adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
40,252 Commits 27 Branches 1,043 Tags
bdfaaf01b2c4e207f582ef7c2bf1b2ea1024f27b
Commit Graph

9894 Commits

Author SHA1 Message Date
OJ e8158bd200 Add multi platform type, wire into the multi stage 2016-11-28 09:34:09 +10:00
Brent Cook 59f3c9e769 Land #7579, rename netfilter_priv_esc to rename netfilter_priv_esc_ipv4 2016-11-21 17:59:29 -06:00
Prateep Bandharangshi 8869ebfe9b Fix incorrect disclosure date for OpenNMS exploit 
Disclosure date was Nov 2015, not Nov 2014
 2016-11-21 16:44:36 +00:00
William Webb 6c6221445c Land #7543, Create exploit for CVE-2016-6563 / Dlink DIR HNAP Login 2016-11-21 09:59:50 -06:00
Brent Cook 005d34991b update architecture 2016-11-20 19:09:33 -06:00
Brent Cook f313389be4 Merge remote-tracking branch 'upstream/master' into land-7507-uuid-arch 2016-11-20 19:08:56 -06:00
h00die cfd31e32c6 renaming per @bwatters-r7 comment in #7491 2016-11-18 13:52:09 -05:00
wchen-r7 4596785217 Land #7450, PowerShellEmpire Arbitrary File Upload 2016-11-17 17:47:15 -06:00
wchen-r7 c0af5b690d Land #6638, add local exploit module to execute payload w/ stealth 2016-11-16 16:25:15 -06:00
wchen-r7 e1ff37f3eb Title change and handling Rex::TimeoutError exception 2016-11-16 16:23:44 -06:00
Brendan 18bafaa2e7 Land #7531, Fix drb_remote_codeexec and create targets 2016-11-16 12:58:22 -06:00
wchen-r7 7b83720b90 Bring #6638 up to date 2016-11-15 12:27:05 -06:00
Brent Cook b56b6a49ac Land #7328, Extend lsa_transname_heap exploit to MIPS 2016-11-15 07:37:19 -06:00
wchen-r7 fa9f2b340e def setup isn't needed 2016-11-14 15:52:02 -06:00
wchen-r7 bab07b5691 Bring #7540 up to date 2016-11-14 14:59:21 -06:00
Jeffrey Martin c458d662ed report correct credential status as successful 2016-11-14 12:27:22 -06:00
Jeffrey Martin 4ae90cbbef Land #7191, Add exploit for CVE-2016-6267 - Trend Micro Smart Protection Server authenticated RCE. 2016-11-14 12:06:02 -06:00
William Webb 4e40546958 Land #7502, Disk Pulse Enterprise Login Buffer Overflow 2016-11-14 10:28:53 -06:00
Brent Cook 4f323527c9 Land #7549, Deprecate/move wp_ninja_forms_unauthenticated_file_upload 2016-11-14 03:00:02 -06:00
Pedro Ribeiro 908713ce68 remove whitespace at end of module name 2016-11-14 08:35:34 +00:00
Chris Higgins 4e9802786c Removed spaces causing build to fail 2016-11-13 21:46:24 -06:00
Pearce Barry 9eb9d612ca Minor typo fixups. 2016-11-11 16:54:16 -06:00
Pearce Barry 1dae206fde Land #7379, Linux Kernel BPF Priv Esc (CVE-2016-4557) 2016-11-11 16:50:20 -06:00
wchen-r7 8cd9a9b670 Deprecate wp_ninja_forms_unauthenticated_file_upload 
wp_ninja_forms_unauthenticated_file_upload actually supports
multiple platforms.

Instead of using:
exploit/unix/webapp/wp_ninja_forms_unauthenticated_file_upload

Please use:
exploit/multi/http/wp_ninja_forms_unauthenticated_file_upload
 2016-11-10 11:17:09 -06:00
scriptjunkie 268a72f210 Land #7193 Office DLL hijack module 2016-11-08 23:15:27 -06:00
Pedro Ribeiro 50f578ba79 Add full disclosure link 2016-11-08 22:15:19 +00:00
Yorick Koster 3c1f642c7b Moved PPSX to data/exploits folder 2016-11-08 16:04:46 +01:00
Pedro Ribeiro 95bd950133 Point to proper link on github 2016-11-07 17:59:29 +00:00
Pedro Ribeiro f268c28415 Create dlink_hnap_login_bof.rb 2016-11-07 17:45:37 +00:00
Chris Higgins 099a5984f9 Updated with style suggestions from msftidy and rubocop. 
Also updated with commented from other contributors.
 2016-11-07 10:18:52 -06:00
Chris Higgins 689fc28d1b Added WinaXe 7.7 FTP client Server Ready buffer overflow 2016-11-06 23:35:16 -06:00
William Vu da356e7d62 Remove Compat hash to allow more payloads 2016-11-04 13:57:05 -05:00
William Vu f0c89ffb56 Refactor module and use FileDropper 2016-11-04 13:57:05 -05:00
William Vu 6d7cf81429 Update references 2016-11-04 13:57:05 -05:00
William Vu 009d6a45aa Update description 2016-11-04 13:57:05 -05:00
William Vu bf7936adf5 Add instance_eval and syscall targets 2016-11-04 13:57:05 -05:00
wchen-r7 ca5610ccde Land #7511, Update jenkins_script_console to support newer versions 2016-11-04 11:24:25 -05:00
William Vu 5ed030fcf6 Land #7529, nil.downcase fix for tomcat_mgr_deploy 
Don't think it was ever needed, since the password is case-sensitive.

Fixed a minor merge conflict where PASSWORD became HttpPassword.
 2016-11-03 15:39:46 -05:00
Jin Qian 2f8d3c3cf3 Remove the bug where downcase() is invoked on password which is optional and can be empty. 2016-11-03 15:23:19 -05:00
Brendan dae1f26313 Land #7521, Modernize TLS protocol configuration for SMTP / SQL Server 2016-11-03 12:56:50 -05:00
William Vu eca4b73aab Land #7499, check method for pkexec exploit 2016-11-03 10:59:06 -05:00
William Vu 1c746c0f93 Prefer CheckCode::Detected 2016-11-03 11:14:48 +01:00
William Vu 2cdff0f414 Fix check method 2016-11-03 11:14:48 +01:00
William Webb 31b593ac67 Land #7402, Add Linux local privilege escalation via overlayfs 2016-11-01 12:46:40 -05:00
Brent Cook f8912486df fix typos 2016-11-01 05:43:03 -05:00
OJ 3c57ff5c59 Avoid internal constants for bypassuac file path generation 2016-11-01 01:32:24 +10:00
OJ 6ce7352c45 Revert silly change in applocker bypass 2016-11-01 01:30:54 +10:00
OJ 3c56f1e1f7 Remove commented x64 arch from sock_sendpage 2016-11-01 01:29:11 +10:00
Alex Flores 45d6012f2d fix check method 2016-10-30 14:57:42 -04:00
Spencer McIntyre ccce361768 Remove accidentally included debug output 2016-10-29 18:46:51 -04:00