:18:50 -04:00
Brent Cook 6300758c46 use https for metaploit.com links 2017-07-24 06:26:21 -07:00
g0tmi1k b8d80d87f1 Remove last newline after class - Make @wvu-r7 happy 2017-07-19 11:19:49 +01:00
William Vu 64452de06d Fix msf/core and self.class msftidy warnings 
Also fixed rex requires.
 2017-05-03 15:44:51 -05:00
OJ 1d617ae389 Implement first pass of architecture/platform refactor 2016-10-28 07:16:05 +10:00
Brent Cook b08d1ad8d8 Revert "Land #6812, remove broken OSVDB references" 
This reverts commit 2b016e0216, reversing
changes made to 7b1d9596c7.
 2016-07-15 12:00:31 -05:00
wchen-r7 816bc91e45 Resolve #6807, remove all OSVDB references. 
OSVDB is no longer a vulnerability database, therefore all the
references linked to it are invalid.

Resolve #6807
 2016-04-23 12:32:34 -05:00
wchen-r7 1d1a495a93 Style check 2016-04-13 10:19:57 -05:00
Brendan Coles b61175c6b4 Add Dell Kace K1000 unauthenticated remote root exploit 2016-04-12 16:15:37 +00:00
Christian Mehlmauer 3123175ac7 use MetasploitModule as a class name 2016-03-08 14:02:44 +01:00
Brent Cook f703fa21d6 Revert "change Metasploit3 class names" 
This reverts commit 666ae14259.
 2016-03-07 13:19:55 -06:00
Christian Mehlmauer 666ae14259 change Metasploit3 class names 2016-03-07 09:56:58 +01:00
James Lee 12256a6423 Remove now-redundant peer 
These all include either Msf::Exploit::Remote:Tcp or Msf::Exploit::Remote:HttpClient
 2016-02-01 15:12:03 -06:00
wchen-r7 11c1eb6c78 Raise Msf::NoCompatiblePayloadError if generate_payload_exe fails 
Most exploits don't check nil for generate_payload_exe, they just
assume they will always have a payload. If the method returns nil,
it ends up making debugging more difficult. Instead of checking nil
one by one, we just raise.
 2015-12-08 21:13:23 -06:00
jvazquez-r7 203c231b74 Fix #5659: Update CMD exploits payload compatibility options 2015-08-10 17:12:59 -05:00
Tod Beardsley 49a6057f74 Grammaring harder 2015-03-24 11:10:36 -05:00
Hans-Martin Münch (h0ng10) 5dd718e4fa Better description 2015-03-18 09:51:51 +01:00
Hans-Martin Münch (h0ng10) 00de437918 Initial commit 2015-03-18 09:45:08 +01:00
Tod Beardsley d3050de862 Remove references to Redmine in code 
See #4400. This should be all of them, except for, of course, the module
that targets Redmine itself.

Note that this also updates the README.md with more current information
as well.
 2014-12-19 17:27:08 -06:00
URI Assassin 35d3bbf74d Fix up comment splats with the correct URI 
See the complaint on #4039. This doesn't fix that particular
issue (it's somewhat unrelated), but does solve around
a file parsing problem reported by @void-in
 2014-10-17 11:47:33 -05:00
Tod Beardsley cad281494f Minor caps, grammar, desc fixes 2014-08-18 13:35:34 -05:00
Emilio Pinna 4ff73a1467 Add version build check 2014-08-13 09:53:43 +02:00
Emilio Pinna 3440f82b2e Minor description adjustment 2014-08-12 22:18:59 +02:00
Emilio Pinna 9e38ffb797 Add the check for the manual payload setting 2014-08-12 21:55:42 +02:00
Emilio Pinna 5b6be55c50 Fix (properly) 'execute_command()' missing 'opts' parameter 2014-08-12 19:49:27 +02:00
Emilio Pinna 3af17ffad0 Fixed 'execute_command()' missing 'opts' parameter 2014-08-12 19:24:24 +02:00
Emilio Pinna f71589f534 Simplify payload upload using 'CmdStager' mixin 2014-08-12 10:49:17 +02:00