adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
42,876 Commits 27 Branches 1,043 Tags
b9f5ebcf663934fd95eb4f144e883a7ea4ab628f
Commit Graph

10445 Commits

Author SHA1 Message Date
Pearce Barry a2602bf514 Land #8600, Add GoAutoDial 3.3 RCE Command Injection / SQL injection module 2017-06-30 17:32:51 -05:00
Pearce Barry dd530a2953 Minor indentation tweaks. 2017-06-30 17:29:43 -05:00
William Vu 7e1b50ab3b Land #8629, AKA (also known as) module reference 2017-06-28 19:15:45 -05:00
Brent Cook aa8c580aba updates 2017-06-28 20:14:38 -04:00
Brent Cook d20036e0fb revise spelling, add heartbleed and tidy checks 2017-06-28 18:50:20 -04:00
William Vu 43d8c4c5e7 Land #8519, Apache ActiveMQ file upload exploit 2017-06-28 17:19:39 -05:00
Brent Cook 461ab4501d add 'Also known as', AKA 'AKA', to module references 2017-06-28 15:53:00 -04:00
William Webb 6349026134 Land #8442, Exploit module for Backup Exec Windows Agent UaF 2017-06-28 10:39:28 -05:00
dmohanty-r7 18410d8230 Land #8540, Add Symantec Messaging Gateway RCE 2017-06-22 19:00:32 -05:00
Brent Cook 4fdd77f19a Land #8051, Add Netgear DGN2200v1/v2/v3/v4 Command Injection Module 2017-06-22 11:46:40 -05:00
Brent Cook a4e8cdfa6e msftidy fixes 2017-06-22 11:44:40 -05:00
William Webb 02e4edc4cb Land #8579, Easy File Sharing HTTP Server 7.2 - Post Overflow exploit 2017-06-22 10:56:41 -05:00
Jin Qian b51fc0a34e Land #8489, more httpClient modules use store_valid_credential 2017-06-21 17:18:34 -05:00
Jeffrey Martin 99fb905bbd fix typo 2017-06-21 16:52:09 -05:00
Pearce Barry 24d9bec0ae Land #8260, OpManager Version Check 2017-06-20 17:58:10 -05:00
Pearce Barry 241786e71f Update description with tested versions. 2017-06-20 15:32:08 -05:00
Pearce Barry 14f0409c6c Missing regex '+', readding so we get full API key. 2017-06-20 15:28:15 -05:00
Pearce Barry b02719e795 Attempt to appease Travis... 2017-06-20 11:36:08 -05:00
Mzack9999 c7a55ef92f Added exploit documentation 2017-06-20 09:03:40 +02:00
Pearce Barry 58cd432120 Added docs, minor code tweak to remove duplication. 2017-06-19 17:35:41 -05:00
mccurls 8c23769cbc Updated module to use an instance variable for using HTTP session tokens across functions. 2017-06-18 12:59:34 +10:00
Mzack9999 7fb36edd50 corrected msftidy warnings 2017-06-17 22:58:47 +02:00
Mzack9999 31a5cc94b2 Easy File Sharing HTTP Server 7.2 - Post Overflow exploit 2017-06-17 22:35:21 +02:00
mccurls 19ceb53304 Modified payload handling and uploaded documentation 2017-06-18 02:04:22 +10:00
mccurls 07051d1f00 Removed whitespace 2017-06-17 09:59:46 +10:00
mccurls 8eb59eac3f Stuffed up regex.. left some random $ characters floating around and have now removed them. 2017-06-17 08:03:09 +10:00
mccurls 6363a319d2 Fixed Typo 2017-06-17 07:32:17 +10:00
mccurls b34bf76fea Adding GoAutoDial RCE module 2017-06-17 07:22:41 +10:00
thesubtlety 49d998f7d9 catch invalid tokens 2017-06-15 21:45:29 -04:00
thesubtlety f4ffade406 add ability to specify API token instead of password 2017-06-15 21:05:53 -04:00
Pearce Barry 9d57197736 Land #8551, Update processmaker_exec module with workspace support 2017-06-15 17:12:35 -05:00
Tod Beardsley 49383f8f3a Update and fix grammar to the CryptoLog module 
After talking to the vendor, it appears that the PHP version of CryptoLog has been EOL'ed since 2009. It has since been replaced with an ASP.NET version, which, obviously, is no longer vulnerable to these PHP exposures.
 2017-06-15 13:00:44 -05:00
Mehmet Ince c147779097 Add CVE number to the symantec-messaging-gateway-exec module 2017-06-14 23:07:58 +03:00
James Lee 55f0edb732 Land #8491, fixes for service_persistence 2017-06-13 17:17:53 -05:00
Brendan Coles 0766f92013 Add option for workspace 2017-06-13 12:46:36 +00:00
Jeffrey Martin cbbb57d1a5 Land #8526, Refactor QNAP and airOS modules for creds 2017-06-12 14:46:11 -05:00
Mehmet Ince 6ae540d889 Adding Symantec messaging gateway rce 2017-06-10 12:23:12 +03:00
Stephen Shkardoon (ss23) a968a74ae0 Update ms17_010_eternalblue description and ranking. 
The module has been noted to cause crashes, reboots, BSOD, etc, on
some systems.
 2017-06-09 11:01:48 +12:00
Brent Cook aa00661fd0 Land #8518, update CVE references where modules report_vuln 2017-06-08 13:38:12 -05:00
William Vu 3e20296cf5 Add service_details for SSH 2017-06-08 13:28:29 -05:00
William Vu e22334343e Use store_valid_credential in my modules 
I used report_note because using the creds API was a pain in the ass.
 2017-06-08 00:57:51 -05:00
bwatters-r7 99fa52e660 Land #8434, Add Windows 10 Bypassuac fodhelper module 2017-06-07 11:15:01 -05:00
Anderson d641058f75 Added module to exploit ActiveMQ CVE-2016-3088 2017-06-06 11:33:42 -07:00
Brent Cook bac17a8e80 Land #8053, Add DC/OS Marathon UI Exploit 2017-06-06 09:29:26 -05:00
Jeffrey Martin 1558db375d update CVE reference in where modules report_vuln 2017-06-05 16:36:44 -05:00
bwatters-r7 f47cc1a101 Rubocop readability changes 2017-06-05 14:32:45 -05:00
Jeffrey Martin 2924318ca5 update java_rmi_server modules with CVE 2017-06-02 12:59:48 -05:00
h00die 361cc2dbeb fix newline issue and service call 2017-05-30 22:37:26 -04:00
h00die f98b40d038 adds check on service writing before running it 2017-05-30 22:14:49 -04:00
Jeffrey Martin 0e145573fc more httpClient modules use store_valid_credential 2017-05-30 14:56:05 -05:00