adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
46,254 Commits 27 Branches 1,043 Tags
94de5a4e42cfb1dc0fdfc1233707f71b6d9a628b
Commit Graph

23791 Commits

Author SHA1 Message Date
m0t 9a0789f839 Exploit for pmmasterd Buffer Overflow (CVE-2017-6553) 2017-04-05 17:59:54 +01:00
bwatters-r7 dd5a91f153 Land #8008, Added archmigrate module for windows sessions 2017-04-05 08:55:27 -05:00
Koen Riepe 8958ac0247 Fixed styling of the module and added documentation. 2017-04-05 12:36:02 +02:00
Koen Riepe 08b2a97293 Changed styling to be more in line with rubocop. 2017-04-05 10:05:56 +02:00
Jonathan Claudius b8af7c1db0 Add irssi password post gather module 2017-04-05 00:56:24 -04:00
bwatters-r7 64c06a512e Land #8020, ntfs-3g local privilege escalation 2017-04-04 09:48:15 -05:00
Brent Cook 891e7e465e convert DNS fuzzer to bindata 2017-04-04 03:03:32 -05:00
Brent Cook 5f88971ca9 convert NTP modules to bindata 2017-04-04 02:57:38 -05:00
Brent Cook 46c7e822c8 convert IPMI protocol and modules to bindata 2017-04-04 02:44:17 -05:00
Christian Mehlmauer 30c4a665f4 update iis exploit 2017-04-03 20:06:16 +02:00
Brent Cook 98ffa4d380 Land #7652, add varnish cache CLI authentication scanner module 2017-04-02 21:52:45 -05:00
Brent Cook 4c0539d129 Land #8178, Add support for non-Ruby modules 2017-04-02 21:02:37 -05:00
h00die a34c01ebd2 Land #8137 shodan honeyscore module 2017-04-02 21:37:36 -04:00
h00die 0092818893 Land #8169 add exploit rank where missing 2017-04-02 20:59:25 -04:00
Bryan Chu 151ed16c02 Re-ranking files 
../exec_shellcode.rb
Rank Great -> Excellent

../cfme_manageiq_evm_upload_exec.rb
Rank Great -> Excellent

../hp_smhstart.rb
Rank Average -> Normal
 2017-04-02 18:33:46 -04:00
zerosum0x0 26fc6bc920 added report_vuln() 2017-04-01 21:48:19 -06:00
h00die e80b8cb373 move sploit.c out to data folder 2017-03-31 20:51:33 -04:00
William Webb 035f37cf42 Land #8144, Add Moxa Device Discovery Scanner Module 2017-03-31 19:11:27 -05:00
William Webb f870f94fa9 Land #8163, Add Cambium ePMP Arbitrary Command Execution 2017-03-31 19:06:19 -05:00
Adam Cammack 6910cb04dd Add first exploit written in Python 2017-03-31 17:07:55 -05:00
h00die 823c1a6286 added more verifieds 2017-03-31 16:52:20 -04:00
h00die 23ac9214ea land #8010 post gather module for tomcat creds 2017-03-31 16:15:55 -04:00
h00die 34a152dc76 handle no sysinfo from ssh_login 2017-03-31 16:15:16 -04:00
Pearce Barry ab4d86fd21 Land #8168, change description of alpha encoders 2017-03-31 11:37:12 -05:00
dmohanty-r7 1ce7bf3938 Land #8126, Add SolarWind LEM Default SSH Pass/RCE 2017-03-31 11:21:32 -05:00
dmohanty-r7 c445a1a85a Wrap ssh.loop with begin/rescue 2017-03-31 11:16:10 -05:00
Koen Riepe 22b2215d2e Fixed a typo causing bot to fail. 2017-03-31 16:40:21 +02:00
Koen Riepe 3a674b731c Added error handling, added documentation and fixed some style issues. 2017-03-31 16:35:25 +02:00
Koen Riepe 628827cda9 Added some documentation and gracefull error handeling. 2017-03-31 12:45:30 +02:00
Koen Riepe df2a9a4af3 Added documentation file and implemented fixes for output and linux parsing. 2017-03-31 11:19:12 +02:00
Bryan Chu 5e31a32771 Add missing ranks 
../exec_shellcode.rb
Rank = Great
This exploit is missing autodetection and version checks,
but should be ranked Great due to high number of possible targets

