adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
46,254 Commits 27 Branches 1,043 Tags
94de5a4e42cfb1dc0fdfc1233707f71b6d9a628b
Commit Graph

23791 Commits

Author SHA1 Message Date
Pearce Barry af3f1fbc37 Land #8332, Canprobe Module 2017-05-07 12:20:27 -05:00
Pearce Barry c05e7b3b58 Minor corrections and a tweak to appease msftidy. 2017-05-07 11:55:20 -05:00
Pearce Barry e3d3fa8e45 Tweak internal description formatting. 2017-05-07 11:31:36 -05:00
Pearce Barry b965bdcdae Appease msftidy and Travis. 2017-05-07 11:19:32 -05:00
m0t ab245b5042 added note to description 2017-05-07 13:56:50 +01:00
m0t 4f12a1e271 added note to description 2017-05-07 13:54:28 +01:00
Brendan Coles 635a7a42e6 Update style lotus_domino_hashes 2017-05-07 16:37:48 +10:00
Jeffrey Martin 05bf16e91e Land #8331, Adding module CryptoLog Remote Code Execution 2017-05-05 18:24:14 -05:00
Jeffrey Martin e2fe70d531 convert store_valid_credential to named params 2017-05-05 18:23:15 -05:00
Mehmet Ince 720a02f5e2 Addressing Spaces at EOL issue reported by Travis 2017-05-05 11:05:17 +03:00
Brendan Coles 0eacf64324 Add Serviio Media Server checkStreamUrl Command Execution 2017-05-05 07:54:00 +00:00
Mehmet Ince 58d2e818b1 Merging multiple sqli area as a func 2017-05-05 10:49:05 +03:00
Jeffrey Martin 63b6ab5355 simplify valid credential storage 2017-05-04 22:51:40 -05:00
Gabriel Follon a8983c831d Updated links and authors 2017-05-04 18:25:45 -04:00
darkbushido 81bcf2ca70 updating all LHOST to use the new opt type 2017-05-04 12:57:50 -05:00
Gabriel Follon afe801b9e8 Updated target to 'universal' 2017-05-04 16:25:41 +02:00
Gabriel Follon 073cd59cd3 Added qmail_bash_env_exec exploit module, which exploit the ShellShock flaw via Qmail. 2017-05-04 15:44:18 +02:00
Brent Cook 97095ab311 Land #8338, Fix msf/core and self.class msftidy warnings 2017-05-03 21:55:52 -05:00
Brent Cook 2d93c8e2d6 merge, don't overwrite 2017-05-03 18:17:58 -05:00
Brent Cook 0798923901 set the correct schema for linux meterpreter reverse_tcp stages 2017-05-03 16:12:45 -05:00
William Vu 64452de06d Fix msf/core and self.class msftidy warnings 
Also fixed rex requires.
 2017-05-03 15:44:51 -05:00
Mehmet Ince d04e7cba10 Rename the module as well as title 2017-05-03 19:18:46 +03:00
Mehmet Ince ae8035a30f Fixing typo and using shorter sqli payload 2017-05-03 16:45:17 +03:00
Joe Testa cf74cb81a7 Removed unnecessary 'msf/core' include. 2017-05-03 09:02:05 -04:00
Craig Smith 9877aa9ef9 Added documentation and cleand up how STOPID worked 2017-05-02 18:57:32 -07:00
Mehmet Ince db2a2ed289 Removing space at eof and self.class from register_options 2017-05-03 01:31:13 +03:00
Mehmet Ince 77acbb8200 Adding cryptolog rce 2017-05-03 01:05:40 +03:00
Craig Smith 3519adbaef A basic CAN fuzzer. It probes the data regions of different CAN IDs. 
The default is to use a set value but can iterate the full range.  It can
also add padding if necessary.  Not checks on returns or results of fuzzing.
 2017-05-02 14:19:29 -07:00
Adam Cammack 494711ee65 Land #8307, Add lib for writing Python modules 2017-05-02 15:53:13 -05:00
Yorick Koster 6870a48c48 Code suggestion from @jvoisin 2017-05-02 16:41:06 +02:00
Joe Testa 012081eed2 Added support for ANY queries. Silently ignore unsupported queries instead of spamming stdout. 2017-05-01 17:28:56 -04:00
William Vu 03e4ee91c2 Correct Ghostscript 9.2.1 to 9.21 as per advisory 2017-05-01 16:23:14 -05:00
William Vu 41ef1a4e90 Land #8325, cmd/unix/reverse_ncat_ssl payload 2017-05-01 14:54:52 -05:00
C_Sto 772a16f4cd fix style 2017-05-02 00:55:57 +08:00
C_Sto 9e06c3f07e fix argument arrangement 2017-05-02 00:39:00 +08:00
C_Sto 5a2afbc364 Tidy payload 2017-05-01 21:38:34 +08:00
Yorick Koster 006ed42248 Added fix information 
https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/0002
09.html
 2017-05-01 09:01:14 +02:00
C_Sto cfa204b8e8 add reverse ncat ssl 2017-05-01 06:57:28 +08:00
reanar 0b62a6478a Modification for Travis (remove require msf/core, and self.class in register) 2017-04-30 17:05:11 +02:00
reanar 3f348150c6 Modification of description 2017-04-30 16:38:39 +02:00
reanar 52ec448511 Add WordPress Directory Traversal DoS Module 2017-04-30 15:03:48 +02:00
Yorick Koster 673dbdc4b9 Code review feedback from h00die 2017-04-29 20:37:39 +02:00
Yorick Koster fcf14212b4 Fixed disclosure date 2017-04-29 16:25:25 +02:00
Yorick Koster f9e7715adb Fixed formatting 2017-04-29 16:07:45 +02:00
Yorick Koster 1569d2cf8e MediaWiki SyntaxHighlight extension exploit module 
This module exploits an option injection vulnerability in the SyntaxHighlight extension of MediaWiki. It tries to create & execute a PHP file in the document root. The USERNAME & PASSWORD options are only needed if the Wiki is configured as private.
 2017-04-29 14:29:56 +02:00
Brandon Knight c4b3ba0d14 Actually removing msf/core this time... >< 
Helps to actually remove the bits that were failing. Now with even more
removal of msf/core!
 2017-04-28 21:42:06 -04:00
Brandon Knight ff263812fc Fix msftidy warnings 
Remove explicitly loading msf/core and self.class from the register_
functions.
 2017-04-28 21:26:53 -04:00
HD Moore afc804fa03 Quick Ghostscript module based on the public PoC 2017-04-28 09:56:52 -05:00
Brandon Knight f8fb03682a Fix issue in ps_wmi_exec and powershell staging 
The staging function in the post/windows/powershell class was broken
in a previous commit as the definition for env_variable was removed and
env_prefix alone is now used. This caused an error to be thrown when
attempting to stage the payload. This changes the reference from
env_variable to env_prefix.

Additionally, the ps_wmi_exec module created a powershell script to be
run that was intended to be used with the EncodedCommand command line
option; however the script itself was never actually encoded. This
change passes the compressed script to the encode_script function to
resolve that issue.
 2017-04-28 03:31:56 -04:00
Sara Perez 18fa411189 Updated with Egypt's suggestion, also changed the target name to include other versions 2017-04-27 13:19:44 +01:00