adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
52,980 Commits 27 Branches 1,043 Tags
cc9a2a16683ca180cbab08c01ffbfd2fe8cdf032
Commit Graph

1856 Commits

Author SHA1 Message Date
William Vu 32334c2386 Update all module splats from http:// to https:// 2019-08-15 18:10:44 -05:00
Adam Cammack e11de696d4 Make msftidy happy 2019-08-02 11:17:41 -05:00
Adam Cammack cf9b94a964 Set needs_cleanup flag for exploits that need it 
The `needs_cleanup` flag needs to be set per-module when an exploit
needs an interactive session to clean up. Some `FileDropper` exploits
need additional cleanup to what the mixin provides, but since all
`FileDropper`s already mark themselves as needing cleanup those are not
covered here. A few of these could potentially be refactored to use the
original exploitation method to clean up or to compile the list of
files/commands to clean up ahead of time, but that is out of the scope
of this fix.
 2019-08-02 10:23:53 -05:00
Adam Cammack 5e64f8560a Fix whitespace 2019-08-02 10:23:41 -05:00
Wei Chen 967b2a018f Land #12010, Add exploit module for wp-database-backup Wordpress plugin 2019-07-23 12:21:23 -05:00
Wei Chen ca664512ce Minor corrections in check and a unsed return value 2019-07-23 12:20:14 -05:00
William Vu c917ec70d1 Fix missing split in struts2_rest_xstream 2019-07-10 11:15:36 -05:00
William Vu e6300bfd63 Fix cmd_psh_payload requiring an arch string 
We may want to update Rex::Powershell to take the first in an array.
 2019-07-09 17:43:23 -05:00
Shelby Pace 258f631f84 remove echo cmdstagerflavor 2019-06-26 13:56:13 -05:00
Shelby Pace 2f29c914ab add changes, remove db backup delete code 2019-06-26 13:48:14 -05:00
William Vu 5c14aea1a0 Fix target_platform check (it's empty, not nil) 2019-06-25 12:56:36 -05:00
William Vu cf140f0840 Make SRVHOST the callback address 2019-06-25 12:43:04 -05:00
Shelby Pace 2af76c1997 add documentation and finished module 2019-06-25 11:21:15 -05:00
William Vu 44ad25ae34 Land #12008, struts2_content_type_ognl 302 fix 2019-06-25 00:40:58 -05:00
James Lee 303bfaa7eb Don't worry about response code 
I found one that returned a 302
 2019-06-24 13:53:31 -05:00
Shelby Pace 54aff89563 add requests to create, remove, clean db backups 2019-06-21 16:00:56 -05:00
Shelby Pace e43fc2d921 added skeleton, check method 2019-06-20 14:05:41 -05:00
Wei Chen 8920152eca Add a ZDI reference for CVE-2019-5420 Rails exploit 2019-06-20 10:43:21 -05:00
William Vu a0c6035380 Prefer initial slash in normalize_uri 
I missed the indirect call in check. This decides on a style.

If a URI part contains a slash, we begin with a slash.
 2019-05-30 00:08:17 -05:00
William Vu 0b4cc5b547 Update go_go_gadget2 2019-05-22 15:03:44 -05:00
William Vu 6d004862e4 Update go_go_gadget1 2019-05-22 15:03:44 -05:00
William Vu be89a4d9c5 Update exploit method 2019-05-22 15:03:05 -05:00
William Vu f70b3d13a0 Update metadata 2019-05-22 15:03:05 -05:00
bwatters-r7 966582a10c Land #11833, moodle_cmd_exec nil check 
Merge branch 'land-11833' into upstream-master
 2019-05-20 13:08:11 -05:00
William Vu 0328814241 Indent ternary statement in struts2_rest_xstream 2019-05-20 12:35:52 -05:00
Wei Chen ad08c4e56b Land #11828, Add CVE-2017-18357: Shopware Object Instantiation 2019-05-17 18:22:48 -05:00
Wei Chen 9b46e7a347 Normalize PHP payload path 2019-05-17 18:20:59 -05:00
Shelby Pace 6210a28f32 added checks to at, changed some uris 2019-05-15 15:40:27 -05:00
stevenseeley 1df703b85f added some vprint_error calls in the check 2019-05-13 17:36:06 -05:00
stevenseeley e8fec2a77b don't override the check method 2019-05-12 20:08:52 -05:00
h00die 74fbcaf908 moodle_cmd_exec nil check 2019-05-10 14:02:01 -04:00
stevenseeley bca160f4c4 final commit: fixed check method to not print as suggested by @bcoles 2019-05-10 09:45:21 -05:00
stevenseeley 6427cb31bf fixed regex a lil 2019-05-09 22:53:39 -05:00
stevenseeley 5ff8394df0 @bcoles is a purist :p 2019-05-09 22:21:26 -05:00
stevenseeley 7953f85c16 updated error message to be NoAccess 2019-05-09 21:29:48 -05:00
stevenseeley a700fcec5d changed regex as suggested by @bcoles 2019-05-09 21:18:14 -05:00
stevenseeley e769ae5c90 fixed some error conditions, changed regex as suggested by @bcoles 2019-05-09 21:14:54 -05:00
stevenseeley 2ff1adb1be fixed timing of exec 2019-05-09 20:58:14 -05:00
stevenseeley 6ffd1d5e95 updated module to address @bcoles's comments 2019-05-09 20:53:49 -05:00
stevenseeley 65c3163518 updated module credits with original discoverer 2019-05-09 17:35:47 -05:00
stevenseeley ba2baa7652 updated module randomization a little more 2019-05-09 16:14:35 -05:00
stevenseeley 2649fa0d65 added a new line at the end 2019-05-09 15:35:00 -05:00
stevenseeley 9b200840a4 added module for CVE-2017-18357 2019-05-09 15:19:01 -05:00
stevenseeley aaa0dd2532 added module for CVE-2017-18357 2019-05-09 15:17:43 -05:00
stevenseeley 89e3a07518 added module for CVE-2017-18357 2019-05-09 15:08:33 -05:00
Cha0s bd349b8a23 Removed Spaces EOL 2019-05-04 23:24:20 -05:00
Cha0s 4bf0adeade Module corrections 
Corrections in: author metadata, references, removing handler, removing unused  code branch and vulnerable variable, improve module description
 2019-05-04 23:11:40 -05:00
Waqas Ali 48b7f7c904 Update (removed parenthesis) modules/exploits/multi/http/getsimplecms_unauth_code_exec.rb 
(removed parenthesis)

Co-Authored-By: truerandom <masterofdisaster@ciencias.unam.mx>
 2019-05-02 02:03:54 -05:00
Waqas Ali 75c78b761e Update (removed parenthesis) modules/exploits/multi/http/getsimplecms_unauth_code_exec.rb 
(removed parenthesis)

Co-Authored-By: truerandom <masterofdisaster@ciencias.unam.mx>
 2019-05-02 02:03:46 -05:00
Waqas Ali 3a7ebbdc3d Update (removed parenthesis) modules/exploits/multi/http/getsimplecms_unauth_code_exec.rb 
(removed parenthesis)

Co-Authored-By: truerandom <masterofdisaster@ciencias.unam.mx>
 2019-05-02 02:03:26 -05:00