adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
46,254 Commits 27 Branches 1,043 Tags
94de5a4e42cfb1dc0fdfc1233707f71b6d9a628b
Commit Graph

11200 Commits

Author SHA1 Message Date
Tod Beardsley 27a324237b Initial commit for Cambium issues from @juushya 
Note, these will trigger a bunch of WARNING msftidy messages for setting
cookies directly. This is on purpose.
 2017-12-18 16:32:55 -06:00
HD Moore a44010deb1 WIP for GoAhead LD_PRELOAD 2017-12-18 10:51:47 -06:00
William Vu e9b9c80841 Fix #9307, credit to @r0610205 2017-12-18 03:55:01 -06:00
William Vu 76823e9fe6 Land #9183, Jenkins Groovy XStream RCE 2017-12-18 03:38:27 -06:00
William Vu d3638d0487 Land #9154, Tuleap PHP object injection exploit 2017-12-18 03:19:42 -06:00
William Vu 0e2a158abd Fix global var $is_check (make ivar @is_check) 2017-12-18 03:15:33 -06:00
William Vu 8e4b007edc Move verify_arch to dcerpc_getarch 
We can use this code elsewhere, such as the MS17-010 scanner.
 2017-12-14 02:08:25 -06:00
Brent Cook c6a2ae2551 Land #9248, Add wd_mycloud_multiupload_upload exploit 2017-12-13 18:51:02 -06:00
Brent Cook 125a079fa9 add cve reference 2017-12-13 18:50:21 -06:00
Wei Chen b99663fb6c Bring #9282 up to date with upstream-master 2017-12-13 13:16:30 -06:00
Wei Chen 37514eec17 Land #9234, Add exploit for ClickJacking vuln for pfSense 
Land #9234
 2017-12-12 14:56:21 -06:00
Wei Chen c7019e5aee Only load files once 2017-12-12 14:54:49 -06:00
Tim c4e20e01e3 iOS meterpreter 2017-12-12 23:23:21 +08:00
securekomodo b335cacfc1 Update wp_slideshowgallery_upload.rb 
Variable on line 67 needs to be changed to "user" from "username" which was undefined and causing error during exploit execution.

[-] Exploit failed: NameError undefined local variable or method `username' for #<Msf::Modules::Mod6578706c6f69742f756e69782f7765626170702f77705f736c69646573686f7767616c6c6572795f75706c6f6164::MetasploitModule:0x0055c61ab093f8>

After changing the incorrect variable name from "username" to "user", the exploit completes.
 2017-12-12 00:33:28 -05:00
Matthew Kienow d79b0ad981 Land #9286, Advantech WebAccess webvrpcs BOF RCE 2017-12-12 00:25:56 -05:00
mr_me e7a2dd2e71 fixed email 2017-12-11 23:20:46 -06:00
mr_me 26e2eb8f1a Changed to good ranking 2017-12-11 23:14:36 -06:00
Pearce Barry 9a6c54840b Minor tweak to use vprint... 2017-12-11 16:48:47 -06:00
mr_me f8977ed72c added some fixes 2017-12-11 11:34:17 -06:00
Chris Higgins e91830efe7 Add Dup Scout Enterprise login buffer overflow 2017-12-09 02:20:05 -06:00
Pearce Barry 604b949e23 Updated per review comments. 2017-12-08 10:42:43 -06:00
mr_me 34ef650b0d fixed up msftidy, opps. 2017-12-07 17:03:39 -06:00
mr_me 75a82b3fe7 Advantech WebAccess webvrpcs ViewDll1 Stack-based Buffer Overflow Remote Code Execution Vulnerability 2017-12-07 16:34:26 -06:00
Austin 5a81f8091d change some options for somethinf for sensible 2017-12-07 14:44:36 -05:00
Austin 335cc13cab remove option, advanced Message seems to break it. 2017-12-07 14:17:14 -05:00
Austin 7bdc99a153 Fix HANDLER + some default options! 2017-12-07 13:53:39 -05:00
Austin 09aa433fdc Add MESSAGE field for "obfuscation" 2017-12-07 08:04:31 -05:00
Austin 8bb6a8f47c Rename office_dde_delivery to office_dde_delivery.rb 2017-12-06 22:40:37 -05:00
Austin 9d11c60d88 Office DDE Payload Delivery 
Generate / Inject existing RTF files with DDE Payloads!
 2017-12-06 21:41:00 -05:00
bwatters-r7 4ca595eb15 wvu-suggested fix 2017-12-05 11:55:17 -06:00
William Webb adba277be0 axe errant spaces at EOL 2017-12-04 16:57:48 -08:00
William Webb 69b01d26bb Land #9226, Microsoft Office OLE object memory corruption 2017-12-04 16:50:27 -08:00
William Vu 19b37c7070 Land #9263, drb_remote_codeexec fixes 
See pull requests #7531 and #7749 for hysterical raisins.
 2017-12-04 18:45:03 -06:00
Brent Cook b13f4e25e1 thanks for making this well-known 2017-12-04 18:32:31 -06:00
Brent Cook a27bb38d51 add authors 2017-12-04 18:25:18 -06:00
Austin b96dac28d5 fix info segment 2017-12-04 16:42:41 -05:00
Brent Cook f83e9815dd Land #9210, Add a Polycom HDX RCE 2017-12-04 12:49:35 -06:00
Brent Cook 7edab268f5 handle case-insensitive password, fix received 2017-12-04 12:47:40 -06:00
Austin 06334aa2bd Update polycom_hdx_traceroute_exec.rb 2017-12-04 11:05:01 -05:00
Yorick Koster 942e44ceae Added local copies of the static content 2017-12-02 10:14:14 +01:00
wetw0rk 4cbb5f2619 added new target 2017-12-01 18:35:45 -06:00
Jacob Robles c79186593a Update DiskBoss Module (EDB 42395) 
Added a new target option for the
DiskBoss Server.
 2017-12-01 15:08:57 -06:00
bwatters-r7 d1d8e3a678 Let's not rescue everything..... 2017-12-01 10:58:18 -06:00
Austin c788e4e540 Update office_ms17_11882.rb 2017-12-01 11:36:03 -05:00
Austin 7df46b33e8 disassembly ASM 2017-12-01 08:03:56 -05:00
bwatters-r7 6752770695 Shut up rubocop 2017-11-30 20:45:11 -06:00
bwatters-r7 e3dc17dd92 Add some extra targets 2017-11-30 16:16:34 -06:00
bwatters-r7 3b2a0be200 First swing at osx x64 meterpreter support 2017-11-30 14:47:46 -06:00
Zenofex 1ced3994b0 Added more reference urls to wd_mycloud_multiupload_upload module. 2017-11-30 12:53:33 -06:00
Brent Cook c288dab338 fixup RHOST/RPORT expectations if only URI is set 2017-11-30 10:51:02 -06:00