adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
46,254 Commits 27 Branches 1,043 Tags
94de5a4e42cfb1dc0fdfc1233707f71b6d9a628b
Commit Graph

23791 Commits

Author SHA1 Message Date
James Lee 84dd5cd01a Add a simple upload exec module 2017-04-17 19:34:21 -05:00
Nate Caroe 92e7183a74 Small typo fix 
Running msfconsole would generate an Ubuntu crash report (?). This seems to be the culprit.
 2017-04-17 11:14:51 -06:00
William Vu 942959f7e8 Land #8255, fixes for smb_ms17_010 2017-04-17 11:38:34 -05:00
Brent Cook 7b936b0012 Land #8184, convert IPMI protocol and modules to bindata 2017-04-17 07:40:15 -05:00
Brent Cook 6f70efcfa1 add module documentation 2017-04-17 07:39:43 -05:00
William Vu b1c7f1302b Fix report_vuln and prefer vprint_error 2017-04-17 02:48:56 -05:00
Ahmed S. Darwish e21504b22d huawei_hg532n_cmdinject: Use send_request_cgi() 'vars_get' key 
Instead of rolling our own GET parameters implementation.

Thanks @wvu-r7!
 2017-04-17 09:11:50 +02:00
nixawk 3d082814cb Fix default options 2017-04-17 01:09:48 -05:00
Ahmed S. Darwish 7daec53106 huawei_hg532n_cmdinject: Improve overall documentation 
- Add section on compiling custom binaries for the device
- Add documentation for Huawei's wget flavor (thanks @h00die)
- Abridge the module's info hash contents (thanks @wwebb-r7)
- Abridge the module's comments; reference documentation (@h00die)
 2017-04-17 08:00:51 +02:00
Ahmed S. Darwish 8a302463ab huawei_hg532n_cmdinject: Use minimum permissions for staged binary 
Use u+rwx permissions only, instead of full 777, while staging the
wget binary to target. As suggested by @wvu-r7 and @busterb.
 2017-04-17 03:27:57 +02:00
Ahmed S. Darwish 7ca7528cba huawei_hg532n_cmdinject: Spelling fixes suggested by @wvu-r7 2017-04-17 03:23:20 +02:00
Ahmed S. Darwish 7b8e5e5016 Add Huawei HG532n command injection exploit 2017-04-15 21:01:47 +02:00
Brent Cook 7950087804 Merge branch 'upstream-master' into land-8237- 2017-04-14 21:53:26 -05:00
nixawk fb001180c4 Fix generate_uri 2017-04-14 21:52:31 -05:00
nixawk 590816156f rename exp module 2017-04-14 21:32:48 -05:00
nixawk 1952529a87 Format Code 2017-04-14 21:30:26 -05:00
Brent Cook a9857eb1c2 Land #8099, Aux module to launch instances in AWS 2017-04-14 14:12:10 -05:00
Brent Cook 42122d2835 Land #8238, move SMB2 support back into smb_login, add simpler permissions checks 2017-04-14 14:06:46 -05:00
nixawk 8ab0b448fd CVE-2017-0199 exploit module 2017-04-14 13:22:59 -05:00
Brent Cook eb61241673 Land #8228, New mainframe privesc payload for z/OS 2017-04-14 13:19:41 -05:00
dmohanty-r7 d75f852d01 Land #8167, Add MS17-010 auxiliary detection module 2017-04-14 13:00:16 -05:00
David Maloney 91fb3ce6b8 collapse SMB2 support into smb_login 
converge the SMB and SMB loginscanners so that
there is only one SMB loginscanner that supports both

MS-2636
 2017-04-13 15:22:03 -05:00
David Maloney adeb4d10d7 smb2 login scanner admin check now working 
we can now check for admin privs in the smb2
login scanner

MS-2636
 2017-04-13 14:40:32 -05:00
William Webb 48560d29f3 remove keyscan_extract and modify calling modules 2017-04-13 10:42:28 -05:00
m0t 5e42dde6b6 msftidy clean up 2017-04-12 16:25:21 +01:00
Koen Riepe 9f289bdf52 Fixed error messages and some syntax. 2017-04-12 13:48:11 +02:00
William Webb c21d78b23b Land #8186, Convert DNS Fuzzer to use bindata 2017-04-11 23:27:08 -05:00
bigendiansmalls fa8011fd07 New mainframe privesc payload for z/OS 
This module performs a privilege escaltion on mainframe systems
runing z/OS and using RACF for their security manager.  A user
with any non-privileged credentials and the ability to write to
an apf authorized library can use this payload to add "root level"
privileges (e.g. SPECIAL / BPX.SUPERUSER) to their profile.
 2017-04-11 15:04:44 -05:00
William Webb c867b7e228 Land #8204, Add Cambian ePMP SNMP Configuration download 2017-04-11 10:59:13 -05:00
mr_me 3c2dc68e9c improved description, no point repeating the same thing\! 2017-04-11 09:55:11 -05:00
mr_me c359e15de6 updated the print statement 2017-04-11 09:31:17 -05:00
mr_me 84ac9d905c improved the description of the module 2017-04-11 09:24:43 -05:00
m0t 374d7809b5 last fixes and tests 2017-04-11 09:48:57 +01:00
William Vu 288e384164 Land #8189, irssi password post gather module 2017-04-10 23:34:54 -05:00
Jonathan Claudius 96927b449c Rework module to grab entire irssi configs 2017-04-11 00:02:40 -04:00
Jonathan Claudius 6a1531da34 Fix loot name attributes 2017-04-10 23:52:31 -04:00
Jonathan Claudius d92f94e077 Fix grammar issue 2017-04-10 23:44:18 -04:00
Jonathan Claudius d9e96a8b4f Consolidate loot into single file 2017-04-10 23:42:50 -04:00
Jonathan Claudius 7f6bbb6ff2 Fix trailing space issue 2017-04-10 21:38:30 -04:00
Jonathan Claudius 9432a3543f Extend irssi post mod to grab network passwords 2017-04-10 15:35:26 -04:00
mr_me b1d127e689 satisfied travis 2017-04-10 14:11:18 -05:00
Jonathan Claudius 47d74819a5 Update regex per reviewer request 2017-04-10 14:45:10 -04:00
Jonathan Claudius d816092c56 Fix missing new line 2017-04-10 14:41:25 -04:00
mr_me 0f07875a2d added CVE-2016-7552/CVE-2016-7547 exploit 2017-04-10 13:32:58 -05:00
William Vu 06ca406d18 Fix weird whitespace 2017-04-09 22:23:58 -05:00
h00die ba4edfbd38 varnish file read 2017-04-08 09:15:07 -04:00
zerosum0x0 f7c8bd2464 add rescue for ::Rex::Proto::SMB::Exceptions::LoginError 2017-04-07 15:37:56 -06:00
juushya e65eacce49 Add Satel SenNet Command Exec Module 2017-04-07 02:22:11 +05:30
juushya 3c189f0cb0 Adding Cambium SNMP Loot module 2017-04-07 01:32:45 +05:30
Christian Mehlmauer 74dc7e478f update piwik module 2017-04-05 20:19:07 +02:00