adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
46,254 Commits 27 Branches 1,043 Tags
94de5a4e42cfb1dc0fdfc1233707f71b6d9a628b
Commit Graph

23791 Commits

Author SHA1 Message Date
David Maloney 72bd75e681 Land #7253, x64 xor encoder fix 
Land fullmetalcache's fix for the x64 xor encoder
 2016-09-30 14:28:10 -05:00
Stephen Haywood 7996c4b048 Warning about leaving files on disk. 2016-09-30 14:53:15 -04:00
Stephen Haywood 3e4a23cdf6 Removed unnecessary require statement. 2016-09-30 14:51:43 -04:00
Ale 066df5f1a9 Fix msftidy warnings 2016-09-30 14:19:43 -03:00
Ale bd96380d19 Fix in ScannerRecvWindow Declaration 2016-09-30 13:50:58 -03:00
Ale c699c7c506 Fixing MSF Code Style 2016-09-30 13:42:30 -03:00
Jon Hart b3c6ec09a0 Show status when gathering, which can take a bit 2016-09-30 06:42:22 -07:00
Jon Hart abed3bf6c2 Rename 2016-09-30 06:35:26 -07:00
Jon Hart 9ee6e1931a target_uri simplification, cleanup 2016-09-30 06:24:50 -07:00
Jon Hart 60cfe6216a mstfidy 2016-09-29 22:00:35 -07:00
Jon Hart 558adb5e1e Uncork module and address style issues 2016-09-29 21:59:19 -07:00
Jon Hart b2e06bed66 Initial commit of post module to gather AWS EC2 instance metadata 2016-09-29 21:52:22 -07:00
nixawk ac76c3591a reference urls 2016-09-29 22:43:00 -05:00
nixawk 5929d72266 CVE-2016-6415 - cisco_ike_benigncertain.rb 2016-09-29 22:25:57 -05:00
Brent Cook fabb296b15 update cache and add payload test 2016-09-29 21:19:55 -05:00
Ale 143a4af73d DoS exploit for CVE-2016-2776 2016-09-29 22:14:13 -03:00
h00die 7b0a8784aa additional doc updates 2016-09-29 19:02:16 -04:00
Brent Cook 301e38b08f use correct base class for modules 2016-09-29 17:21:59 -05:00
RageLtMan a7470991d9 Bring Python reverse_tcp_ssl payload upstream 
Adds TLS/SSL transport encryption for reverse tcp payloads in
python
 2016-09-29 17:21:59 -05:00
h00die bac4a25b2c compile or nill 2016-09-29 06:15:17 -04:00
h00die 4fac5271ae slight cleanup 2016-09-29 05:51:13 -04:00
h00die c036c258a9 cve-2016-4557 2016-09-29 05:23:12 -04:00
h00die 3b548dc3cd update email and paths 2016-09-28 18:37:48 -04:00
jvoisin 2272e15ca2 Remove some anti-patterns, in the same spirit than #7372 2016-09-29 00:15:01 +02:00
William Vu 988471b860 Land #7372, useless use of cat fix 
Obligatory: modules/exploits/linux/local/kloxo_lxsuexec.rb.
 2016-09-28 16:37:11 -05:00
William Vu 3033c16da6 Add missing rank 2016-09-28 16:37:04 -05:00
jvoisin b46073b34a Replace cat with Ruby's read_file 
Thanks to wvu-r7 for the comment
 2016-09-28 23:22:19 +02:00
Jeffrey Martin 1689f10890 Land #7292, add android stageless meterpreter_reverse_tcp 2016-09-28 16:05:22 -05:00
William Vu 45ee59581b Fix inverted logic in Docker exploit 
Positive condition should be tested first, imo. Confusing otherwise. My
bad, though.

Credit to @fslavin-r7.
 2016-09-28 15:36:09 -05:00
William Vu ab94bb9cdd Land #7365, nonce fix for Ninja Forms exploit 2016-09-28 13:57:08 -05:00
averagesecurityguy f7e588cdeb Initial commit of module. 2016-09-28 14:55:32 -04:00
Julien (jvoisin) Voisin dbb2abeda1 Remove the cat $FILE | grep $PATTERN anti-pattern 
The `kloxo_lxsuexec.rb` and `netfilter_pvi_esc.rb` exploits
were using the infamous `cat+grep` anti-pattern, this commit
replaces it with `cat` and Ruby's `.include?` method.
 2016-09-28 13:41:25 +02:00
Tim b4a1adaf0f refactor into android.rb 2016-09-28 18:23:34 +08:00
Tim dc43f59dcf dalvik -> android 2016-09-28 14:50:52 +08:00
h00die 35a2b3e59d working panda 2016-09-27 20:15:17 -04:00
wchen-r7 f838c9990f Fix nonce bug in wp_ninja_forms_unauthenticated_file_upload 
If wordpress saves the nonce value in JavaScript, we could get an
undefined method for nil.
 2016-09-27 11:30:52 -05:00
OJ 76b3c37262 Fix msftidy errors 2016-09-27 22:56:07 +10:00
OJ 0e82ced082 Add LPE exploit module for the capcom driver flaw 
This commit includes:

* RDI binary that abuses the SMEP bypass and userland function pointer
  invocation that is provided by the driver.
* Related metasploit module.
* Associated make.build to build from command line.
* Updated command line build file.

This also includes the beginnings of a new set of functions that help
with the management/automation of kernel-related work on Windows for
local priv esc exploits.
 2016-09-27 22:37:45 +10:00
Pearce Barry edbe1c3e14 Land #7361, Make OSX screencapture silent 2016-09-26 17:24:03 -05:00
Brendan b9de73e803 Land #7334, Add aux module to exploit WINDOWS based (java) Colorado 
FTP server directory traversal
 2016-09-26 14:15:23 -05:00
Pearce Barry 6382fffc75 Land #7326, Linux Kernel Netfilter Privesc 2016-09-26 12:38:50 -05:00
Tim 53823a4807 oops msftidy 2016-09-26 23:50:38 +08:00
Henry Pitcairn e5c05c05d2 Make OSX screencapture silent 
By default, the `screencapture` command on OS X plays a camera sound effect. The -x option silences this.
 2016-09-25 22:54:57 -04:00
Adam Cammack a13e83af8a Land #7357, Stagefright CVE-2015-3864 2016-09-25 17:10:06 -05:00
h00die 23e5556a4c binary drops work! 2016-09-24 21:31:00 -04:00
Brent Cook e0ff8859e9 Land #7359, add EXTRABACON auxiliary module auxiliary/admin/cisco/cisco_asa_extrabacon 2016-09-24 10:46:13 -04:00
Brent Cook df28e2a85e Add credit to wwebb-r7 for the initial module and ASA hacking notes 2016-09-24 05:48:31 -04:00
TheNaterz cd4299b3a2 Added offsets for version 9.2(4)14 
This version of the ASA is patched and our offsets do not work currently. We may do more work on this to find a solution.
 2016-09-23 16:57:08 -06:00
TheNaterz 087e9461ce Added offsets for version 9.2(4)13 2016-09-23 16:50:50 -06:00
TheNaterz 3f985d94d7 Added offsets for version 8.4(6)5 2016-09-23 16:32:42 -06:00