adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,514 Commits 27 Branches 1,043 Tags
bf8a1fc706cdee342a91ccfc201aa0cdcf683d6b
Commit Graph

13818 Commits

Author SHA1 Message Date
Shelby Pace 5f0c9942d2 Land #12756, add dlink dwl2600 exploit 2020-03-27 12:38:35 -05:00
Shelby Pace 8aa4d7a944 remove mixins, add CVE 2020-03-27 12:37:40 -05:00
Nicholas Starke bb21c8f6d8 Finishing Touches on DLINK DWL 2600 Module 
These last finishing touches complete the DLINK DWL 2600 Module.  The
fixes include making renaming token to @token and adding the noconcat
CmdStager option.
 2020-03-26 20:13:55 -05:00
Shelby Pace dc9e215318 remove unused code / add option 2020-03-26 16:05:56 -05:00
Shelby Pace f191eb00c9 add command stager 2020-03-26 16:05:56 -05:00
Alan Foster 077d7af6a9 Land #13143, fix broken redis_unauth_exec check in msfconsole 2020-03-26 12:21:26 +00:00
bwatters-r7 beb53254c7 Land #13122, Add Exploit Module For CVE-2020-0646 (SharePoint Workflows XOML RCE) 
Merge branch 'land-13122' into upstream-master
 2020-03-25 11:24:15 -05:00
Adam Cammack 5ce4929834 Fix has_check? conflict in redis_unauth_exec 
Importing `Msf::Auxiliary::Scanner` at all will override the default
`has_check?` check and add a its own `check` method. This redefines
`has_check?` to allow usage of the Redis mixin while using an
exploit-style `check` method.

Fixes #13095
 2020-03-25 10:07:08 -05:00
Spencer McIntyre 54edd201e4 Cleanup cmdstager options 2020-03-24 17:14:47 -04:00
Spencer McIntyre a69f3eb946 Use the correct its instead of it's 2020-03-24 16:44:18 -04:00
tperry-r7 d32640d179 Land #13133 clean up module documentation 
Land #13133 clean up module documentation
 2020-03-24 12:29:27 -05:00
Spencer McIntyre a0cd00dac7 Cleanup module doc and comments for CVE-2020-0646 2020-03-24 10:15:58 -04:00
h00die 0b4c047411 doc cleanup 2020-03-24 08:47:21 -04:00
Spencer McIntyre 0832604131 Finish up the CVE-2020-0646 SharePoint RCE 2020-03-23 18:14:28 -04:00
Srikanth Suresh 005601f76e Changing from Remote to Local 
Using https://github.com/rapid7/metasploit-framework/issues/13116 as the reference
 2020-03-23 20:40:25 +03:00
Shelby Pace fd8ceb0db2 Land #13082, add Horde Groupware Webmail RCE 2020-03-23 07:32:53 -05:00
Shelby Pace 475c24361d randomize file name 2020-03-23 07:28:04 -05:00
Shelby Pace c6eebe4ca3 replace equality with include? 2020-03-20 21:19:29 -05:00
Spencer McIntyre 6c24ed4c96 Initial SharePoint WorkFlows XOML RCE module 2020-03-20 17:57:54 -04:00
Spencer McIntyre 5b2f744cd8 Land #13070, fix Cisco DCNM directory search regex 2020-03-19 13:17:27 -04:00
Andrea Cardaci 40d6dd14c4 Remove the check method 2020-03-18 20:29:49 +01:00
Andrea Cardaci 19e9848592 Remove trailing spaces 2020-03-17 19:06:57 +01:00
Andrea Cardaci bbb152a6d8 Update modules/exploits/multi/http/horde_csv_rce.rb 
Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-03-17 19:02:34 +01:00
Andrea Cardaci eccee07e8b Update modules/exploits/multi/http/horde_csv_rce.rb 
Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-03-17 19:02:07 +01:00
Andrea Cardaci a60652898f Update modules/exploits/multi/http/horde_csv_rce.rb 
Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-03-17 19:01:03 +01:00
Andrea Cardaci a4ff847170 Update modules/exploits/multi/http/horde_csv_rce.rb 
Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-03-17 18:57:06 +01:00
Shelby Pace 922f1ec708 Land #12901, add Centreon poller rce 2020-03-17 12:16:29 -05:00
Shelby Pace 2717683825 change message 2020-03-17 12:15:06 -05:00
Shelby Pace 98f4642c2d remove comments / check 2020-03-17 10:33:12 -05:00
Alan Foster 5d9d3926e4 Land #13066, add rConfig 3.9 RCE module 2020-03-16 11:18:59 +00:00
RAMELLA Sébastien 0efe53d869 fix somes code review comments. 2020-03-15 13:30:23 +04:00
Andrea Cardaci 126f5ca05d Add 'Horde CSV import arbitrary PHP code execution' (CVE-2020-8518) 2020-03-14 16:07:51 +01:00
William Vu ddefafab78 Revert "Patch serialVersionUID in the library" 
This reverts commit eaf8554e69.
 2020-03-13 17:36:40 -05:00
Spencer McIntyre 2a5c43302b Land #13071, add ManageEngine Desktop Central RCE 2020-03-13 15:20:57 -04:00
William Vu 02e2072a87 Update module traits after joint testing 2020-03-13 14:01:54 -05:00
William Vu eaf8554e69 Patch serialVersionUID in the library 2020-03-13 13:17:26 -05:00
William Vu c11be38e1c Default to certutil CmdStager 2020-03-13 12:38:07 -05:00
William Vu 03ff32210e Fix CmdStager target 2020-03-13 12:26:45 -05:00
William Vu 0806e9ef42 Add CmdStager target back in so we can debug it 2020-03-13 11:17:37 -05:00
William Vu 4f6720f962 Add TARGETURI back in 2020-03-13 11:05:14 -05:00
bwatters-r7 c21b90ea61 Land #13063, Add PSH-AmsiBypassURI option to allow persistent web_delivery 
Merge branch 'land-13063' into upstream-master
 2020-03-13 09:52:25 -05:00
dwelch-r7 b1225d4d72 Land #13062, Remove preceeding whitespace from module name 2020-03-13 13:08:50 +00:00
Viking ff2421163b Fix Travis-CI errors 2020-03-13 10:42:40 +01:00
Viking 5bbabd6f2a Add tips to description. 2020-03-13 10:03:27 +01:00
Viking 7874308fae Last typo fixes. No priv required on webapp. 2020-03-13 09:18:50 +01:00
Viking a8e881452b Add greetz to my colleagues who tested this module 2020-03-13 06:42:48 +01:00
William Vu 83387212a7 Update language to address different patches 2020-03-12 17:50:13 -05:00
William Vu 0b117849d0 Note specific patch versions 
Hat tip @sranjit-r7.
 2020-03-12 17:40:46 -05:00
William Vu a908ceb58a Add ManageEngine Desktop Central exploit 2020-03-12 17:36:53 -05:00
debifrank dfe70ca3fc Cisco DCNM Module upload directory location regex filter corrected to allow for paths such as C:\Cisco System\ 2020-03-12 17:08:33 -04:00