adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
49,526 Commits 27 Branches 1,043 Tags
befca0f2fecce49bb3aca245d3ce714be96814ca
Commit Graph

1195 Commits

Author SHA1 Message Date
Brent Cook 0fddb8e31c Land #10768, Exploit for Netgear CVE-2016-1555 2018-11-26 11:45:10 -06:00
Brendan Coles debf79416b Replace WsfDelay with WfsDelay - Fixes #11018 2018-11-25 04:22:11 +00:00
William Vu 90b9204703 Update DisclosureDate to ISO 8601 in my modules 
Basic msftidy fixer:

diff --git a/tools/dev/msftidy.rb b/tools/dev/msftidy.rb
index 9a21b9e398..e9ff2b21e5 100755
--- a/tools/dev/msftidy.rb
+++ b/tools/dev/msftidy.rb
@@ -442,6 +442,8 @@ class Msftidy
     # Check disclosure date format
     if @source =~ /["']DisclosureDate["'].*\=\>[\x0d\x20]*['\"](.+?)['\"]/
       d = $1  #Captured date
+      File.write(@full_filepath, @source.sub(d, Date.parse(d).to_s))
+      fixed('Probably updated traditional DisclosureDate to ISO 8601')
       # Flag if overall format is wrong
       if d =~ /^... (?:\d{1,2},? )?\d{4}$/
         # Flag if month format is wrong
 2018-11-16 12:18:28 -06:00
Imran E. Dawoodjee 16d146fd59 Fixing indentation. 2018-11-12 13:24:00 +08:00
Imran E. Dawoodjee 3e4df06500 Some more modifications 
Placed contents of request_post into execute_command
Randomized fingerprint with rand_text_alpha(12)
Spaces at EOL fixed
Normalized target URI
 2018-11-12 13:04:42 +08:00
Imran E. Dawoodjee 818cb37aca Implemented changes recommended by @bcoles. 2018-11-12 12:26:23 +08:00
Brendan Coles 1f14a9846d Land #10767, Add Cisco Prime Infrastructure remote root exploit 2018-11-10 17:08:16 +00:00
Pedro Ribeiro 7464d81c01 Add warning about JSP deletion 2018-11-05 00:52:34 +09:00
Spencer McIntyre caf76a6555 Add applicable notes to my exploit modules 2018-10-27 20:54:14 -04:00
Imran E. Dawoodjee c86f68cb60 Minor changes to module, updated documentation. 2018-10-09 20:39:00 +06:30
Imran E. Dawoodjee 4332c4cffd Increased linemax from 128 to 2048. 2018-10-09 15:35:47 +06:30
Imran E. Dawoodjee 97b398963b Suggestions by @bcoles implemented, randomized MAC 2018-10-09 14:02:56 +06:30
Pedro Ribeiro 9bbd90f978 Style fixes and add full disc URL 2018-10-09 13:38:13 +07:00
Imran E. Dawoodjee 78624b7020 Updated documentation and fixed the code (mostly). 2018-10-09 10:52:06 +06:30
Imran E. Dawoodjee 0fe989b42f Code streamlining. 2018-10-08 21:12:27 +06:30
Imran E. Dawoodjee 4cc2c22026 Used a command stager, improved upon vulnerability detection and 
generally attempted to streamline most of the code. Hardcoded one
vulnerable URI since it's the most likely to be present in all versions
of the vulnerable firmwares.
 2018-10-08 20:51:58 +06:30
Imran E. Dawoodjee b552b803bb Still working on the HTTP stager. 2018-10-08 15:18:47 +06:30
Imran E. Dawoodjee fcb0b90d7a Fixed numbering in the documentation steps, offed some whitespace, 
streamlined the send_request_cgi, removed the conn_check.
 2018-10-08 15:04:32 +06:30
Pedro Ribeiro 22d0325d33 Add placeholder for full disclosure URL 2018-10-08 12:33:36 +07:00
