adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
46,254 Commits 27 Branches 1,043 Tags
94de5a4e42cfb1dc0fdfc1233707f71b6d9a628b
Commit Graph

23791 Commits

Author SHA1 Message Date
Daniel Teixeira a69f275a39 Update labf_nfsaxe.rb 2018-01-05 21:14:47 +00:00
Daniel Teixeira c819aebc76 Add files via upload 2018-01-05 21:11:21 +00:00
Daniel Teixeira e797ca4781 Add files via upload 2018-01-05 21:00:47 +00:00
Daniel Teixeira aca76e2a4e Update labf_nfsaxe.rb 2018-01-05 20:58:36 +00:00
Daniel Teixeira 2643acbc25 Update labf_nfsaxe.rb 2018-01-05 20:55:49 +00:00
Daniel Teixeira b29710c66b Add files via upload 2018-01-05 20:47:27 +00:00
Daniel Teixeira 94a1198485 Update labf_nfsaxe.rb 2018-01-05 20:41:49 +00:00
Kevin Kirsche 2478de934b Add CVE-2017-10271 / Oracle WebLogic wls-wsat RCE 2018-01-05 15:05:21 -05:00
Daniel Teixeira b97785c7a9 Update labf_nfsaxe.rb 2018-01-05 18:46:33 +00:00
Daniel Teixeira e7946549d7 Update labf_nfsaxe.rb 2018-01-05 18:31:40 +00:00
jgor 51e5fb450f Detect and return on bad VNC negotiations 2018-01-05 10:12:13 -06:00
Brendan Coles 006514864b Add HPE iMC dbman RestoreDBase Unauthenticated RCE exploit 2018-01-05 11:28:48 +00:00
Brendan Coles 52a5fc9e0a Add HPE iMC dbman RestartDB Unauthenticated RCE exploit 2018-01-05 11:28:14 +00:00
Daniel Teixeira a3fb8b6619 Update labf_nfsaxe.rb 2018-01-04 20:55:38 +00:00
Daniel Teixeira e5bb4bf057 Add files via upload 2018-01-04 20:26:28 +00:00
Tim W beda2d1efb add retries and error checking to osx stager 2018-01-05 03:59:12 +08:00
h00die fb75cd4617 it does work! 2018-01-04 14:44:43 -05:00
h00die 65f444ddcc land #9362 exploit for pfsense graph injection 2018-01-04 14:35:52 -05:00
wetw0rk c9d6d0a7a7 -51 2018-01-04 12:25:31 -06:00
William Vu 366a20a4a4 Fix #9215, minor style nitpick 2018-01-03 23:11:51 -06:00
Brent Cook 520e890520 Land #8581, VMware Workstation ALSA Config File Local Privilege Escalation 2018-01-03 21:35:57 -06:00
Wei Chen b8dde2e650 Land #9360, Ayukov NFTP FTP client buffer overflow vulnerability 
Land #9360
 2018-01-03 20:56:12 -06:00
Wei Chen 04cf3017c0 Update ayukov_nftp exploit and module documentation 2018-01-03 20:52:57 -06:00
Aaron Soto 7849155347 Land #9359, Improve DCE/RPC fault handling 2018-01-03 20:42:17 -06:00
William Vu c3f10c1d57 Land #9336, Linksys WVBR0-25 exploit 2018-01-03 18:13:44 -06:00
dmohanty-r7 a5fa63405f Land #9206, Add Xplico RCE exploit module 2018-01-03 16:02:51 -06:00
Adam Cammack a98de2d9a3 Land #9358, Support password protected key files 2018-01-03 15:12:28 -06:00
William Vu a1d43c8f33 Land #9215, new Drupageddon vector 2018-01-03 14:45:32 -06:00
William Vu 84c951cc1d Land #8059, Postfixadmin alias modification module 2018-01-03 14:29:49 -06:00
wetw0rk 16d709f180 changes+filedropper 2018-01-03 14:09:30 -06:00
Tim W 46a45550fd add osx x64 stager 2018-01-03 14:04:14 +08:00
h00die e23e87b444 bcoles fixes 2018-01-02 20:23:24 -05:00
wetw0rk 8f0e41e159 requested changes 2018-01-01 17:30:43 -06:00
wetw0rk c47d09717d pfsense graph sploit 2018-01-01 03:18:51 -06:00
Daniel Teixeira 67357e316b Update ayukov_nftp.rb 2017-12-31 17:48:23 +00:00
Daniel Teixeira 10b2833e7c Update ayukov_nftp.rb 2017-12-31 17:00:17 +00:00
Daniel Teixeira 21717ae0a2 Create ayukov_nftp.rb 2017-12-31 15:43:16 +00:00
bka-dev 086f657c56 Fix early termination of auxiliary/scanner/dcerpc/hidden 
This commit fixes an issue, where auxiliary/scanner/dcerpc/hidden terminates directly, once an endpoint can't be reached or access is denied. Instead the next endpoint in list should be checked, instead of terminating directly.
 2017-12-31 14:41:33 +01:00
RageLtMan f2a8d68a1f Permit encrypted SSH keys for login scanner 
Net::SSH::KeyFactory permits loading keys using a passphrase.
The Framework SSH modules were implemented back when we had a fork
of net-ssh in our tree, and can now use functionality provided by
the upstream gem.
Update the ssh key login scanner to add a KEY_PASS datastore
OptString which is then passed to the KeyCollection class and used
in the updated :read_key method which now calls the KeyFactory to
read data and give us the appropriate String representation of the
key in the KeyCollection's cache.
A bit of cleanup performed as well, removing legacy code paths no
longer hit by the module. Shamelessly added self to authors, fair
amount of blood and sweat in the SSH subsystem over the years, hope
nobody objects.

Testing:
  None yet
 2017-12-31 02:53:06 -05:00
h00die bc0a08ef5a a few updates per bcoles 2017-12-30 11:23:58 -05:00
Brendan Coles c153788424 Remove sleeps 2017-12-30 15:20:56 +00:00
Jan-Frederik Rieckers 7f3df74134 fixup! Adding Module for Postfixadmin CVE-2017-5930 
Add error handling if request fails

Fix a typo in doc, add default value to doc
 2017-12-30 13:04:23 +01:00
HD Moore ece5528379 Small tweaks based on @bcoles feedback. Thanks! 2017-12-29 16:17:53 -06:00
h00die 3516305517 land #9191 an exploit against HP LoadRunner magentproc 2017-12-29 16:35:43 -05:00
h00die 4dacc70b9a slight updates to magentproc docs 2017-12-29 16:35:12 -05:00
h00die b698095c49 slight updates to magentproc docs 2017-12-29 16:30:32 -05:00
h00die 67c2119736 oh brother 2017-12-29 14:16:34 -05:00
Jan-Frederik Rieckers 289e887895 Adding Module for Postfixadmin CVE-2017-5930 
This exploit allows domain admins to delete protected aliases.
It can be used to redirect aliases like abuse@domain and can aid in
further attacks.
 2017-12-29 17:13:59 +01:00
Brent Cook 8de760f1f7 Land #9348, Only use basic auth in couchdb_enum when credentials are provided 2017-12-28 21:24:45 -06:00
Tim W 44fbb171a6 osx stager 2017-12-29 11:13:25 +08:00