adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
33,725 Commits 27 Branches 1,043 Tags
c64f025c4eb8ec71cf2d5d04ff56379d400a362f
Commit Graph

8380 Commits

Author SHA1 Message Date
James Lee d03ee5667b Remove assigned but unused local vars 2015-06-01 16:45:36 -05:00
James Lee 7133f0a68e Fix typo in author's name 2015-06-01 16:45:09 -05:00
m-1-k-3 c8123c147f upnp vs hnap 2015-05-05 20:57:05 +02:00
Christian Mehlmauer 73f7885eea add comment 2015-05-29 23:08:55 +02:00
jvazquez-r7 1be04a9e7e Land #5182, @m-1-k-3's exploit for Dlink UPnP SOAP-Header Injection 2015-05-29 14:49:09 -05:00
jvazquez-r7 8b2e49eabc Do code cleanup 2015-05-29 14:45:47 -05:00
jvazquez-r7 8c7d41c50c Land #5426, @wchen-r7's adds more restriction on Windows 7 target for MS14-064 2015-05-29 14:35:44 -05:00
wchen-r7 c3fa52f443 Update description 2015-05-29 13:47:20 -05:00
jvazquez-r7 9ccf04a63b Land #5420, @m-1-k-3's miniigd command injection module (ZDI-15-155) 2015-05-29 13:29:03 -05:00
jvazquez-r7 9ebd6e5d6e Use REXML 2015-05-29 13:27:19 -05:00
jvazquez-r7 294fa78c1f Land #5430, @m-1-k-3's adding specific endianess Arch to some exploits 2015-05-29 11:43:25 -05:00
jvazquez-r7 dd39d196f5 Land #5226, @m-1-k-3's Airties login Buffer Overflow exploit 2015-05-29 10:51:32 -05:00
jvazquez-r7 952f391fb4 Do minor code cleanup 2015-05-29 10:49:51 -05:00
wchen-r7 2a260f0689 Update description 2015-05-28 15:18:05 -05:00
Michael Messner 666b0bc34a MIPSBE vs MIPS 2015-05-28 18:50:48 +02:00
jvazquez-r7 e9714bfc82 Solve conflics 2015-05-27 23:22:00 -05:00
Spencer McIntyre 24b4dacec5 Land #5408, @g0tmi1k fixes verbiage and whitespace 2015-05-27 21:02:02 -04:00
wchen-r7 bcdae5fa1a Forgot to add the datastore option 2015-05-27 18:12:38 -05:00
wchen-r7 4f0e908c8b Never mind, Vista doesn't have powershell. 2015-05-27 18:08:58 -05:00
wchen-r7 d43706b65e It doesn't look like Vista shows the powershell prompt 2015-05-27 18:04:35 -05:00
wchen-r7 53774fed56 Be more strict with Win 7 for MS14-064 
The Powershell prompt can cause BAP to hang so we need to be more
strict about that.
 2015-05-27 18:01:40 -05:00
jvazquez-r7 e5d42850c1 Add support for Linux to CVE-2015-0336 2015-05-27 17:05:10 -05:00
Tod Beardsley 95b5ff6bea Minor fixups on recent modules. 
Edited modules/auxiliary/admin/http/netgear_soap_password_extractor.rb
first landed in #5301, @m-1-k-3's aux module to extract passwords from
Netgear soap interfaces

Edited modules/auxiliary/scanner/http/influxdb_enum.rb first landed in

Edited modules/auxiliary/scanner/http/title.rb first landed in #5333,
HTML Title Grabber

Edited modules/exploits/multi/browser/adobe_flash_uncompress_zlib_uaf.rb
first landed in #5401, multi-platform CVE-2015-0311 - Flash uncompress()
UAF

