adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
46,254 Commits 27 Branches 1,043 Tags
94de5a4e42cfb1dc0fdfc1233707f71b6d9a628b
Commit Graph

23791 Commits

Author SHA1 Message Date
Cantoni Matteo 30f7006b5b Fixed typos of an old commit 2016-11-17 14:39:33 +01:00
wchen-r7 c0af5b690d Land #6638, add local exploit module to execute payload w/ stealth 2016-11-16 16:25:15 -06:00
wchen-r7 e1ff37f3eb Title change and handling Rex::TimeoutError exception 2016-11-16 16:23:44 -06:00
Brendan 18bafaa2e7 Land #7531, Fix drb_remote_codeexec and create targets 2016-11-16 12:58:22 -06:00
OJ be2aabb873 Merge updates to mettle stages from acammack-r7 2016-11-16 19:13:20 +10:00
wchen-r7 7b83720b90 Bring #6638 up to date 2016-11-15 12:27:05 -06:00
wchen-r7 f50e609d12 Land #7556, Prevent psexec_command from dying when one host errors 2016-11-15 12:17:01 -06:00
wchen-r7 e5d3289c18 Fix name for exception 2016-11-15 12:14:58 -06:00
Brent Cook b56b6a49ac Land #7328, Extend lsa_transname_heap exploit to MIPS 2016-11-15 07:37:19 -06:00
wchen-r7 fa9f2b340e def setup isn't needed 2016-11-14 15:52:02 -06:00
wchen-r7 bab07b5691 Bring #7540 up to date 2016-11-14 14:59:21 -06:00
Jeffrey Martin c458d662ed report correct credential status as successful 2016-11-14 12:27:22 -06:00
Jeffrey Martin 4ae90cbbef Land #7191, Add exploit for CVE-2016-6267 - Trend Micro Smart Protection Server authenticated RCE. 2016-11-14 12:06:02 -06:00
William Webb 4e40546958 Land #7502, Disk Pulse Enterprise Login Buffer Overflow 2016-11-14 10:28:53 -06:00
Brent Cook 4f323527c9 Land #7549, Deprecate/move wp_ninja_forms_unauthenticated_file_upload 2016-11-14 03:00:02 -06:00
Pedro Ribeiro 908713ce68 remove whitespace at end of module name 2016-11-14 08:35:34 +00:00
Chris Higgins 4e9802786c Removed spaces causing build to fail 2016-11-13 21:46:24 -06:00
j91321 3fd3bbdfb6 Added comments, removed uneccesary code 2016-11-13 23:22:15 +01:00
j91321 b377cd8fa3 Allegrosoft rompager auth bypass auxiliary module 2016-11-13 10:39:26 +01:00
Dylan Davis a8a09261e1 Use files for rescue error, because left is not available 2016-11-11 21:49:06 -07:00
Pearce Barry 9eb9d612ca Minor typo fixups. 2016-11-11 16:54:16 -06:00
Pearce Barry 1dae206fde Land #7379, Linux Kernel BPF Priv Esc (CVE-2016-4557) 2016-11-11 16:50:20 -06:00
David Maloney 8e3888f20c the template ref in this module was missed 
when we cleaned up all the other powershell template refs
we missed the one in this module which seems to e replicating
large ammounts of library code

7533
 2016-11-11 14:24:33 -06:00
dmohanty-r7 2b5517f597 Land #7506, Add gather AWS keys post module 2016-11-11 13:56:12 -06:00
Jenna Magius db32c5fdcc msftidy whitespace fixes 2016-11-11 10:28:37 -07:00
Dylan Davis fddc2c221f Catch the specific exception. Include the error code in the error message. 2016-11-11 10:24:05 -07:00
Dylan Davis 69a4a327b8 Add begin-rescue blocks that prevent individual hosts from bailing out a threaded multi-host execution 2016-11-11 10:15:36 -07:00
wchen-r7 8cd9a9b670 Deprecate wp_ninja_forms_unauthenticated_file_upload 
wp_ninja_forms_unauthenticated_file_upload actually supports
multiple platforms.

Instead of using:
exploit/unix/webapp/wp_ninja_forms_unauthenticated_file_upload

Please use:
exploit/multi/http/wp_ninja_forms_unauthenticated_file_upload
 2016-11-10 11:17:09 -06:00
scriptjunkie 268a72f210 Land #7193 Office DLL hijack module 2016-11-08 23:15:27 -06:00
Pedro Ribeiro 50f578ba79 Add full disclosure link 2016-11-08 22:15:19 +00:00
Yorick Koster 3c1f642c7b Moved PPSX to data/exploits folder 2016-11-08 16:04:46 +01:00
Pedro Ribeiro 95bd950133 Point to proper link on github 2016-11-07 17:59:29 +00:00
Pedro Ribeiro f268c28415 Create dlink_hnap_login_bof.rb 2016-11-07 17:45:37 +00:00
Chris Higgins 099a5984f9 Updated with style suggestions from msftidy and rubocop. 
Also updated with commented from other contributors.
 2016-11-07 10:18:52 -06:00
William Vu 4eb42a9171 Fix broken ternary in phoenix_command 2016-11-07 00:12:04 -06:00
Chris Higgins 689fc28d1b Added WinaXe 7.7 FTP client Server Ready buffer overflow 2016-11-06 23:35:16 -06:00
Tijl Deneut 92964c1f95 Update phoenix_command.rb 2016-11-06 21:22:54 +01:00
Tijl Deneut 2c2729f0b2 Update phoenix_command.rb 
Coded was messed up by MS Edge, don't use it :)
 2016-11-06 21:21:20 +01:00
Tijl Deneut 1b4409f950 Update phoenix_command.rb 
Style fix: replace "ractionport == nil ?" with "ractionport.nil?"

Is it OK? Did not find time to install and run rubocop ...
 2016-11-06 21:15:31 +01:00
Tijl Deneut 4ea9214466 Fixed a small bug 2016-11-06 16:20:55 +01:00
朱雄宇 e9d85750c2 fix get_ipv4_addr(@interface) usage 
get_ipv4_addr(@interface) returns a string not list, so get_ipv4_addr(@interface)[0] only got the first character of IP, which raises an error.
 2016-11-06 19:04:57 +08:00
William Vu da356e7d62 Remove Compat hash to allow more payloads 2016-11-04 13:57:05 -05:00
William Vu f0c89ffb56 Refactor module and use FileDropper 2016-11-04 13:57:05 -05:00
William Vu 6d7cf81429 Update references 2016-11-04 13:57:05 -05:00
William Vu 009d6a45aa Update description 2016-11-04 13:57:05 -05:00
William Vu bf7936adf5 Add instance_eval and syscall targets 2016-11-04 13:57:05 -05:00
OJ 4bf966f695 Add module to bypassuac using eventvwr 
This module was inspired by the work done by Matt Nelson and Matt
Graeber who came up with the method in the first place. This works
nicely on a fully patched Windows 10 at the time of writing.
 2016-11-05 04:41:38 +10:00
Jon Hart 5b810fae41 Update atg_client to identify responses that indicate the command was not understood 2016-11-04 10:12:02 -07:00
wchen-r7 ca5610ccde Land #7511, Update jenkins_script_console to support newer versions 2016-11-04 11:24:25 -05:00
OJ e5ea4a53d3 Fix typo in windows cred phish module 2016-11-04 13:26:10 +10:00