adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
46,254 Commits 27 Branches 1,043 Tags
94de5a4e42cfb1dc0fdfc1233707f71b6d9a628b
Commit Graph

11200 Commits

Author SHA1 Message Date
Brent Cook d689b33d7e more error handling, deal with user error 2017-11-30 08:31:13 -06:00
Brent Cook 87e683c763 add back kill syscall for trap method 2017-11-30 08:12:15 -06:00
Brent Cook a0e0e1db15 allow manual targeting, handle errors better 2017-11-30 07:51:12 -06:00
Brent Cook eea72663b3 warn on method failure instead of error 2017-11-30 06:37:21 -06:00
Brent Cook 9f12b794da cleanup comments 2017-11-30 06:37:04 -06:00
Brent Cook 5da34e8f2b support RHOST/RPORT 2017-11-30 06:36:42 -06:00
Brent Cook 59580195b4 resurrect old methods, try all 3 2017-11-30 06:16:05 -06:00
Tim W 58897bf2fc msftidy 2017-11-29 16:36:50 +08:00
Tim W 7f1f7281f1 add local exploit for osx root login with no password 2017-11-29 16:06:02 +08:00
Austin 676a08b849 Update polycom_hdx_traceroute_exec.rb 2017-11-28 22:01:41 -05:00
Austin 2544b4d8db Change target name 2017-11-28 21:39:04 -05:00
Austin cb7f173811 Update office_ms17_11882.rb 2017-11-28 21:36:25 -05:00
Zenofex d174ef3a70 Add wd_mycloud_multiupload_upload exploit 2017-11-28 07:12:00 -06:00
Brendan Coles f8ebd65449 Add ASUS infosvr Unauthenticated Command Execution exploit 2017-11-28 12:58:52 +00:00
bwatters-r7 244acc48b6 Land #9212, pfsense group member exec module 2017-11-27 11:27:29 -06:00
vipzen 0d79a3a3e2 Add support to Windows .NET Server 2017-11-23 08:35:55 -02:00
WhiteWinterWolf bfd5c2d330 Keep the initial option name 'ADMIN_ROLE' 2017-11-22 22:03:56 +01:00
Austin 960893b99d change default payload 2017-11-22 06:36:46 -05:00
Yorick Koster a02a02cb0c Fixed URL... 2017-11-22 11:31:23 +01:00
Yorick Koster d21d3c140e Fixed date 2017-11-22 11:15:34 +01:00
Yorick Koster 916ee05cce Add exploit module for Clickjacking vulnerability in CSRF error page pfSense 2017-11-22 11:06:22 +01:00
Jon Hart 879db5cf38 Land #9050, @mpizala's improvements to the docker_daemon_tcp module 2017-11-21 17:13:24 -08:00
Austin 275f70e77e better saving 2017-11-21 19:34:04 -05:00
Austin db4c0fcca9 spelling 2017-11-21 19:02:14 -05:00
Austin fcea6fd8d4 actually create new file ;-; 2017-11-21 15:00:06 -05:00
Austin 39a4d193a1 Create office_ms17_11882.rb 2017-11-21 14:47:02 -05:00
Robin Verton 52356e00b7 Use stylistic suggestions from rubocop 2017-11-21 14:30:13 +01:00
h00die dd8238d146 rubocop got a donut 2017-11-20 20:08:28 -05:00
Adam Cammack dd57138423 Make external module read loop more robust 
Changes from a "hope we get at most one message at a time" model to
something beginning to resemble a state machine. Also logs error output
and fails the MSF module when the external module fails.
 2017-11-20 16:52:05 -06:00
h00die 579d012fa2 spelling 2017-11-19 08:36:27 -05:00
h00die b7f7afb3be version detect, 2.2.6 handling 2017-11-19 08:28:07 -05:00
WhiteWinterWolf 2be3433bdb Update references URLs 2017-11-17 13:27:35 +01:00
WhiteWinterWolf a636380e4b Merge the new method into drupal_drupageddon.rb 2017-11-17 13:00:15 +01:00
WhiteWinterWolf 704514a420 New exploit method for Drupageddon (CVE-2014-3704) 
This new script exploits the same vulnerability as
 *exploits/multi/http/drupal_drupageddon.rb*, but in a more efficient way.
 2017-11-16 20:47:44 +01:00
h00die f8891952c6 pfsense group member exec module 2017-11-15 21:00:58 -05:00
Adam Cammack c740f4369c Land #9197, Cleanup Mako Server exploit 2017-11-15 15:01:31 -06:00
Adam Cammack 4219959c6d Bump ranking to Excellent 2017-11-15 15:00:47 -06:00
Austin 829a7a53db verbose response. 2017-11-15 12:27:40 -05:00
Austin 4918e5856d Update polycom_hdx_traceroute_exec.rb 2017-11-15 10:41:51 -05:00
Austin d93120e2ac Create polycom_hdx_traceroute_exec.rb 2017-11-15 10:40:57 -05:00
Martin Pizala 33e5508bcb bypass user namespaces 2017-11-15 15:14:58 +01:00
Mehmet İnce 54936b6ac3 Updatig documentation and tweaking initiate_session 2017-11-15 01:04:06 +03:00
Mehmet İnce 86e47589b0 Add xplico remote code execution 2017-11-14 09:30:57 +03:00
0xFFFFFF d28ae361ca Added exploit module for Samsung SRN-1670D vuln CVE-2017-16524 
Please find my exploit module for the vulnerability CVE-2017-16524 I discovered and tested on Web Viewer 1.0.0.193 on SAMSUNG SRN-1670D
 2017-11-12 20:11:44 +01:00
William Vu f3e2f4d500 Land #9167, D-Link DIR-850L exploit 2017-11-10 18:15:39 -06:00
William Vu 3936d3baa1 Clean up module 2017-11-10 18:15:22 -06:00
Martin Pizala 971ec80fc1 Keep the python target 2017-11-10 23:11:27 +01:00
Steven Patterson df2b62dc27 Add Mako Server CMD injection Linux support, update docs, move to multi 2017-11-10 16:28:39 -05:00
William Vu ea260e87b7 Remove headers, since we didn't send them before 
http was an invalid key for setting headers, and we still got a shell.
These headers also don't seem relevant to the PUT request.
 2017-11-09 11:06:50 -06:00
William Vu 7213e6cc49 Fix #9133, makoserver_cmd_exec cleanup 2017-11-09 10:52:03 -06:00