adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
44,717 Commits 27 Branches 1,043 Tags
a87ae41d81d680b3ea202ff3c59ff3c052d273a7
Commit Graph

10967 Commits

Author SHA1 Message Date
wchen-r7 196a0b6ac4 Add Default Secret & Deserialization Exploit for Github Enterprise 2017-03-23 10:40:31 -05:00
Mehmet Ince d37966f1bb Remove old file 2017-03-23 12:53:08 +03:00
Mehmet Ince 8a43a05c25 Change name of the module 2017-03-23 12:49:31 +03:00
bwatters-r7 a93aef8b7a Land #8086, Add Module Logsign Remote Code Execution 2017-03-22 11:33:49 -05:00
William Vu 1a8e8402ae Land #8113, SysGauge SMTP server validation sploit 2017-03-21 16:45:42 -05:00
wchen-r7 d10b3da6ec Land #8132, Support Python 2 & 3 for web_delivery 2017-03-21 13:48:27 -05:00
wchen-r7 6b3cfe0a98 Support both Python 2 and Python 3 in one line 
Tested on:

* Python 2.7.13 on Windows
* Python 3.5.3 on Windows
 2017-03-21 13:47:07 -05:00
James Lee 2e096be869 Remove debugging output 2017-03-21 11:26:02 -05:00
Swiftb0y ffe77c484e fixed spacing 2017-03-20 16:37:35 +01:00
Swiftb0y e51063aa56 added the python3 syntax to the web_delivery script 2017-03-20 16:08:08 +01:00
h00die 7bcd53d87d Land #8079, exploit and aux for dnaLims 2017-03-20 11:08:05 -04:00
h00die fd5345a869 updates per pr 2017-03-20 10:40:43 -04:00
h00die fe5167bf26 changes to file per pr 2017-03-20 10:16:42 -04:00
h00die 84e4b8d596 land #8115 which adds a CVE reference to IMSVA 2017-03-18 09:51:52 -04:00
Mehmet Ince 6aa42dcf08 Add solarwinds default ssh user rce 2017-03-17 21:54:35 +03:00
Brent Cook 52cea93ea2 Merge remote-tracking branch 'upstream/master' into land-8118- 2017-03-17 12:39:30 -05:00
Chris Higgins 7a12e446a0 Updated documentation and fixed module header. Whoops, copy/paste fail. 2017-03-16 21:28:24 -05:00
Dallas Kaman 80c33fc27f adding '-' to rails deserialization regex for cookie matching 2017-03-16 10:54:32 -05:00
Thomas Reburn 59c7de671e Updated rails_secret_deserialization to add '.' regex for cookie matching. 2017-03-16 10:45:43 -05:00
Chris Higgins f4bb1d6a37 Updated based on @wvu's comments 2017-03-15 19:15:12 -05:00
Mehmet Ince f706c4d7f6 Removing prefix 2017-03-16 00:49:55 +03:00
Mehmet Ince 60186f6046 Adding CVE number 2017-03-16 00:31:21 +03:00
Brent Cook 8995629037 Land #7061, allow chaining the service stub with other encoders 2017-03-15 13:56:09 -05:00
Chris Higgins b3fbbbee34 Spelling is hard 2017-03-14 23:34:00 -05:00
Chris Higgins cc4f18e6c5 Add sysgauge_client_bof module and documentation 2017-03-14 23:29:19 -05:00
William Webb e96013cd0f Land #7781, IBM Websphere Java Deserialization RCE 2017-03-14 17:21:18 -05:00
wchen-r7 1736332638 Land #8103, Add CVE-2017-5638, Struts2 Content-Type OGNL injection 2017-03-14 16:10:49 -05:00
wchen-r7 9201f5039d Use vprint for check because of rules 2017-03-14 15:02:54 -05:00
James Lee f429b80c4e Forgot to rm this when i combined 2017-03-14 12:18:11 -05:00
William Vu 01ea5262b8 Land #8070, msftidy vars_get fixes 2017-03-14 12:05:24 -05:00
William Vu 5c436f2867 Appease msftidy in tr064_ntpserver_cmdinject 
Also s/"/'/g.
 2017-03-14 11:52:21 -05:00
William Vu 5d6a159ba9 Use query instead of uri in mvpower_dvr_shell_exec 
I should have caught this in #7987, @bcoles, but I forgot. Apologies.
This commit finishes what @itsmeroy2012 attempted to do in #8070.
 2017-03-14 11:51:55 -05:00
itsmeroy2012 79331191be msftidy error updated 2.5 2017-03-14 22:02:59 +05:30
itsmeroy2012 67fc43a0a1 msftidy error updated 2.4 2017-03-14 21:33:53 +05:30
James Lee 53c9caa013 Allow native payloads 2017-03-13 20:10:02 -05:00
James Lee 2053b77b01 ARCH_CMD works 2017-03-13 18:37:50 -05:00
itsmeroy2012 fe4e2306b4 Reverting one step 2017-03-13 22:22:24 +05:30
wizard32 78ff7a8865 Module renamed 
Renamed from websphere_java_deserialize.rb to ibm_websphere_java_deserialize.rb
 2017-03-13 08:22:24 +02:00
William Vu 8638f9ec7e Update freesshd_authbypass to use CmdStager fully 2017-03-11 19:59:39 -06:00
Pearce Barry 4e32c80e8e Use the Msf::Exploit::CmdStager mixin. Fixes #8092. 2017-03-11 17:44:05 -06:00
William Vu fe4f20c0cc Land #7968, NETGEAR R7000 exploit 2017-03-10 16:02:30 -06:00
itsmeroy2012 1c54e0ba94 msftidy error updated 2.2 2017-03-10 23:59:38 +05:30
itsmeroy2012 6d8789a56e Updated msftidy error 2.1 2017-03-10 23:03:37 +05:30
itsmeroy2012 c0f17cf6b8 msftidy error updated 2.0 2017-03-10 22:16:27 +05:30
Mehmet Ince f6bac3ae31 Add iso link to md file and change CheckCode code 2017-03-10 13:00:49 +03:00
James Lee e7b65587b4 Move to a more descriptive name 2017-03-09 14:19:06 -06:00
James Lee e07d5332de Don't step on the payload accessor 2017-03-09 13:54:00 -06:00
James Lee d92ffe2d51 Grab the os.name when checking 2017-03-09 13:52:58 -06:00
James Lee 83f5f98bb0 Merge remote-tracking branch 'upstream/pr/8074' into land-8072 2017-03-09 11:08:29 -06:00
flakey-biscuits 0ab3ad86ee change dnalims_file_retrieve module type 2017-03-09 10:06:31 -05:00