Pedro Ribeiro 743a72dff6 Remove header from my own repo 2018-10-08 12:17:11 +07:00
Pedro Ribeiro f0443bbb57 Create cisco prime exploit 2018-10-08 12:16:24 +07:00
Imran E. Dawoodjee 3340cf529c Fixed duplicate output for check. 2018-10-08 11:19:24 +06:30
Imran E. Dawoodjee 272f26640b Added module for CVE-2016-1555 (netgear_unauth_exec) 
and its corresponding wordlist file (netgear_boardData_paths.txt).
 2018-10-08 10:22:59 +06:30
Brent Cook e2f97c75a0 Land #10616, update Unitrends UEB module to support vulnerabilities in version 10 2018-10-05 16:20:38 -05:00
William Vu 7bc98e0ea8 Fix formatting and convert a missed AKA reference 2018-10-05 03:22:08 -05:00
William Vu ee06ec2fda Background a subshell to continue execution 
This provides a more stable injection. I should have tested this sooner.
 2018-09-27 23:51:42 -05:00
William Vu 0dab5b622f Change default target to cmd/unix 2018-09-27 23:39:32 -05:00
William Vu e999b4d81c Lower rank to AverageRanking 2018-09-27 23:28:13 -05:00
William Vu 7a2d0acee6 Add basic check method and move rand_srv 
The .srv can be random each request.
 2018-09-27 23:28:13 -05:00
William Vu d29d936d6f Bump WfsDelay to 10 for this slow-ass device 2018-09-27 23:28:13 -05:00
Brent Cook 6126a627cc Land #10570, AKA Metadata Refactor 2018-09-17 22:29:20 -05:00
William Vu 4c036e70c1 Fix http://seclists.org links to https:// 
I have no idea how this happened in my own code. I was seeing https://.
 2018-09-15 18:54:45 -05:00
h00die 354803185c fix msftidy warning 2018-09-11 05:24:01 -04:00
h00die d8f2d08058 finish up docs and 10 exploit 2018-09-10 21:08:30 -04:00
h00die 589fb4bf3b first try at ueb mix 2018-09-09 22:41:01 -04:00
Erin Bleiweiss eb17d9b198 Refactor AKA references for modules 2018-08-31 16:56:05 -05:00
Christian Mehlmauer a66556b436 fix msftidy errors 2018-08-28 13:12:43 +02:00
William Vu 6df235062b Land #10505, post-auth and default creds info 2018-08-24 18:08:15 -05:00
William Vu 7e496ae067 Import target DefaultOptions into the datastore 2018-08-16 12:18:02 -05:00
Wei Chen d9fc99ec4a Correct false negative post_auth? status 2018-08-09 23:34:03 -05:00
Green-m d2c53e1c88 Update the check method. 2018-08-03 01:39:37 -04:00
William Vu 4eef9e64ea Implement dropper target in axis_srv_parhand_rce 2018-07-31 21:43:29 -05:00
Wei Chen bcfb3d099b Land #10255, Adding Micro Focus Secure Messaging Gateway RCE 2018-07-30 21:07:02 -05:00
Mehmet İnce 48a903f0b3 Fixing r and sql variables use same object issue 2018-07-31 00:57:32 +03:00
Wei Chen 6c2e8f2402 Land #10300, Add root exploit for Axis network cameras 2018-07-25 14:46:04 -05:00
Wei Chen f169afff6a Add documentation and a new reference 2018-07-25 14:44:44 -05:00
William Vu 60faddebbf Update authors with sinn3r 2018-07-25 14:35:09 -05:00
William Vu efacaef9df Clamp compatible payloads until we know better 2018-07-25 14:14:15 -05:00
William Vu 86d634cb64 Update module for MVP 2018-07-25 12:01:36 -05:00
Jacob Robles 6e450973b9 Land #10295, Add QNAP Q'Center change_passwd Command Execution exploit 2018-07-14 10:09:46 -05:00