adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
47,145 Commits 27 Branches 1,043 Tags
ac20372d00a5bb0e3cbaa0212f04273cb9a8cd30
Commit Graph

2629 Commits

Author SHA1 Message Date
Wei Chen 545e91af00 Land #10262, Add GitList argument injection exploit module 2018-07-06 14:28:20 -05:00
Wei Chen 82c74eb765 Small changes 2018-07-06 14:25:58 -05:00
Shelby Pace b1456df757 made suggested changes 2018-07-06 12:48:38 -05:00
Shelby Pace 5d0652fab1 changed inconsistent capitalization 2018-07-05 15:56:41 -05:00
Shelby Pace 2b452d5681 added documentation and check 2018-07-05 15:47:21 -05:00
Shelby Pace 507fd22958 added http post and generating payload 2018-07-05 13:21:22 -05:00
Shelby Pace 7d0b8dee4a making request for Gitlist source 2018-07-03 14:27:46 -05:00
Wei Chen 12141136d7 Land #9896, Java JMX Package Name Randomization 
Land #9896
 2018-07-02 13:41:39 -05:00
Jacob Robles 00102a7413 oscommerce msftidy fix 2018-06-26 08:21:10 -05:00
Jacob Robles cb50d0fade Land #9825, Add 'phpMyAdmin Authenticated Remote Code Execution' 2018-06-18 08:51:53 -05:00
Jacob Robles 2e2ded22fc Use Gem::Version 
Simplify version comparisons
 2018-06-18 08:35:47 -05:00
Jacob Robles 122ea2ddcb Update module, Add docs 
Changed the module to an exploit module and
added documentation.
 2018-06-18 07:33:05 -05:00
Brent Cook fad5a99c7d fix incorrect disclosure date 2018-05-25 02:59:08 -05:00
William Vu 739d58135f Move EXE generation in struts_code_exec_parameters 2018-05-16 06:15:40 -05:00
William Vu 6ec0272ff5 Land #8727, CVE-2017-9791 exploit 2018-05-16 05:41:26 -05:00
William Vu eaec1d7486 Clean up module 2018-05-16 05:39:17 -05:00
Jacob Robles 9811de430c Land #9878, Add MSF module for EDB 6768, Mantis <= v1.1.3 Post-auth RCE 2018-05-09 11:55:22 -05:00
Jacob Robles a1fed72423 store credential, use vprints 2018-05-09 11:50:07 -05:00
Jacob Robles a18459a14c Fix indentation, documentation update 2018-05-07 09:22:21 -05:00
Touhid M Shaikh 235cac621f playsms_CVE-2017-9101 
playsms_CVE-2017-9101
 2018-05-07 18:55:22 +05:30
Touhid M Shaikh 74793efdef Delete playsms_uploadcsv_exec.rb 2018-05-07 18:54:35 +05:30
Touhid M Shaikh fefaa45a50 playsms_CVE-2017-9101 
playsms_CVE-2017-9101
 2018-05-07 18:53:07 +05:30
Jacob Robles 222b1fb27c Land #9944, playsms_filename_exec.rb 2018-05-07 07:43:16 -05:00
Jacob Robles 601411fe7b store credentials 2018-05-07 07:26:28 -05:00
Jacob Robles 4b8ceab522 Fix indentation, update documentation 2018-05-07 07:22:53 -05:00
Touhid M Shaikh 71d6841471 updated 
indentation and fix CVE
 2018-05-04 21:33:07 +05:30
Touhid M Shaikh aa69fc9e77 updated 
print_status to vprint_status
 2018-05-04 21:13:26 +05:30
Touhid M Shaikh e824f0f8b0 updated 
added CVE, URL and done randomizing content
 2018-05-04 21:00:04 +05:30
Jacob Robles d6cf32fad8 Land #9821, osCommerce 2.3.4.1 - Remote Code Execution 2018-05-02 07:29:15 -05:00
Lars Sorenson 2ca05ee7c1 Remove explicit EDB url in favor of MSF autogenerated one 
Use more appropriate Failwith errors for connection issues
Remove an unnecessary `to_s` call
Use the cookie kwarg for send_request_cgi over explicitly setting a header
 2018-04-29 22:24:49 -04:00
Aaron Soto c4bca03fea Land #9908, msfd_rce_remote and msfd_rce_browser 2018-04-27 18:54:17 -05:00
Touhid M Shaikh ce099aea76 playsms_filename_exec.rb 
PlaySMS sendfromfile.php Authenticated "Filename" Field Code Execution
 2018-04-28 01:15:52 +05:30
Sergey Gorbaty fb3857222a Java JMX Package Name Randomization 2018-04-19 10:10:56 -07:00
Lars Sorenson 143fdde1f8 Flipped Safe and Appears in check 2018-04-15 12:10:10 -04:00
Lars Sorenson 60ac89c336 Restructure some logic to make the flow more intuitive 2018-04-14 15:03:12 -04:00
Lars Sorenson 36c1bf5453 Remove a missed tab 2018-04-14 10:30:49 -04:00
Lars Sorenson 083f6936fd Update for @bcoles review 
Refactor version checking to use Gem::Version
Change the title of the exploit to fit convention
Change print statements used in check to vprint
Change fail_with Failure for connection issues to be Unknown instead
	of NoAccess
Add CVE reference
Refactor how some nil checking is done for response for
	send_request_cgi
Text-wrap description to 80 chars
Remove unnecessary string interpolation for cookie in payload
	delivery
Change how the payload cradle is escaped and encoded; switch to HTTP
	POST for stealth
Remove nil check that is redundant and also typo'd to
 2018-04-14 10:24:05 -04:00
Lars Sorenson 486ab7c776 Update for msftidy and contribution guidelines 2018-04-14 09:20:13 -04:00
Lars Sorenson 27ded57cda Add MSF module for EDB 6768 2018-04-14 08:51:51 -04:00
Daniel Teixeira 37c578e16d Update oscommerce_installer_unauth_code_exec.rb 2018-04-06 17:10:53 +01:00
Daniel Teixeira dee01189ca Update oscommerce_installer_unauth_code_exec.rb 2018-04-06 15:41:21 +01:00
Daniel Teixeira 50c3f53e03 Update oscommerce_installer_unauth_code_exec.rb 2018-04-06 14:39:45 +01:00
Daniel Teixeira 0c829a5c6b Update oscommerce_installer_unauth_code_exec.rb 2018-04-06 14:35:33 +01:00
Daniel Teixeira cbdb3a35b2 Update oscommerce_installer_unauth_code_exec.rb 2018-04-06 14:14:11 +01:00
Daniel Teixeira 6698f1b64b Update oscommerce_installer_unauth_code_exec.rb 2018-04-06 13:05:40 +01:00
Daniel Teixeira 806c72ebcb Update and rename oscommerce.rb to oscommerce_installer_unauth_code_exec.rb 2018-04-06 11:29:29 +01:00
Daniel Teixeira 3efd17a801 Rename osCommerce.rb to oscommerce.rb 2018-04-06 10:46:00 +01:00
Daniel Teixeira 0d254b4e5c Update osCommerce.rb 2018-04-06 10:40:28 +01:00
Daniel Teixeira b5681cb954 osCommerce Module 2018-04-05 20:28:14 +01:00
Brent Cook 81c78a51c2 Land #9794, Added support for regional dialects 2018-04-05 12:56:07 -05:00