adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
53,692 Commits 27 Branches 1,043 Tags
9b9d3013a40698890d473360ac94de945e76200d
Commit Graph

27352 Commits

Author SHA1 Message Date
Onur ER 9b9d3013a4 Module name changed. 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-10-29 22:18:36 +03:00
Onur ER bbf405bf92 Added EDB number instead of url 2019-10-28 22:09:01 +03:00
Onur ER 5dea40f43b Added Ajenti 2.1.31 exploit 
Ajenti is an open source, web-based control panel that can be used for a large variety of server management tasks. It can install packages and run commands, and you can view basic server information such as RAM in use, free disk space, etc. All this can be accessed from a web browser.

This module exploits a command injection in Ajenti <= 2.1.31.
By injecting a command into the username POST parameter to api/core/auth, a shell can be spawned.
 2019-10-28 21:39:13 +03:00
Shelby Pace fcc9ad628c Land #12473, add xscreensaver log privesc 2019-10-23 13:27:45 -05:00
Wei Chen 50baaf4d9c Land #12464, Add ThinVNC Directory Traversal module 2019-10-23 12:39:20 -05:00
Brendan Coles 991ccdbda5 Land #12106, Add Linux PTRACE_TRACEME local root exploit 2019-10-23 14:01:14 +00:00
Tim W 8c93b219d1 fix compile.rb and rubocop 2019-10-23 20:54:42 +08:00
Tim W 7ff71819e9 add architecture check to check method 2019-10-23 20:38:55 +08:00
Tim W 3b5d0b98e7 add a basic check method using loginctl 2019-10-23 19:50:19 +08:00
Tim W 7d25e321ef add some more comments 2019-10-23 14:45:32 +08:00
Brendan Coles ab9d1470d2 Use workaround for horrific command tokenisation 2019-10-23 06:37:30 +00:00
h00die 2d829f9d46 first upgrade on futex 2019-10-22 21:05:55 -04:00
Shelby Pace e8469dca93 Land #11025, add Xorg SUID Modulepath Privesc 2019-10-22 14:11:00 -05:00
Shelby Pace f4a54df262 change location of rescue, method name 2019-10-22 09:31:43 -05:00
Brendan Coles 39db3be145 Update tested versions 2019-10-22 06:35:57 +00:00
Shelby Pace 1fd09b6a81 add solaris targets and Metasm usage 2019-10-21 16:13:10 -05:00
William Vu 3565b0efb8 Land #12365, Total.js CMS widget creation RCE 2019-10-21 15:22:09 -05:00
Brent Cook 58b8990131 Land #12462, add post module to gather grub passwords 2019-10-21 12:35:52 -05:00
bwatters-r7 eaa752454b Land #12399, Add Urgent/11 vulnerability scanner 
Merge branch 'land-12399' into upstream-master
 2019-10-21 11:05:09 -05:00
Brent Cook be57b284a9 split more neatly, support commas 2019-10-21 10:43:28 -05:00
Brendan Coles 84430c2a66 Add Solaris xscreensaver log Privilege Escalation module 2019-10-21 06:14:50 +00:00
Brent Cook 7cb683646f remove unused RPORT 2019-10-20 21:40:05 -05:00
Brent Cook def423c261 add RHOSTS support for multi-port 2019-10-20 21:37:55 -05:00
Brent Cook b1942bb9ec use probe socket for detection, pad TCP NOP explicitly 2019-10-20 21:31:33 -05:00
Brent Cook f68e574795 close sockets, do preflight check to avoid F+ 2019-10-20 20:26:16 -05:00
Brent Cook d005c2d3ee malform packets more (once more with feeling), add report mixin for reporting 2019-10-20 20:00:56 -05:00
William Vu b870cadb0f Reregister INTERFACE datastore option 
In case configuration failed.
 2019-10-18 12:08:45 -05:00
William Vu 3d08f7c746 Update DisclosureDate comment 2019-10-18 12:07:28 -05:00
William Vu 3c74bdd7ee Add CRASH_SAFE module trait to notes 2019-10-18 12:01:27 -05:00
dwelch-r7 9ad5e353fe Use latest framework version 2019-10-18 12:21:33 +01:00
Brendan Coles 43c980ed29 Add ThinVNC Directory Traversal module 2019-10-17 07:44:19 +00:00
Taeber Rapczak 1c9a3c74d5 Add post module to collect grub passwords 
closes #11166
 2019-10-16 00:45:33 -04:00
Wei Chen 0ebc971d29 Use CmdStager mixin 2019-10-15 14:00:58 -05:00
bwatters-r7 f5bb6f8ca2 Land #12428, Extend check codes with custom messages 
Merge branch 'land-12428' into upstream-master
 2019-10-15 11:06:33 -05:00
Wei Chen bb7c42b2ce Arch and disclosure date 2019-10-15 10:25:20 -05:00
Wei Chen a3331dba9f Move totaljs cms module and doc 2019-10-15 10:11:14 -05:00
pkb1s 8eed4c7545 Update exchange_web_server_pushsubscription.rb 2019-10-15 15:43:55 +01:00
William Vu 4a9a3604f6 Fix tcp_malformed_options_detection scoring 
Typo defaulted @vxworks_score and @ipnet_score to 100 instead of -100.
This commit also refactors the method to align with the others.
 2019-10-14 21:00:52 -05:00
William Vu 3e0b58613a Flip TCP source/destination logic 2019-10-14 20:17:39 -05:00
Brent Cook d3208d8196 add tcp malformed options detection 
Authored by busterb two commits ago and recommitted by wvu now. Oops.
 2019-10-14 20:10:17 -05:00
William Vu aaf9e688b9 Remove Python external module 2019-10-14 19:38:43 -05:00
William Vu 1b0b0e8ce5 Add tcp_dos_detection 2019-10-14 19:37:59 -05:00
Shelby Pace ec9ea4ce0d Land #12366, fix nil check in atutor module 2019-10-14 18:14:06 -05:00
William Vu b667965b58 Refactor detections and add scoring 2019-10-14 17:26:08 -05:00
William Vu f5c7e568b9 Clarify that packet configuration sends UDP 2019-10-14 13:31:55 -05:00
William Vu ca86041951 Configure Ethernet and IP headers automatically 2019-10-14 13:18:27 -05:00
William Vu 3a0a9868aa Prefer Packet#to_w 2019-10-14 12:41:44 -05:00
William Vu 14ce82967e Finish echo request and use capture_sendto 2019-10-14 12:10:28 -05:00
William Vu 9f3d65b9fe Prefer Packet#payload 2019-10-14 11:59:03 -05:00
William Vu 0b7b88e397 Start work on icmp_timestamp_detection 2019-10-14 11:53:29 -05:00