adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
30,067 Commits 27 Branches 1,043 Tags
c96c8a03cfec3dbbb9f014e4aae019e9c4ede43d
Commit Graph

15727 Commits

Author SHA1 Message Date
James Lee 3e80efb5a8 Land #4521, Pandora FMS upload 2015-01-07 11:13:57 -06:00
James Lee 1ccef7dc3c Shorter timeout so we get shell sooner 
The request to execute our payload will never return, so waiting for the
default timeout (20 seconds) is pointless.
 2015-01-07 11:11:33 -06:00
James Lee efe83a4f31 Whitespace 2015-01-07 10:19:17 -06:00
rcnunez b3def856fd Applied changes recommended by jlee-r7 
used Rex::ConnectionError
refactor begin/rescue blocks
removed ::URI::InvalidURIError
changed @peer with peer
used Exploit::CheckCode:Appears instead of Exploit::CheckCode::Vulnerable
 2015-01-07 18:38:19 +08:00
sinn3r 2ed05869b8 Make Msf::Exploit::PDF follow the Ruby method naming convention 
Just changing method names.

It will actually also fix #4520
 2015-01-06 12:42:06 -06:00
William Vu 0bece137c1 Land #4494, Object.class.to_s fix 2015-01-06 02:27:35 -06:00
William Vu f2710f6ba7 Land #4443, BulletProof FTP client exploit 2015-01-06 02:10:42 -06:00
William Vu 482cfb8d59 Clean up some stuff 2015-01-06 02:10:25 -06:00
William Vu 46aa165ca5 Land #4481, enum_users_history improvements 2015-01-06 01:52:38 -06:00
William Vu 745bfb2f35 Clean things up 2015-01-06 01:48:18 -06:00
sinn3r 44dfa746eb Resolve #4513 - Change #inspect to #to_s 
Resolve #4513
 2015-01-05 11:50:51 -06:00
sinn3r 4257fef91b Land #4101 - Konica MFP FTP and SMB credential gathering module 2015-01-05 10:31:28 -06:00
rcnunez 547b7f2752 Syntax and File Upload BugFix 
Fix unexpected ) in line 118
Fix file cleanup missing _
Fix more robust version check script
Fix file upload
 2015-01-05 19:23:22 +08:00
jvazquez-r7 e7affb9048 Land #4493, @pedrib's module for ManageEngine Central Desktop create admin 2015-01-04 23:46:31 -06:00
jvazquez-r7 c5e72fb324 Change module filename 2015-01-04 23:14:12 -06:00
jvazquez-r7 4798f2328d Change module filename 2015-01-04 23:13:17 -06:00
jvazquez-r7 6bb3171328 Do minor cleanup 2015-01-04 23:12:42 -06:00
jvazquez-r7 711b97ecc5 Beautify metadata 2015-01-04 23:08:46 -06:00
Pedro Ribeiro 32d4bf03c3 Add OSVDB id and full disclosure URL 2015-01-04 12:36:51 +00:00
sinn3r d45cdd61aa Resolve #4507 - respond_to? + send = evil 
Since Ruby 2.1, the respond_to? method is more strict because it does
not check protected methods. So when you use send(), clearly you're
ignoring this type of access control. The patch is meant to preserve
this behavior to avoid potential breakage.

Resolve #4507
 2015-01-02 13:29:17 -06:00
Tod Beardsley c1718fa490 Land #4440, git client exploit from @jhart-r7 
Also fixes #4435 and makes progress against #4445.
 2015-01-01 13:18:43 -06:00
Tod Beardsley d7564f47cc Move Mercurial option to advanced, update ref url 
See #4440
 2015-01-01 13:08:36 -06:00
Tod Beardsley 914c724abe Rename module 
See rapid7#4440
 2015-01-01 13:03:17 -06:00
Jon Hart 65977c9762 Add some more useful URLs 2014-12-31 10:54:04 -08:00
Tod Beardsley 264d3f9faa Minor grammar fixes on modules 2014-12-31 11:45:14 -06:00
Spencer McIntyre 6d966dbbcf Land #4203, @jvazquez-r7's cleanup for java_rmi_server 2014-12-31 11:25:19 -05:00
Christian Mehlmauer 4f11dc009a fixes #4490, class.to_s should not be used for checks 2014-12-31 10:46:24 +01:00
Pedro Ribeiro e81e68bdaf Create me_dc9_admin.rb 2014-12-31 02:02:52 +00:00
Brendan Coles cc75c33d60 Use user home directories 
Replace hard-coded '/home/' and '/root/' with `~username` shorthand.
 2014-12-31 09:12:35 +11:00
Brendan Coles 013e45e83d Add support for MongoDB history 2014-12-31 08:38:58 +11:00
Brendan Coles d2e6f90569 Use a list of users 2014-12-31 08:12:16 +11:00
sinn3r 48919eadb6 Land #4444 - i-FTP BoF 2014-12-30 12:38:28 -06:00
William Vu 4fd4d51d78 Land #4485, Drupageddon greedy regex fix 2014-12-30 10:16:57 -06:00
Christian Mehlmauer 96fe693c54 update drupal regex 2014-12-30 09:12:39 +01:00
sinn3r 555713b6ae Land #4456 - MS14-068, Kerberos Checksum (plus krb protocol support) 2014-12-29 16:09:28 -06:00
sinn3r f2130311fa Add the MSF blog reference 2014-12-29 16:08:35 -06:00
Brendan Coles 897e993971 Update description 2014-12-30 08:05:53 +11:00
Brendan Coles 8719a36d84 DRY status messages 2014-12-30 08:03:40 +11:00
Brendan Coles 0de80e9c76 Minor changes to style 2014-12-30 07:58:54 +11:00
Brendan Coles 0085bcf075 Use blank?' instead of nil?' 2014-12-30 07:38:34 +11:00
Brendan Coles a50ac4050c Add support for PostgreSQL history 2014-12-30 07:33:22 +11:00
Brendan Coles 4ebe0fc0a8 Add support for different shells 2014-12-30 07:26:12 +11:00
Tod Beardsley 1dd9d60e34 Land #4461, Android cookie database theft 
`
Thanks @jvennix-r7!
 2014-12-29 08:15:21 -06:00
Tod Beardsley d10222365b Add Rafay's blog as a reference 2014-12-29 08:12:19 -06:00
Tod Beardsley 1236684954 Use get_uri instead, note lack of Rex::Text method 
See rapid7#4461
 2014-12-28 15:06:34 -06:00
Tod Beardsley 788e315fd4 Fix msftidy warnings 2014-12-28 14:53:29 -06:00
Borja Merino 9791acd0bf Add stager ipknock shellcode (PR 2) 2014-12-27 22:03:45 +01:00
jvazquez-r7 655cfdd416 Land #4321, @wchen-r7's fixes #4246 ms01_026_dbldecode undef method 2014-12-26 12:48:29 -06:00
Jon Hart 51049152b6 Use Rex::Text.rand_mail_address for more realistic fake commit 2014-12-26 10:39:52 -08:00
jvazquez-r7 c1b0385a4b Land #4460, @Meatballs1's ssl cert validation bypass on powershell web delivery 2014-12-26 12:07:45 -06:00