adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
46,254 Commits 27 Branches 1,043 Tags
94de5a4e42cfb1dc0fdfc1233707f71b6d9a628b
Commit Graph

11200 Commits

Author SHA1 Message Date
Brendan Coles 842736f7b1 register_dir_for_cleanup 2018-01-12 14:21:43 +00:00
Agahlot 488f27bf76 Small Typo 2018-01-12 07:05:30 -05:00
Brendan Coles 8bbffd20cd Add Apport chroot Privilege Escalation exploit 2018-01-12 07:25:35 +00:00
Kevin Kirsche 04e4ff6b3c Use stop_service to avoid cleanup overload 2018-01-11 19:14:26 -05:00
Kevin Kirsche 40f54df129 Feedback updates 2018-01-11 18:54:58 -05:00
Kevin Kirsche 172ffdfea1 Use geturi instead of building it ourselves 2018-01-11 18:27:56 -05:00
Wei Chen e6c4fb1dab Land #9269, Add a new target for Sync Breeze Enterprise GET BoF 
Land #9269
 2018-01-11 16:54:23 -06:00
Wei Chen f395e07fc6 Land #9269, add new target for Sync Breeze Enterprise GET BoF 
Land #9269
 2018-01-11 16:53:02 -06:00
Kevin Kirsche d4056e72da Lower the default timeout for CHECK 2018-01-11 17:38:30 -05:00
Kevin Kirsche 3617a30e34 Add URIPATH random URI 2018-01-11 17:33:14 -05:00
Kevin Kirsche a28d4a4b5b Add check and update for some style considerations 2018-01-11 17:28:09 -05:00
Kevin Kirsche 0d9a40d2e5 Use target['Platform'] instead of target_platform 2018-01-11 15:44:07 -05:00
Kevin Kirsche c490d642e2 Was missing a comma 2018-01-11 09:42:24 -05:00
Kevin Kirsche 3132566d8f Fix OptFloat error 2018-01-11 09:22:16 -05:00
Kevin Kirsche c05b440f26 Fix additional feedback 
This
* uses ternary operators
* uses an `RPORT` option shortcut
* removes the `xml_payload` variable and instead more explicitly uses the method directly
* Uses `OptFloat` for the timeout option to allow partial seconds
 2018-01-11 08:17:13 -05:00
Wei Chen 6510ee53bc Land #9204, Add exploit for Samsung SRN-1670D (CVE-2017-16524) 
Land #9204
 2018-01-10 20:15:29 -06:00
Wei Chen 18c179a091 Update module and add documentation 
This updates the module to pass:

* msftidy
* Ruby style guidelines
* Proper usage of Metasploit API
* Mostly other cosmetic fixes

A documentation is also added.
 2018-01-10 20:13:42 -06:00
Wei Chen 7e2c7837e5 Land #9325, Add CVE-2017-6090 phpCollab 2.5.1 file upload exploit module 
Land #9325
 2018-01-10 17:39:50 -06:00
Wei Chen b1f3f471f3 Update phpcollab_upload_exec code (also module documentation) 2018-01-10 17:38:52 -06:00
Wei Chen dd737c3bc8 Land #9317, remove multiple deprecated modules 
Land #9317

The following modules are replaced by the following:

auxiliary/scanner/discovery/udp_probe
is replaced by:
auxiliary/scanner/discovery/udp_sweep

exploit/unix/webapp/wp_ninja_forms_unauthenticated_file_upload
is replaced by:
exploit/multi/http/wp_ninja_forms_unauthenticated_file_upload

