adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
53,692 Commits 27 Branches 1,043 Tags
9b9d3013a40698890d473360ac94de945e76200d
Commit Graph

53692 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Onur ER 9b9d3013a4 Module name changed. 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-10-29 22:18:36 +03:00
Onur ER bbf405bf92 Added EDB number instead of url 2019-10-28 22:09:01 +03:00
Onur ER 5dea40f43b Added Ajenti 2.1.31 exploit 
Ajenti is an open source, web-based control panel that can be used for a large variety of server management tasks. It can install packages and run commands, and you can view basic server information such as RAM in use, free disk space, etc. All this can be accessed from a web browser.

This module exploits a command injection in Ajenti <= 2.1.31.
By injecting a command into the username POST parameter to api/core/auth, a shell can be spawned.
 2019-10-28 21:39:13 +03:00
bwatters-r7 23e3bc3e96 Land #12502, Fix process migration on reverse_tcp meterpreter sessions w/ newer Ruby 
Merge branch 'land-12502' into upstream-master
 2019-10-28 08:11:31 -05:00
Brent Cook 6a9cc9b384 use the common method for enabling secure TLV channel 2019-10-28 06:25:51 -05:00
Brent Cook 4f33267db5 Wait for threads to exit after killing them. 2019-10-28 06:25:15 -05:00
Metasploit 7d6235e062 Bump version of framework to 5.0.57 2019-10-25 13:43:22 -05:00
bwatters-r7 326a2d2459 Land #12491, Update .mailmap 
Merge branch 'land-12491' into upstream-master
5.0.56 		2019-10-25 12:05:51 -05:00
bwatters-r7 315164b388 Land #12467, Bug Fix: nops generate '-s' option ignored 
Merge branch 'land-12467' into upstream-master
 2019-10-25 12:02:20 -05:00
Brent Cook c62f4598f8 Land #12482, Fix the default meterpreter prompt 2019-10-25 11:11:22 -04:00
Christophe De La Fuente c37e2eaebb Update email mapping for @wvu 2019-10-25 13:08:06 +02:00
nil0x42 d7b629c858 Apply suggestions from code review 
Co-Authored-By: Brendan <bwatters@rapid7.com>
 2019-10-25 05:34:56 -03:00
Christophe De La Fuente 6c6ceb9297 Remove unused mapping for @wvu 2019-10-24 19:52:52 +02:00
Christophe De La Fuente 40d2d7356a Add mapping to .mailmap for cdelafuente-r7 2019-10-24 19:48:41 +02:00
Metasploit 519b75d4d3 Bump version of framework to 5.0.56 2019-10-24 12:06:04 -05:00
h00die 47fcd52f65 Land #12456 aux scanner html title docs 5.0.55 2019-10-23 20:58:34 -04:00
h00die 1c9eb0f788 change < to &lt; to prevent md parsing 2019-10-23 20:57:54 -04:00
Metasploit 31dc9197d7 automatic module_metadata_base.json update 2019-10-23 13:37:15 -05:00
Shelby Pace fcc9ad628c Land #12473, add xscreensaver log privesc 2019-10-23 13:27:45 -05:00
Metasploit 4c3abbae01 automatic module_metadata_base.json update 2019-10-23 12:47:24 -05:00
Wei Chen 50baaf4d9c Land #12464, Add ThinVNC Directory Traversal module 2019-10-23 12:39:20 -05:00
Metasploit b65e55f7e8 automatic module_metadata_base.json update 2019-10-23 09:01:45 -05:00
Brendan Coles 991ccdbda5 Land #12106, Add Linux PTRACE_TRACEME local root exploit 2019-10-23 14:01:14 +00:00
Tim W 8c93b219d1 fix compile.rb and rubocop 2019-10-23 20:54:42 +08:00
Tim W 7ff71819e9 add architecture check to check method 2019-10-23 20:38:55 +08:00
Tim W 3cb9f2d709 remove pointless upload_binary function 2019-10-23 20:28:13 +08:00
Tim W 3b5d0b98e7 add a basic check method using loginctl 2019-10-23 19:50:19 +08:00
Metasploit 0e8ed964db automatic module_metadata_base.json update 2019-10-23 01:55:48 -05:00
Tim W 94dd87b004 Land #12483, futex_requeue improvements 2019-10-23 14:47:56 +08:00
Tim W 7d25e321ef add some more comments 2019-10-23 14:45:32 +08:00
Brendan Coles ab9d1470d2 Use workaround for horrific command tokenisation 2019-10-23 06:37:30 +00:00
h00die 2d829f9d46 first upgrade on futex 2019-10-22 21:05:55 -04:00
Spencer McIntyre e771147046 Fix the default meterpreter prompt 2019-10-22 20:02:32 -04:00
Metasploit 92bf2a5067 automatic module_metadata_base.json update 2019-10-22 14:19:32 -05:00
Shelby Pace e8469dca93 Land #11025, add Xorg SUID Modulepath Privesc 2019-10-22 14:11:00 -05:00
Shelby Pace 1ceaa1d7ba add documentation 2019-10-22 10:43:35 -05:00
Shelby Pace f4a54df262 change location of rescue, method name 2019-10-22 09:31:43 -05:00
Brendan Coles 39db3be145 Update tested versions 2019-10-22 06:35:57 +00:00
Shelby Pace 1fd09b6a81 add solaris targets and Metasm usage 2019-10-21 16:13:10 -05:00
Metasploit 166a20e7d5 automatic module_metadata_base.json update 2019-10-21 15:43:35 -05:00
William Vu 3565b0efb8 Land #12365, Total.js CMS widget creation RCE 2019-10-21 15:22:09 -05:00
Metasploit 800c656fd7 automatic module_metadata_base.json update 2019-10-21 12:45:47 -05:00
Brent Cook 58b8990131 Land #12462, add post module to gather grub passwords 2019-10-21 12:35:52 -05:00
Brent Cook 99d55d6110 Land #12423, added docs for git_scanner and goahead_traversal module 2019-10-21 12:24:54 -05:00
bwatters-r7 ee282fe84c Land #12458, Refactor extended check messages 
Merge branch 'land-12458' into upstream-master
 2019-10-21 12:23:06 -05:00
Brent Cook 519c73dcb3 Land #12450, add docs for the heartbleed module 2019-10-21 12:21:53 -05:00
Brent Cook 100c0a7580 Land #12438, add support for custom Meterpreter prompts 2019-10-21 12:20:06 -05:00
Metasploit 8ca882ddd8 automatic module_metadata_base.json update 2019-10-21 11:13:35 -05:00
bwatters-r7 eaa752454b Land #12399, Add Urgent/11 vulnerability scanner 
Merge branch 'land-12399' into upstream-master
 2019-10-21 11:05:09 -05:00
Brent Cook cc8ed049c0 add module docs 2019-10-21 11:03:23 -05:00