Edited modules/exploits/unix/webapp/wp_revslider_upload_execute.rb first
landed in #5290, Wordpress RevSlider Module
 2015-05-26 17:00:10 -05:00
Michael Messner 43f505b462 fix contact details 2015-05-25 19:31:50 +02:00
jvazquez-r7 f953dc08d9 Land #5280, @m-1-k-3's support for Airties devices to miniupnpd_soap_bof 2015-05-24 15:17:38 -05:00
Michael Messner 10baf1ebb6 echo stager 2015-05-23 15:50:35 +02:00
jvazquez-r7 5bceeb4f27 Land #5349, @h0ng10's module for CVE-2015-2219 Lenovo System Update Local Privilege Escalation 2015-05-22 17:14:20 -05:00
wchen-r7 eb5aadfb4e Land #5401, multi-platform CVE-2015-0311 - Flash uncompress() UAF 2015-05-22 16:50:13 -05:00
jvazquez-r7 3aa1ffb4f5 Do minor code cleanup 2015-05-22 16:20:36 -05:00
jvazquez-r7 03b70e3714 Land #5388, @wchen-r7's fixes #5373 by add info to BrowserRequiements 2015-05-22 10:21:59 -05:00
jvazquez-r7 6da94b1dd5 Deprecate windows module 2015-05-21 15:01:41 -05:00
jvazquez-r7 b9f9647ab1 Use all the BES power 2015-05-21 14:06:41 -05:00
jvazquez-r7 aa919da84d Add the multiplatform exploit 2015-05-20 18:57:59 -05:00
wchen-r7 2cadd5e658 Resolve #5373, Add ActiveX info in BrowserRequirements 
Resolve #5373
 2015-05-20 16:34:09 -05:00
OJ 44f8cf4124 Add more size to stagers, adjust psexec payloads 
This psexec payload size should be evaluated to make sure I'm not doing
anything stupid. i can't see a reason why increasing these sizes would
be bad. They seem to work fine.
 2015-05-20 17:07:56 +10:00
OJ a93565b5d1 Add 'Payload' section with 'Size' to psexec_psh 
This missing parameter was causing the payload 'Size' to come through to
the encoders as `nil`. This meant that all the stagers that were
looking at the payload sizes were being told there was no size. In the
case of the meterpreter payloads, this was causing issues with the proxy
settings because the proxy configuration detail isn't added to the
payload unless there's enough space.

This fix adds a default size of 2048 (the same as the plain psexec
module). This makes the proxy settings work as expected.
 2015-05-19 22:11:29 +10:00
Hans-Martin Münch (h0ng10) d99eedb1e4 Adding begin...ensure block 2015-05-17 20:48:11 +02:00
Hans-Martin Münch (h0ng10) acb053a2a7 CloseHandle cleanup 2015-05-17 20:39:10 +02:00
jvazquez-r7 2882374582 Land #5276, @lanjelot fixes #4243 and improves java_jdwp_debugger 2015-05-15 11:12:10 -05:00
jvazquez-r7 a46975f1f0 Fix read_reply to use get_once correctly 2015-05-15 11:11:25 -05:00
Hans-Martin Münch (h0ng10) e075495a5b string concatenation, clear \ handling 2015-05-15 06:51:42 +02:00
Hans-Martin Münch (h0ng10) 94d39c5c75 remove hard coded pipe name 2015-05-15 06:35:55 +02:00
Hans-Martin Münch (h0ng10) bb4f5da6d9 replace client.sys.config.getenv with get_env 2015-05-15 06:33:57 +02:00
Hans-Martin Münch (h0ng10) bba261a1cf Initial version 2015-05-15 00:36:03 +02:00
William Vu eeb87a3489 Polish up module 2015-05-09 14:33:41 -05:00
HD Moore fe907dfe98 Fix the disclosure date 2015-05-09 10:44:28 -05:00
jvazquez-r7 cb51bcc776 Land #5147, @lightsey's exploit for CVE-2015-1592 MovableType deserialization 2015-05-09 01:56:38 -05:00
jvazquez-r7 89bc405c54 Do minor code cleanup 2015-05-09 01:54:05 -05:00
William Vu 71518ef613 Land #5303, metasploit-payloads Java binaries 2015-05-07 22:39:54 -05:00
William Vu 2f2169af90 Use single quotes consistently 2015-05-07 22:39:36 -05:00