exploit/windows/misc/regsvr32_applocker_bypass_server
is replaced by:
exploits/multi/script/web_delivery
 2018-01-10 15:47:20 -06:00
Wei Chen 8d77f35b16 Land #9373, Add LabF nfsAxe FTP Client 3.7 Stack Buffer Overflow 
Land #9373
 2018-01-09 22:40:50 -06:00
Wei Chen 25280e3319 Update labf_nfsaxe and module documentation 2018-01-09 22:39:40 -06:00
Wei Chen 777e383568 Land #9377, Add HPE iMC dbman RestoreDBase Unauthenticated RCE exploit 
Land #9377
 2018-01-09 13:56:53 -06:00
Wei Chen a0c9cdd73d Land #9376, Add HPE iMC dbman RestartDB Unauthenticated RCE exploit 
Land #9376
 2018-01-09 13:28:03 -06:00
Kevin Kirsche ab89e552ed Remove accidental trailing space 2018-01-08 14:42:03 -05:00
Kevin Kirsche 2252490e62 Fix using arbitrary keys to instead use "URL" 2018-01-08 14:30:03 -05:00
Kevin Kirsche e80ca348cf Add Exploit-DB ID 2018-01-08 10:55:46 -05:00
Kevin Kirsche 6beeece708 Re-add timeout value 2018-01-07 20:21:29 -05:00
Wei Chen d138f1508c Land #9340, Add exploit for Commvault Remote Command Injection 
Land #9340
 2018-01-07 12:17:26 -06:00
Daniel Teixeira ff1806ef5f Update labf_nfsaxe.rb 2018-01-07 16:46:06 +00:00
Kevin Kirsche eefd432161 Make sure Platforms match our actual target list 2018-01-06 08:31:30 -05:00
Kevin Kirsche 4bd196f8b2 Fix missing single quotes and remove comma 2018-01-06 08:30:48 -05:00
Kevin Kirsche 867b32415d Fix feedback from wvu-r7 
Fixes feedback from wvu-r7

- Consolidates payload to single method
- Replaces gsub! with standard encode method
- Note exploit discovery and proof of concept code used in authors (still seems weird to include the discovery as an author...)
- Change link
- Use `ARCH_CMD` instead of `[ARCH_CMD]`
- Remove Linux target as it's only Windows or Unix
- Remove timeout as I don't know how to pass it to `send_request_cgi`
 2018-01-06 08:12:43 -05:00
Brendan Coles 6665a4f735 Use register_dir_for_cleanup 2018-01-06 10:55:29 +00:00
Kevin Kirsche 744f20304c Remove hardcoded user-agent from the headers 
Remove hardcoded user-agent from the headers allowing for `send_request_cgi` to control this
 2018-01-05 18:22:27 -05:00
Daniel Teixeira a69f275a39 Update labf_nfsaxe.rb 2018-01-05 21:14:47 +00:00
Daniel Teixeira c819aebc76 Add files via upload 2018-01-05 21:11:21 +00:00
Daniel Teixeira e797ca4781 Add files via upload 2018-01-05 21:00:47 +00:00
Daniel Teixeira aca76e2a4e Update labf_nfsaxe.rb 2018-01-05 20:58:36 +00:00
Daniel Teixeira 2643acbc25 Update labf_nfsaxe.rb 2018-01-05 20:55:49 +00:00
Daniel Teixeira b29710c66b Add files via upload 2018-01-05 20:47:27 +00:00
Daniel Teixeira 94a1198485 Update labf_nfsaxe.rb 2018-01-05 20:41:49 +00:00
Kevin Kirsche 2478de934b Add CVE-2017-10271 / Oracle WebLogic wls-wsat RCE 2018-01-05 15:05:21 -05:00
Daniel Teixeira b97785c7a9 Update labf_nfsaxe.rb 2018-01-05 18:46:33 +00:00
Daniel Teixeira e7946549d7 Update labf_nfsaxe.rb 2018-01-05 18:31:40 +00:00
Brendan Coles 006514864b Add HPE iMC dbman RestoreDBase Unauthenticated RCE exploit 2018-01-05 11:28:48 +00:00
Brendan Coles 52a5fc9e0a Add HPE iMC dbman RestartDB Unauthenticated RCE exploit 2018-01-05 11:28:14 +00:00
Daniel Teixeira a3fb8b6619 Update labf_nfsaxe.rb 2018-01-04 20:55:38 +00:00
Daniel Teixeira e5bb4bf057 Add files via upload 2018-01-04 20:26:28 +00:00
h00die 65f444ddcc land #9362 exploit for pfsense graph injection 2018-01-04 14:35:52 -05:00