adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
46,254 Commits 27 Branches 1,043 Tags
94de5a4e42cfb1dc0fdfc1233707f71b6d9a628b
Commit Graph

23791 Commits

Author SHA1 Message Date
Brent Cook 7355817329 Land #8371, Fix msftidy warnings for the WNR2000 module 2017-05-11 22:51:11 -05:00
Brent Cook 123462bdca Land #8293, add initial multi-platform railgun support 2017-05-11 22:32:23 -05:00
h00die af4505a9de land #8009 post module for jboss creds gather 2017-05-11 22:39:54 -04:00
h00die 285857c23f remove req msfcore 2017-05-11 22:39:41 -04:00
h00die 6fa51aee8f moving docs to correct folder 2017-05-11 22:33:00 -04:00
William Vu 231510051c Fix uri_str for exploit 2017-05-11 16:30:10 -05:00
William Vu bee36ca90f Fix edge case 2017-05-11 16:22:21 -05:00
William Vu 68f13808e7 Fix msftidy warnings for the WNR2000 module 2017-05-11 16:16:10 -05:00
William Vu 2ae943d981 Use payload common case instead of general case 
Both x86 and x64 work on x64, but we really expect x64, and there's no
migration to move us from x86 to x64.
 2017-05-11 15:43:49 -05:00
Brent Cook e414bdb876 don't try to guess intent for specified default targets, leave auto-auto targeting to unspecified modules 2017-05-11 15:19:11 -05:00
Brent Cook 30c48deeab msftidy and misc. fixups for Quest BoF module 2017-05-11 08:07:39 -05:00
William Webb e8aed42ecd Land #8223, Quest Privilege Manager pmmasterd Buffer Overflow 2017-05-11 00:44:19 -05:00
Josh Hale 843f148e62 One more yard doc function 2017-05-10 23:01:03 -05:00
Josh Hale e84765c1c6 All functions have yard doc like comments 2017-05-10 23:01:03 -05:00
Josh Hale c5391c2a64 Update cmd print to match core.rb 2017-05-10 23:01:03 -05:00
Josh Hale 10c7c3893a Add subnet check for Android payloads 2017-05-10 23:01:03 -05:00
Josh Hale c49bd9ee4e Add session ready check 2017-05-10 23:01:03 -05:00
Josh Hale 97eaa83114 Update delete all routes 2017-05-10 23:01:03 -05:00
Josh Hale f670fcddcb Initial code cleanup and multi compatibility work 2017-05-10 23:01:02 -05:00
Brent Cook 099fc0176a move autoroute to a more sensible location 2017-05-10 23:01:02 -05:00
Adam Cammack 18d95b6625 Land #8346, Templatize shims for external modules 2017-05-10 18:15:54 -05:00
William Vu 09f6c21f94 Add note about Host header limitations 2017-05-10 15:17:20 -05:00
William Vu b446cbcfce Add reference to Exim string expansions 2017-05-10 15:17:20 -05:00
William Vu 8842764d95 Add some comments about badchars 2017-05-10 15:17:20 -05:00
William Vu ecb79f2f85 Use reduce instead of extracting twice 2017-05-10 15:17:20 -05:00
William Vu b5f25ab7ca Use extract instead of doubling /bin/echo 2017-05-10 15:17:20 -05:00
William Vu 9a64ecc9b0 Create a pure-Exim, one-shot HTTP client 2017-05-10 15:17:20 -05:00
William Vu 0ce475dea3 Add WordPress 4.6 PHPMailer exploit 2017-05-10 15:17:20 -05:00
James Lee d00685a802 Don't run a DoS during wmap scans 2017-05-10 14:41:24 -05:00
Brendan Coles 42c7d64b28 Update style 2017-05-10 06:37:09 +00:00
Brent Cook faf01ed5ef Land #8353, add aux scanner for Intel AMT digest bypass 2017-05-09 18:45:21 -05:00
James Lee 72388a957f Land #8355, IIS ScStoragePathFromUrl 
See #8162
 2017-05-09 11:06:01 -05:00
Christian Mehlmauer 2b4ace9960 convert to "screaming snake" 2017-05-09 09:30:45 +02:00
Brent Cook cf487cc90c reverse_ncat_ssl is stable 2017-05-08 17:43:34 -05:00
Brendan Coles 32dafb06af Replace NoTarget with NotVulnerable 2017-05-08 22:29:44 +00:00
Christian Mehlmauer f70b402dd9 add comment 2017-05-09 00:17:00 +02:00
Brent Cook 86365c89d1 Land #8352, style updates for lotus_domino_hashes 2017-05-08 17:11:44 -05:00
Christian Mehlmauer 806963359f fix fail with condition 2017-05-08 23:47:48 +02:00
Christian Mehlmauer f62ac6327d add @rwhitcroft 2017-05-08 23:20:12 +02:00
Christian Mehlmauer 26373798fa change rank 2017-05-08 23:07:12 +02:00
Christian Mehlmauer 962a31f879 change minimum length 2017-05-08 23:01:17 +02:00
Christian Mehlmauer 7dccb17834 auto extract values and implement brute forcing 2017-05-08 22:47:29 +02:00
Brent Cook 841f63ad20 make office_word_hta backward compat with older Rubies 2017-05-08 15:10:48 -05:00
Christian Mehlmauer 406a7f1ae2 Merge remote-tracking branch 'dmchell/dmchell-cve-2017-7269' into iis2 2017-05-08 21:51:51 +02:00
Brent Cook fede672a81 further revise templates 2017-05-08 14:26:24 -05:00
HD Moore f7ff840ef0 Add missing return, thanks bperry! 2017-05-08 14:08:59 -05:00
HD Moore 9392e48b72 Add a scanner for Intel AMT auth bypass (CVE-2017-5689) 2017-05-08 13:24:00 -05:00
Jeffrey Martin a1efa30fa2 comments adjustments & enum better 2017-05-08 11:57:06 -05:00
William Vu b794bfe5db Land #8335, rank fixes for the msftidy god 2017-05-07 21:20:33 -05:00
Bryan Chu 88bef00f61 Add more ranks, remove module warnings 
../vmware_mount.rb
Rank = Excellent
Exploit uses check code for target availability,
the vulnerability does not require user action,
and the exploit uses privilege escalation to run
arbitrary executables

../movabletype_upgrade_exec.rb
Rank = ExcellentRanking
Exploit utilizes code injection,
has a check for availability

../uptime_file_upload_2.rb
Rank = ExcellentRanking
Exploit allows execution of arbitrary commands,
has a check for availability

../zpanel_information_disclosure_rce.rb
Rank = ExcellentRanking
Exploit allows remote code execution,
implements version check for pChart

../spip_connect_exec.rb
Rank = ExcellentRanking
Exploit utilizes code injection,
has a check for availability

../wp_optimizepress_upload.rb
Rank = ExcellentRanking
Exploit allows execution of arbitrary code,
has a check for availability

../wing_ftp_admin_exec.rb
Rank = ExcellentRanking
Exploit allows execution of arbitrary commands,
has a check for availability

../novell_mdm_lfi.rb
Rank = ExcellentRanking
Exploit allows execution of arbitrary code,
has a check for availability

../run_as.rb
Rank = ExcellentRanking
Exploit utilizes command injection,
checks system type, and does not require user action
 2017-05-07 15:41:26 -04:00