../cfme_manageiq_evm_upload_exec.rb
Rank = Great
This exploit implements a check to assess target availability,
and the vulnerability does not require any user action

../dlink_dcs_930l_authenticated_remote_command_execution
Rank = Excellent
Exploit utilizes command injection

../efw_chpasswd_exec
Rank = Excellent
Exploit utilizes command injection

../foreman_openstack_satellite_code_exec
Rank = Excellent
Exploit utilizes code injection

../nginx_chunked_size
Rank = Great
Exploit has explicit targets with nginx version auto-detection

../tp_link_sc2020n_authenticated_telnet_injection
Rank = Excellent
See dlink_dcs_930l_authenticated_remote_command_execution,
exploit uses OS Command Injection

../hp_smhstart
Rank = Average
Must be specific user to exploit, no autodetection,
specific versions only
 2017-03-31 02:39:44 -04:00
Christian Mehlmauer 0a398a59c5 change description 2017-03-30 20:06:23 +02:00
bwatters-r7 6bcb9b523b Land #8165, Fix x86 mettle shellcode 2017-03-30 11:45:11 -05:00
zerosum0x0 4bd50b0ad2 Merge branch 'ms17-010' of github.com:RiskSense-Ops/metasploit-framework into ms17-010 2017-03-30 10:10:08 -06:00
zerosum0x0 a125566fc7 removed unnecessary arguments 2017-03-30 10:09:31 -06:00
Pearce Barry a13d6a7810 Land #8166, Add new SMB LoginScanner using RubySMB for SMB1/SMB2 Support 2017-03-30 11:08:17 -05:00
Pearce Barry ac83ff7e48 Land #8155, Style fixes for HWBridge RF and a couple small bug fixes 2017-03-29 20:37:13 -05:00
zerosum0x0 ef7de6d49e added MSB to description, moved a print statement 2017-03-29 17:43:49 -06:00
Carter 4bdbdc0e00 Fix response parsing 2017-03-29 18:21:12 -05:00
zerosum0x0 68f5c0e663 removed a print statement 2017-03-29 16:24:59 -06:00
zerosum0x0 7e6b8b02b8 replaced magic constant with setup_count 2017-03-29 15:37:28 -06:00
zerosum0x0 9923c39799 removed superfluous status 2017-03-29 15:32:29 -06:00
zerosum0x0 f0a1e12a7e small typos 2017-03-29 15:30:35 -06:00
bwatters-r7 691811af5a Land #7994, Add Windows Gather DynaZIP Saved Password Extraction post module 2017-03-29 16:04:09 -05:00
zerosum0x0 ffa376c514 added MS17-010 auxiliary detection module 2017-03-29 14:33:02 -06:00
David Maloney a571bcdba4 update module description 2017-03-29 13:58:36 -05:00
David Maloney 418e371e35 add SMB2 login scanner and module 
add smb2_login module backed by an smb2
LoginScanner class. This is a temporary alternative
to smb_login until ruby_smb catches up more on feature parity

MS-2557
 2017-03-29 11:36:33 -05:00
Adam Cammack 2758010355 Fix x86 mettle shellcode 2017-03-28 17:59:13 -05:00
dmchell 8b3fe0ac06 Merge branch 'dmchell-cve-2017-7269' into iis_6_sc-dev 2017-03-28 19:33:37 +01:00
dmchell 697d3978af Update iis_webdav_scstoragepathfromurl.rb 2017-03-28 19:14:32 +01:00