adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
46,542 Commits 27 Branches 1,043 Tags
abe04edd101e7d2ccdb2bbb5a36664bc02e0ef97
Commit Graph

2615 Commits

Author SHA1 Message Date
William Vu 739d58135f Move EXE generation in struts_code_exec_parameters 2018-05-16 06:15:40 -05:00
William Vu 6ec0272ff5 Land #8727, CVE-2017-9791 exploit 2018-05-16 05:41:26 -05:00
William Vu eaec1d7486 Clean up module 2018-05-16 05:39:17 -05:00
Jacob Robles 9811de430c Land #9878, Add MSF module for EDB 6768, Mantis <= v1.1.3 Post-auth RCE 2018-05-09 11:55:22 -05:00
Jacob Robles a1fed72423 store credential, use vprints 2018-05-09 11:50:07 -05:00
Jacob Robles a18459a14c Fix indentation, documentation update 2018-05-07 09:22:21 -05:00
Touhid M Shaikh 235cac621f playsms_CVE-2017-9101 
playsms_CVE-2017-9101
 2018-05-07 18:55:22 +05:30
Touhid M Shaikh 74793efdef Delete playsms_uploadcsv_exec.rb 2018-05-07 18:54:35 +05:30
Touhid M Shaikh fefaa45a50 playsms_CVE-2017-9101 
playsms_CVE-2017-9101
 2018-05-07 18:53:07 +05:30
Jacob Robles 222b1fb27c Land #9944, playsms_filename_exec.rb 2018-05-07 07:43:16 -05:00
Jacob Robles 601411fe7b store credentials 2018-05-07 07:26:28 -05:00
Jacob Robles 4b8ceab522 Fix indentation, update documentation 2018-05-07 07:22:53 -05:00
Touhid M Shaikh 71d6841471 updated 
indentation and fix CVE
 2018-05-04 21:33:07 +05:30
Touhid M Shaikh aa69fc9e77 updated 
print_status to vprint_status
 2018-05-04 21:13:26 +05:30
Touhid M Shaikh e824f0f8b0 updated 
added CVE, URL and done randomizing content
 2018-05-04 21:00:04 +05:30
Jacob Robles d6cf32fad8 Land #9821, osCommerce 2.3.4.1 - Remote Code Execution 2018-05-02 07:29:15 -05:00
Lars Sorenson 2ca05ee7c1 Remove explicit EDB url in favor of MSF autogenerated one 
Use more appropriate Failwith errors for connection issues
Remove an unnecessary `to_s` call
Use the cookie kwarg for send_request_cgi over explicitly setting a header
 2018-04-29 22:24:49 -04:00
Aaron Soto c4bca03fea Land #9908, msfd_rce_remote and msfd_rce_browser 2018-04-27 18:54:17 -05:00
Touhid M Shaikh ce099aea76 playsms_filename_exec.rb 
PlaySMS sendfromfile.php Authenticated "Filename" Field Code Execution
 2018-04-28 01:15:52 +05:30
Lars Sorenson 143fdde1f8 Flipped Safe and Appears in check 2018-04-15 12:10:10 -04:00
Lars Sorenson 60ac89c336 Restructure some logic to make the flow more intuitive 2018-04-14 15:03:12 -04:00
Lars Sorenson 36c1bf5453 Remove a missed tab 2018-04-14 10:30:49 -04:00
Lars Sorenson 083f6936fd Update for @bcoles review 
Refactor version checking to use Gem::Version
Change the title of the exploit to fit convention
Change print statements used in check to vprint
Change fail_with Failure for connection issues to be Unknown instead
	of NoAccess
Add CVE reference
Refactor how some nil checking is done for response for
	send_request_cgi
Text-wrap description to 80 chars
Remove unnecessary string interpolation for cookie in payload
	delivery
Change how the payload cradle is escaped and encoded; switch to HTTP
	POST for stealth
Remove nil check that is redundant and also typo'd to
 2018-04-14 10:24:05 -04:00
Lars Sorenson 486ab7c776 Update for msftidy and contribution guidelines 2018-04-14 09:20:13 -04:00
Lars Sorenson 27ded57cda Add MSF module for EDB 6768 2018-04-14 08:51:51 -04:00
Daniel Teixeira 37c578e16d Update oscommerce_installer_unauth_code_exec.rb 2018-04-06 17:10:53 +01:00
Daniel Teixeira dee01189ca Update oscommerce_installer_unauth_code_exec.rb 2018-04-06 15:41:21 +01:00
Daniel Teixeira 50c3f53e03 Update oscommerce_installer_unauth_code_exec.rb 2018-04-06 14:39:45 +01:00
Daniel Teixeira 0c829a5c6b Update oscommerce_installer_unauth_code_exec.rb 2018-04-06 14:35:33 +01:00
Daniel Teixeira cbdb3a35b2 Update oscommerce_installer_unauth_code_exec.rb 2018-04-06 14:14:11 +01:00
Daniel Teixeira 6698f1b64b Update oscommerce_installer_unauth_code_exec.rb 2018-04-06 13:05:40 +01:00
Daniel Teixeira 806c72ebcb Update and rename oscommerce.rb to oscommerce_installer_unauth_code_exec.rb 2018-04-06 11:29:29 +01:00
Daniel Teixeira 3efd17a801 Rename osCommerce.rb to oscommerce.rb 2018-04-06 10:46:00 +01:00
Daniel Teixeira 0d254b4e5c Update osCommerce.rb 2018-04-06 10:40:28 +01:00
Daniel Teixeira b5681cb954 osCommerce Module 2018-04-05 20:28:14 +01:00
Brent Cook 81c78a51c2 Land #9794, Added support for regional dialects 2018-04-05 12:56:07 -05:00
Chris Higgins 1fa40bfe3b Land #8539, ProcessMaker Plugin Upload exploit 2018-04-03 20:52:17 -05:00
Brent Cook 8f7d9f3ac8 rename module 2018-04-03 13:44:55 -05:00
Brent Cook 19eef59f23 add disclosure date, fix target 2018-04-03 13:39:11 -05:00
Brent Cook cd7831a2a3 An unforgettable luncheon 2018-04-03 13:39:11 -05:00
Brendan Coles dfb3a421fe Remove require statement 2018-04-03 12:56:06 +00:00
Brendan Coles d860d7af5b require 'rex/tar' 2018-04-03 06:34:30 +00:00
William Vu c19fc4c18f Land #9423, PSH for jenkins_xstream_deserialize 2018-03-26 17:09:16 -05:00
h00die 0028e2c5ba documentation update 2018-03-24 19:25:59 -04:00
Brendan Coles ac9f506b45 Update tested versions 2018-03-20 02:49:56 +00:00
Touhid M Shaikh ea3378753b syntax error fixed on 70 line 
improve check payload was uploaded or not condition using AND condition on line 121
 2018-03-13 14:15:03 +05:30
Touhid M Shaikh 5e30982184 check fucktion and some words fixed 
all changes done which is bcoles suggested
 2018-03-12 21:03:34 +05:30
Touhid M Shaikh 9b0ba4a6fa clipbucket_fileupload_exec 2018-03-12 14:17:13 +05:30
Jacob Robles 86dd382e6a Land #9554, Eclipse Equinoxe OSGi console RCE 2018-03-07 08:41:31 -06:00
Sonny Gonzalez 883654f0ea Land #9653, fix Y2k38 issue (until Jan 1, 2038) 2018-03-01 09:13:41 -06:00