adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
30,055 Commits 27 Branches 1,043 Tags
956bf0c8f91f5f1226c3c1a7961ba63113ccffb6
Commit Graph

15706 Commits

Author SHA1 Message Date
jvazquez-r7 3debcef00b Fix call from aux module 2015-01-08 14:24:27 -06:00
jvazquez-r7 c205ef28d4 Refactor build_gc_call 2015-01-08 14:01:04 -06:00
jvazquez-r7 73e3cd19c3 Convert java_rmi_server aux mod to use new mixin 2015-01-08 00:29:50 -06:00
jvazquez-r7 d59805568e Do first module refactoring try 2015-01-07 19:06:09 -06:00
sinn3r 4257fef91b Land #4101 - Konica MFP FTP and SMB credential gathering module 2015-01-05 10:31:28 -06:00
jvazquez-r7 e7affb9048 Land #4493, @pedrib's module for ManageEngine Central Desktop create admin 2015-01-04 23:46:31 -06:00
jvazquez-r7 c5e72fb324 Change module filename 2015-01-04 23:14:12 -06:00
jvazquez-r7 4798f2328d Change module filename 2015-01-04 23:13:17 -06:00
jvazquez-r7 6bb3171328 Do minor cleanup 2015-01-04 23:12:42 -06:00
jvazquez-r7 711b97ecc5 Beautify metadata 2015-01-04 23:08:46 -06:00
Pedro Ribeiro 32d4bf03c3 Add OSVDB id and full disclosure URL 2015-01-04 12:36:51 +00:00
sinn3r d45cdd61aa Resolve #4507 - respond_to? + send = evil 
Since Ruby 2.1, the respond_to? method is more strict because it does
not check protected methods. So when you use send(), clearly you're
ignoring this type of access control. The patch is meant to preserve
this behavior to avoid potential breakage.

Resolve #4507
 2015-01-02 13:29:17 -06:00
Tod Beardsley c1718fa490 Land #4440, git client exploit from @jhart-r7 
Also fixes #4435 and makes progress against #4445.
 2015-01-01 13:18:43 -06:00
Tod Beardsley d7564f47cc Move Mercurial option to advanced, update ref url 
See #4440
 2015-01-01 13:08:36 -06:00
Tod Beardsley 914c724abe Rename module 
See rapid7#4440
 2015-01-01 13:03:17 -06:00
Jon Hart 65977c9762 Add some more useful URLs 2014-12-31 10:54:04 -08:00
Tod Beardsley 264d3f9faa Minor grammar fixes on modules 2014-12-31 11:45:14 -06:00
Spencer McIntyre 6d966dbbcf Land #4203, @jvazquez-r7's cleanup for java_rmi_server 2014-12-31 11:25:19 -05:00
Pedro Ribeiro e81e68bdaf Create me_dc9_admin.rb 2014-12-31 02:02:52 +00:00
sinn3r 48919eadb6 Land #4444 - i-FTP BoF 2014-12-30 12:38:28 -06:00
William Vu 4fd4d51d78 Land #4485, Drupageddon greedy regex fix 2014-12-30 10:16:57 -06:00
Christian Mehlmauer 96fe693c54 update drupal regex 2014-12-30 09:12:39 +01:00
sinn3r 555713b6ae Land #4456 - MS14-068, Kerberos Checksum (plus krb protocol support) 2014-12-29 16:09:28 -06:00
sinn3r f2130311fa Add the MSF blog reference 2014-12-29 16:08:35 -06:00
Tod Beardsley 1dd9d60e34 Land #4461, Android cookie database theft 
`
Thanks @jvennix-r7!
 2014-12-29 08:15:21 -06:00
Tod Beardsley d10222365b Add Rafay's blog as a reference 2014-12-29 08:12:19 -06:00
Tod Beardsley 1236684954 Use get_uri instead, note lack of Rex::Text method 
See rapid7#4461
 2014-12-28 15:06:34 -06:00
Tod Beardsley 788e315fd4 Fix msftidy warnings 2014-12-28 14:53:29 -06:00
Borja Merino 9791acd0bf Add stager ipknock shellcode (PR 2) 2014-12-27 22:03:45 +01:00
jvazquez-r7 655cfdd416 Land #4321, @wchen-r7's fixes #4246 ms01_026_dbldecode undef method 2014-12-26 12:48:29 -06:00
Jon Hart 51049152b6 Use Rex::Text.rand_mail_address for more realistic fake commit 2014-12-26 10:39:52 -08:00
jvazquez-r7 c1b0385a4b Land #4460, @Meatballs1's ssl cert validation bypass on powershell web delivery 2014-12-26 12:07:45 -06:00
jvazquez-r7 2bed52dcd5 Land #4459, @bcoles's ProjectSend Arbitrary File Upload module 2014-12-26 11:28:42 -06:00
jvazquez-r7 b5b0be9001 Do minor cleanup 2014-12-26 11:24:02 -06:00
jvazquez-r7 85ab11cf52 Use print_warning consistently 2014-12-26 09:54:38 -06:00
jvazquez-r7 f31a2e070e Use print_warning to print the Kerberos error 2014-12-26 09:22:09 -06:00
jvazquez-r7 d148848d31 Support Kerberos error codes 2014-12-24 18:05:48 -06:00
jvazquez-r7 121c0406e9 Beautify restart_command creation 2014-12-24 15:52:15 -06:00
jvazquez-r7 43ec8871bc Do minor c code cleanup 2014-12-24 15:45:38 -06:00
jvazquez-r7 92113a61ce Check payload 2014-12-24 15:43:49 -06:00
jvazquez-r7 36ac0e6279 Clean get_restart_commands 2014-12-24 14:55:18 -06:00
jvazquez-r7 92b3505119 Clean exploit method 2014-12-24 14:49:19 -06:00
jvazquez-r7 9c4d892f5e Use single quotes when possible 2014-12-24 14:37:39 -06:00
jvazquez-r7 bbbb917728 Do style cleaning on metadata 2014-12-24 14:35:35 -06:00
jvazquez-r7 af24e03879 Update from upstream 2014-12-24 14:25:25 -06:00
Gabor Seljan 0b85a81b01 Use REXML to generate exploit file 2014-12-24 19:23:28 +01:00
Mark Judice 30228bcfe7 Added underscore to user regex in smart_hashdump.rb to support usernames that contain underscores. Issue #4349. 2014-12-23 22:36:11 -06:00
Jon Hart a692656ab7 Update comments to reflect reality, minor cleanup 2014-12-23 19:09:45 -08:00
jvazquez-r7 ebb05a64ea Land #4357, @Meatballs1 Kerberos Support for current_user_psexec 2014-12-23 20:38:31 -06:00
jvazquez-r7 89d0a0de8d Delete unnecessary connect 2014-12-23 19:35:59 -06:00