adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,609 Commits 27 Branches 1,043 Tags
aba7a144b6ff1a6f1ef418ded9c00a2daf2eacd0
Commit Graph

13855 Commits

Author SHA1 Message Date
bwatters-r7 859eda92bb Land #12759, Apache Solr Remote Code Execution via Velocity Template 
Merge branch 'land-12759' into upstream-master
 2020-04-02 11:23:33 -05:00
Adam Galway e8d134fc56 Land #12096, DNN cookie desrialization exploit 2020-04-02 15:57:46 +01:00
William Vu 1e90c6117c Land #13152, IBM PA/TM1 CVE-2019-4716 exploit 2020-03-30 10:50:50 -05:00
Pedro Ribeiro d904eed010 add badchars for various targets 2020-03-30 12:49:58 +07:00
ide0x90 861b79bce7 Added new targets and made documentation consistent 2020-03-29 00:33:24 +08:00
Pedro Ribeiro 59c2079aa4 split AIX and Linux cmd targets 2020-03-28 14:35:24 +07:00
Pedro Ribeiro 46286f8981 change to payload.encoded 2020-03-28 14:30:20 +07:00
Pedro Ribeiro 2ac177cb39 make changes for ARCH_CMD, add multiple targets 2020-03-28 14:22:21 +07:00
Pedro Ribeiro 6a6b99885d Add ARCH_CMD, tested and working 2020-03-28 13:55:09 +07:00
Pedro Ribeiro 5ac0145bb4 Update modules/exploits/multi/misc/ibm_tm1_unauth_rce.rb 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2020-03-28 11:04:31 +07:00
Green-m 92fb321f9f Satify the msftidy_docs. 2020-03-28 11:46:55 +08:00
Green-m 4b1762081f Renane module to redis_extension_cmd_exec. 
Fix #12143
 2020-03-28 11:37:18 +08:00
Shelby Pace 5f0c9942d2 Land #12756, add dlink dwl2600 exploit 2020-03-27 12:38:35 -05:00
Shelby Pace 8aa4d7a944 remove mixins, add CVE 2020-03-27 12:37:40 -05:00
Pedro Ribeiro c4f05fb566 Update modules/exploits/multi/misc/ibm_tm1_unauth_rce.rb 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2020-03-27 16:29:34 +07:00
Pedro Ribeiro 8139d0a1f1 change if to positive 2020-03-27 16:18:43 +07:00
Pedro Ribeiro 79abacd186 Fix null response 2020-03-27 16:17:01 +07:00
Pedro Ribeiro 7400720130 Update modules/exploits/multi/misc/ibm_tm1_unauth_rce.rb 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2020-03-27 16:15:56 +07:00
Pedro Ribeiro 75a0a2ae8a change module name 2020-03-27 16:15:43 +07:00
Pedro Ribeiro 3429e86f40 Update modules/exploits/multi/misc/ibm_tm1_unauth_rce.rb 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2020-03-27 16:14:44 +07:00
Pedro Ribeiro f69d9e0b0d Update modules/exploits/multi/misc/ibm_tm1_unauth_rce.rb 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2020-03-27 16:14:33 +07:00
Pedro Ribeiro f81099709d Update modules/exploits/multi/misc/ibm_tm1_unauth_rce.rb 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2020-03-27 16:14:22 +07:00
Pedro Ribeiro cb5fbdf0c0 explain a bit better 2020-03-27 15:23:46 +07:00
Pedro Ribeiro d566fdefae add link to advisory 2020-03-27 14:52:28 +07:00
Pedro Ribeiro 38df0e3a58 Add exploit for IBM TM1 2020-03-27 14:40:56 +07:00
Nicholas Starke bb21c8f6d8 Finishing Touches on DLINK DWL 2600 Module 
These last finishing touches complete the DLINK DWL 2600 Module.  The
fixes include making renaming token to @token and adding the noconcat
CmdStager option.
 2020-03-26 20:13:55 -05:00
Shelby Pace dc9e215318 remove unused code / add option 2020-03-26 16:05:56 -05:00
Shelby Pace f191eb00c9 add command stager 2020-03-26 16:05:56 -05:00
Alan Foster 077d7af6a9 Land #13143, fix broken redis_unauth_exec check in msfconsole 2020-03-26 12:21:26 +00:00
bwatters-r7 beb53254c7 Land #13122, Add Exploit Module For CVE-2020-0646 (SharePoint Workflows XOML RCE) 
Merge branch 'land-13122' into upstream-master
 2020-03-25 11:24:15 -05:00
Adam Cammack 5ce4929834 Fix has_check? conflict in redis_unauth_exec 
Importing `Msf::Auxiliary::Scanner` at all will override the default
`has_check?` check and add a its own `check` method. This redefines
`has_check?` to allow usage of the Redis mixin while using an
exploit-style `check` method.

Fixes #13095
 2020-03-25 10:07:08 -05:00
Spencer McIntyre 54edd201e4 Cleanup cmdstager options 2020-03-24 17:14:47 -04:00
Spencer McIntyre a69f3eb946 Use the correct its instead of it's 2020-03-24 16:44:18 -04:00
tperry-r7 d32640d179 Land #13133 clean up module documentation 
Land #13133 clean up module documentation
 2020-03-24 12:29:27 -05:00
Spencer McIntyre a0cd00dac7 Cleanup module doc and comments for CVE-2020-0646 2020-03-24 10:15:58 -04:00
h00die 0b4c047411 doc cleanup 2020-03-24 08:47:21 -04:00
Spencer McIntyre 0832604131 Finish up the CVE-2020-0646 SharePoint RCE 2020-03-23 18:14:28 -04:00
Srikanth Suresh 005601f76e Changing from Remote to Local 
Using https://github.com/rapid7/metasploit-framework/issues/13116 as the reference
 2020-03-23 20:40:25 +03:00
Shelby Pace fd8ceb0db2 Land #13082, add Horde Groupware Webmail RCE 2020-03-23 07:32:53 -05:00
Shelby Pace 475c24361d randomize file name 2020-03-23 07:28:04 -05:00
Shelby Pace c6eebe4ca3 replace equality with include? 2020-03-20 21:19:29 -05:00
Spencer McIntyre 6c24ed4c96 Initial SharePoint WorkFlows XOML RCE module 2020-03-20 17:57:54 -04:00
Spencer McIntyre 5b2f744cd8 Land #13070, fix Cisco DCNM directory search regex 2020-03-19 13:17:27 -04:00
Andrea Cardaci 40d6dd14c4 Remove the check method 2020-03-18 20:29:49 +01:00
Andrea Cardaci 19e9848592 Remove trailing spaces 2020-03-17 19:06:57 +01:00
Andrea Cardaci bbb152a6d8 Update modules/exploits/multi/http/horde_csv_rce.rb 
Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-03-17 19:02:34 +01:00
Andrea Cardaci eccee07e8b Update modules/exploits/multi/http/horde_csv_rce.rb 
Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-03-17 19:02:07 +01:00
Andrea Cardaci a60652898f Update modules/exploits/multi/http/horde_csv_rce.rb 
Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-03-17 19:01:03 +01:00
Andrea Cardaci a4ff847170 Update modules/exploits/multi/http/horde_csv_rce.rb 
Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-03-17 18:57:06 +01:00
Shelby Pace 922f1ec708 Land #12901, add Centreon poller rce 2020-03-17 12:16:29 -05:00