adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,775 Commits 27 Branches 1,043 Tags
ba2f786bbba7775dec47cd325b428e39e7eaecf2
Commit Graph

28352 Commits

Author SHA1 Message Date
Shelby Pace 1bc40f88ac Land #13215, add LimeSurvey directory traversals 2020-04-14 12:03:10 -05:00
h00die 7884d1be34 space comments 2020-04-14 10:04:17 -04:00
bwatters-r7 2a0095f5b7 Land #12405, Add execute_assembly post module 
Merge branch 'land-12405' into upstream-master
 2020-04-13 18:21:38 -05:00
bwatters-r7 b9e83bd055 Update VS build destination 2020-04-13 18:20:20 -05:00
gwillcox-r7 3c64b8fde9 Land #13094, Vesta Control Panel v-list-user-backups RCE 2020-04-13 16:56:08 -05:00
gwillcox-r7 c151b93ba4 Fix up clarity and spelling issues in module and documentation 2020-04-13 16:28:39 -05:00
Mehmet İnce b7a1fbdde2 Fixed documentation and login method 2020-04-13 18:55:56 +03:00
William Vu 51f4383ffb Explain CVEs and "fix" CMDSTAGER::FLAVOR 2020-04-13 10:37:19 -05:00
Spencer McIntyre a87eb8a153 Uncomment CVE references 2020-04-13 10:25:38 -04:00
Mehmet İnce 706a395bc0 Fixed 2nd round of suggested changes 2020-04-13 11:22:02 +03:00
William Vu 0c3080c318 Add ThinkPHP Multiple PHP Injection RCEs 2020-04-13 02:21:01 -05:00
Mehmet İnce d906c3dc77 Fixed reviews suggestions 2020-04-11 14:38:19 +03:00
Mehmet İnce eb7d2f821d Adding CVE number 
Signed-off-by: Mehmet İnce <mehmet@mehmetince.net>
 2020-04-11 12:22:17 +03:00
Mehmet İnce 5d04c2b4a5 Adding documentation and module description 
Signed-off-by: Mehmet İnce <mehmet@mehmetince.net>
 2020-04-11 12:22:17 +03:00
Mehmet İnce 7c2f65da36 Adding vestacp exec 
Signed-off-by: Mehmet İnce <mehmet@mehmetince.net>
 2020-04-11 12:22:17 +03:00
b4rtik 896470a301 Fix tab and space 2020-04-11 11:06:52 +02:00
b4rtik c845ef4830 Added required clr detection 2020-04-10 15:06:42 -05:00
b4rtik 869bb46516 Changed option type from String to Path 2020-04-10 15:06:42 -05:00
bwatters-r7 bdb6b8eca2 Rename module 2020-04-10 15:06:42 -05:00
bwatters-r7 35985836bd Code cleanup and dotnet version print 2020-04-10 15:06:41 -05:00
b4rtik b4d2dfe753 Added EtwEventWrite patching 2020-04-10 15:06:00 -05:00
b4rtik 8743cdfecc Update and USETHREADTOKEN 2020-04-10 15:05:20 -05:00
b4rtik 91a0bce53e Update modules/post/windows/manage/execute_assembly.rb 
Co-Authored-By: Brendan <bwatters@rapid7.com>
 2020-04-10 15:05:20 -05:00
b4rtik 2c7bfe8dab Update execute_assembly.rb 2020-04-10 15:05:19 -05:00
b4rtik 0203e38eb0 Code refactoring 2020-04-10 15:05:19 -05:00
b4rtik 3b6d2fc819 Update execute_assembly.rb 2020-04-10 14:57:40 -05:00
b4rtik 684ac5e923 Update execute_assembly.rb 2020-04-10 14:57:40 -05:00
b4rtik 801bc186a6 Update execute_assembly.rb 2020-04-10 14:57:40 -05:00
b4rtik 33cd725562 Add dynamic size for assembly and args 2020-04-10 14:57:37 -05:00
b4rtik aa66f5c3df Update execute_assembly.rb 2020-04-10 14:56:33 -05:00
b4rtik 1e8b8c7678 Update execute_assembly.rb 2020-04-10 14:56:27 -05:00
Brent Cook 576b575333 Merge branch 'master' into land-13154- 2020-04-10 08:23:51 -05:00
Spencer McIntyre d6d939b2ed Land #12594, add a Ubiquiti config importer mixin 2020-04-08 17:52:28 -04:00
h00die 77da4d707a files get deleted 2020-04-08 14:46:43 -04:00
h00die 041ca23d14 limesurvey dir traversals 2020-04-08 14:31:17 -04:00
Shelby Pace 7934d1de09 Land #13098, add Pandora FMS module 2020-04-06 11:42:24 -05:00
Shelby Pace a3c07b7cc1 use nospace opt, fix regex, iterate id_agente 2020-04-06 11:34:13 -05:00
bwatters-r7 9474b5fda1 Land #13187, Add LPE Exploit For CVE-2020-0796 (AKA: SMBGhost) (take2) 
Merge branch 'land-13187' into upstream-master
 2020-04-03 11:25:48 -05:00
bwatters-r7 182bd67287 Land #13187, Add LPE Exploit For CVE-2020-0796 (AKA: SMBGhost) 
Merge branch 'land-13187' into upstream-master
 2020-04-03 11:19:50 -05:00
Spencer McIntyre 94f18cc67a Add the AKA reference to CoronaBlue for accuracy 2020-04-03 11:01:43 -04:00
Spencer McIntyre bea42876ee Land #13067, PlaySMS template injection RCE 2020-04-03 10:22:35 -04:00
Spencer McIntyre bd835e8f2d Cleanup more status methods and move the module 2020-04-03 10:21:27 -04:00
Brent Cook 8451c1345b Land #10579, add sharphound post module, upstream updating tool 2020-04-03 09:10:40 -05:00
Spencer McIntyre 126b9e2172 Address PR comments for CVE-2020-0796 2020-04-03 08:56:53 -04:00
cn-kali-team ff6a4d7f44 Delete files 2020-04-03 10:36:13 +08:00
cn-kali-team 1e7060f06d Add my code to this file 2020-04-03 10:35:30 +08:00
William Vu b343ac6452 Don't delay the session and update module doc 2020-04-02 17:34:20 -05:00
William Vu 79142cf445 Move module to unix/webapp 2020-04-02 17:22:34 -05:00
William Vu f9c8f62491 Fix PHP payload so we can get a session 
It's ENCODER, not ENCODE, so the payload wasn't being encoded, leaving
semicolons unencoded and causing a 500 error on the server.

Also preferred payload.encoded over payload.encode and removed a stray
brace that wasn't causing any issues.
 2020-04-02 17:16:19 -05:00
Spencer McIntyre 276475c308 Check compression in the check method for SMBGhost 2020-04-02 17:35:17 -04:00