adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
30,067 Commits 27 Branches 1,043 Tags
c96c8a03cfec3dbbb9f014e4aae019e9c4ede43d
Commit Graph

7627 Commits

Author SHA1 Message Date
James Lee 3e80efb5a8 Land #4521, Pandora FMS upload 2015-01-07 11:13:57 -06:00
James Lee 1ccef7dc3c Shorter timeout so we get shell sooner 
The request to execute our payload will never return, so waiting for the
default timeout (20 seconds) is pointless.
 2015-01-07 11:11:33 -06:00
James Lee efe83a4f31 Whitespace 2015-01-07 10:19:17 -06:00
rcnunez b3def856fd Applied changes recommended by jlee-r7 
used Rex::ConnectionError
refactor begin/rescue blocks
removed ::URI::InvalidURIError
changed @peer with peer
used Exploit::CheckCode:Appears instead of Exploit::CheckCode::Vulnerable
 2015-01-07 18:38:19 +08:00
sinn3r 2ed05869b8 Make Msf::Exploit::PDF follow the Ruby method naming convention 
Just changing method names.

It will actually also fix #4520
 2015-01-06 12:42:06 -06:00
William Vu f2710f6ba7 Land #4443, BulletProof FTP client exploit 2015-01-06 02:10:42 -06:00
William Vu 482cfb8d59 Clean up some stuff 2015-01-06 02:10:25 -06:00
sinn3r 44dfa746eb Resolve #4513 - Change #inspect to #to_s 
Resolve #4513
 2015-01-05 11:50:51 -06:00
rcnunez 547b7f2752 Syntax and File Upload BugFix 
Fix unexpected ) in line 118
Fix file cleanup missing _
Fix more robust version check script
Fix file upload
 2015-01-05 19:23:22 +08:00
sinn3r d45cdd61aa Resolve #4507 - respond_to? + send = evil 
Since Ruby 2.1, the respond_to? method is more strict because it does
not check protected methods. So when you use send(), clearly you're
ignoring this type of access control. The patch is meant to preserve
this behavior to avoid potential breakage.

Resolve #4507
 2015-01-02 13:29:17 -06:00
Tod Beardsley c1718fa490 Land #4440, git client exploit from @jhart-r7 
Also fixes #4435 and makes progress against #4445.
 2015-01-01 13:18:43 -06:00
Tod Beardsley d7564f47cc Move Mercurial option to advanced, update ref url 
See #4440
 2015-01-01 13:08:36 -06:00
Tod Beardsley 914c724abe Rename module 
See rapid7#4440
 2015-01-01 13:03:17 -06:00
Jon Hart 65977c9762 Add some more useful URLs 2014-12-31 10:54:04 -08:00
Tod Beardsley 264d3f9faa Minor grammar fixes on modules 2014-12-31 11:45:14 -06:00
Spencer McIntyre 6d966dbbcf Land #4203, @jvazquez-r7's cleanup for java_rmi_server 2014-12-31 11:25:19 -05:00
sinn3r 48919eadb6 Land #4444 - i-FTP BoF 2014-12-30 12:38:28 -06:00
Christian Mehlmauer 96fe693c54 update drupal regex 2014-12-30 09:12:39 +01:00
jvazquez-r7 655cfdd416 Land #4321, @wchen-r7's fixes #4246 ms01_026_dbldecode undef method 2014-12-26 12:48:29 -06:00
Jon Hart 51049152b6 Use Rex::Text.rand_mail_address for more realistic fake commit 2014-12-26 10:39:52 -08:00
jvazquez-r7 c1b0385a4b Land #4460, @Meatballs1's ssl cert validation bypass on powershell web delivery 2014-12-26 12:07:45 -06:00
jvazquez-r7 2bed52dcd5 Land #4459, @bcoles's ProjectSend Arbitrary File Upload module 2014-12-26 11:28:42 -06:00
jvazquez-r7 b5b0be9001 Do minor cleanup 2014-12-26 11:24:02 -06:00
jvazquez-r7 121c0406e9 Beautify restart_command creation 2014-12-24 15:52:15 -06:00
jvazquez-r7 43ec8871bc Do minor c code cleanup 2014-12-24 15:45:38 -06:00
jvazquez-r7 92113a61ce Check payload 2014-12-24 15:43:49 -06:00
jvazquez-r7 36ac0e6279 Clean get_restart_commands 2014-12-24 14:55:18 -06:00
jvazquez-r7 92b3505119 Clean exploit method 2014-12-24 14:49:19 -06:00
jvazquez-r7 9c4d892f5e Use single quotes when possible 2014-12-24 14:37:39 -06:00
jvazquez-r7 bbbb917728 Do style cleaning on metadata 2014-12-24 14:35:35 -06:00
jvazquez-r7 af24e03879 Update from upstream 2014-12-24 14:25:25 -06:00
Gabor Seljan 0b85a81b01 Use REXML to generate exploit file 2014-12-24 19:23:28 +01:00
Jon Hart a692656ab7 Update comments to reflect reality, minor cleanup 2014-12-23 19:09:45 -08:00
jvazquez-r7 ebb05a64ea Land #4357, @Meatballs1 Kerberos Support for current_user_psexec 2014-12-23 20:38:31 -06:00
Jon Hart 59f75709ea Print out malicious URLs that will be used by default 2014-12-23 10:10:31 -08:00
Jon Hart 905f483915 Remove unused and commented URIPATH 2014-12-23 09:40:27 -08:00
Jon Hart 8e57688f04 Use random URIs by default, different method for enabling/disabling Git/Mercurial 2014-12-23 09:39:39 -08:00
Jon Hart bd3dc8a5e7 Use fail_with rather than fail 2014-12-23 08:20:03 -08:00
Jon Hart 015b96a24a Add back perl and bash related payloads since Windows git will have these and OS X should 2014-12-23 08:13:00 -08:00
Meatballs 16302f752e Enable generic command 2014-12-23 14:22:26 +00:00
Meatballs a3b0b9de62 Configure module to target bash by default 2014-12-23 14:19:51 +00:00
Meatballs 313d6cc2f8 Add super call 2014-12-23 14:12:47 +00:00
Meatballs 43221d4cb0 Remove redundant debugging stuff 2014-12-23 14:09:12 +00:00
Meatballs 42a10d6d50 Add Powershell target 2014-12-23 14:07:57 +00:00
Meatballs 40c1fb814e one line if statement 2014-12-23 11:20:24 +00:00
Meatballs b41e259252 Move it to a common method 2014-12-23 11:16:07 +00:00
Brendan Coles 5c82b8a827 Add ProjectSend Arbitrary File Upload module 2014-12-23 10:53:03 +00:00
Jon Hart abec7c206b Update description to describe current limitations 2014-12-22 20:32:45 -08:00
Jon Hart 1505588bf6 Rename the file to reflect what it really is 2014-12-22 20:27:40 -08:00
Jon Hart ff440ed5a4 Describe vulns in more detail, add more URLs 2014-12-22 20:20:48 -08:00