adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
46,097 Commits 27 Branches 1,043 Tags
974e5d5750434f24212d7bd83f31081883cbb334
Commit Graph

467 Commits

Author SHA1 Message Date
Jacob Robles c0a5e36b2e Land #11698, Add wp-google-maps unauth SQLi 2019-04-15 05:41:57 -07:00
William Vu 9c5725b25c Land #11234, @bcoles revisionism 2019-01-11 18:17:42 -08:00
Jacob Robles 340f6d7d0d Land #10952, WP GDPR Compliance plugin exploit 2018-11-29 11:35:28 -08:00
William Vu f0096227e7 Land #10505, post-auth and default creds info 2018-10-24 17:09:28 -05:00
William Vu a0af98b4e2 Land #10832, TARGETURI for tomcat_utf8_traversal 2018-10-19 13:49:08 -07:00
William Vu b42af6cd96 Land #10728, metadata updates for @rastating 2018-10-02 11:46:30 -07:00
William Vu 2ee6a49a27 Land #10649, https://seclists.org references 2018-09-17 15:09:39 -07:00
Brent Cook cca98bce25 Land #8914, refactor auxiliary/admin/http credential storage 2018-08-24 11:20:26 -07:00
Wei Chen 465dceb182 Land #10299, Add 88 CVEs to various auxiliary and exploit modules 2018-07-12 16:28:05 -07:00
Jacob Robles 4284ffe8a4 Land #10276, Update missing CVE references for auxiliary modules 2018-07-12 11:23:09 -05:00
Brent Cook 196b302897 Land #10084, Mark all versions of telpho10 as vulnerable 2018-05-23 13:38:39 -07:00
Wei Chen 0949bedf67 Land #9628, Add GitStack v2.3.10 Unauth REST API Aux Module 
Land #9628
 2018-04-23 11:21:11 -07:00
Brent Cook 9d5ab1dedf Land #9726, add simple Rex::Tar wrapper for consistency with other archive types 2018-04-03 09:13:56 -05:00
Jacob Robles 715279311a Land #8422, Typo3 News Module Sql Injection exploit 2018-03-15 09:21:14 -07:00
Wei Chen 004e228a52 Land #9509, Ulterius Server < v1.9.5.0 Directory Traversal 
Land #9509
 2018-02-16 15:34:47 -08:00
Jan-Frederik Rieckers 7f3df74134 fixup! Adding Module for Postfixadmin CVE-2017-5930 
Add error handling if request fails

Fix a typo in doc, add default value to doc
 2017-12-30 13:04:23 +01:00
Jan-Frederik Rieckers 289e887895 Adding Module for Postfixadmin CVE-2017-5930 
This exploit allows domain admins to delete protected aliases.
It can be used to redirect aliases like abuse@domain and can aid in
further attacks.
 2017-12-29 17:13:59 +01:00
juushya 038119d9df Use of get_cookies_parsed, changing dirs, marking deprecated in 2 mods, more 2017-12-23 00:14:27 +05:30
Tod Beardsley e93282b71d Drop calls to vprint_* 2017-12-19 16:53:02 -06:00
Tod Beardsley 2dc2ac134e Don't default verbose 2017-12-19 16:48:41 -06:00
Tod Beardsley 85350a9645 Add Rapid7 blog references 2017-12-18 17:11:47 -06:00
Tod Beardsley ae4edd65e1 Hard wrap descriptions 2017-12-18 17:03:13 -06:00
Tod Beardsley 27a324237b Initial commit for Cambium issues from @juushya 
Note, these will trigger a bunch of WARNING msftidy messages for setting
cookies directly. This is on purpose.
 2017-12-18 16:32:55 -06:00
Patrick Webster 2f6da89674 Change author name to nick. 2017-11-09 03:00:24 +11:00
Adam Cammack b0dc44fb86 Land #8909, Avoid saving some invalid creds 2017-09-05 12:43:03 -05:00
Pearce Barry 2bbba9c500 Avoid some ActiveRecord validation errors. 
Per discussion with @bcoles in [PR 8759](https://github.com/rapid7/metasploit-framework/pull/8759#issuecomment-325028479), setting a login data's last_attempted_at value while also setting the status to UNTRIED will cause a validation error when there's a running+connected MSF DB.

This PR removes the handful of existing cases we're doing this (thx, @bcoles!).
 2017-08-30 15:31:36 -05:00
h00die 32a4436ecd first round of spelling/grammar fixes 2017-08-24 21:38:44 -04:00
Brent Cook 6300758c46 use https for metaploit.com links 2017-07-24 06:26:21 -07:00
g0tmi1k 524373bb48 OCD - Removed un-needed full stop 2017-07-21 07:41:51 -07:00
g0tmi1k 3f6925196b OCD - store_loot & print_good 2017-07-19 13:02:49 +01:00
g0tmi1k ef826b3f2c OCD - print_good & print_error 2017-07-19 12:48:52 +01:00
g0tmi1k df9b642746 More print_status -> print_good 2017-07-19 11:39:15 +01:00
g0tmi1k b8d80d87f1 Remove last newline after class - Make @wvu-r7 happy 2017-07-19 11:19:49 +01:00
g0tmi1k a008f8e795 BruteForce - > Brute Force 2017-07-19 10:39:58 +01:00
g0tmi1k 4720d1a31e OCD fixes - Spaces 2017-07-14 08:46:59 +01:00
g0tmi1k 9309115627 OCD - Banner clean up 2017-07-14 08:19:50 +01:00
g0tmi1k fd843f364b Removed extra lines 2017-07-14 08:17:16 +01:00
Pearce Barry 580219695a Oof, missed the parens... 2017-07-12 13:52:59 -05:00
Pearce Barry aa22651340 Few style/spelling tweaks, nothing to see here... 2017-07-12 13:41:20 -05:00
jvoisin 263a42707e Fix a typo 2017-07-09 16:34:51 +02:00
jvoisin 8510cda5ae Implement @bcoles advices 2017-07-09 16:34:10 +02:00
jvoisin f10cf75ae0 Fix some stuff 2017-07-09 10:45:15 +02:00
jvoisin 5fe805aaca s/\t/ /g 2017-07-09 02:29:37 +02:00
jvoisin 968fa0c244 Add even more references 2017-07-09 02:27:54 +02:00
jvoisin ae930ae7c1 Add a module for CVE-2017-7615 2017-07-09 02:14:21 +02:00
Brendan Coles c811c6a8c0 Add PASS_FILE option 2017-05-28 23:26:51 +00:00
Brendan Coles 8fce94b3cd Add ScadaBR Credentials Dumper module 2017-05-28 01:24:53 +00:00
James Lee 4def7ce6cc Land #8327, Simplify storing credentials 2017-05-18 16:49:01 -05:00
William Vu bee36ca90f Fix edge case 2017-05-11 16:22:21 -05:00
William Vu 68f13808e7 Fix msftidy warnings for the WNR2000 module 2017-05-11 16:16:10 -05:00