adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
52,386 Commits 27 Branches 1,043 Tags
cd1669f2b2dbfafe2fdf95f034be9c0cd3f4fc82
Commit Graph

26652 Commits

Author SHA1 Message Date
Brendan Coles cd1669f2b2 Use identify_hash for creds 2019-07-03 08:33:26 +00:00
Brendan Coles 9539408e33 Add support for retrieving xymonpasswd 2019-07-01 10:51:34 +00:00
Brendan Coles 1a7fb79cfc Add config retrieval 2019-06-30 04:03:17 +00:00
Brendan Coles a4da66fabe Add Xymon Daemon Gather Client Host Information module 2019-06-29 16:48:39 +00:00
William Vu 0a00f3851a Land #12007, true 0s timeout in send_request_* 2019-06-28 12:32:32 -05:00
William Vu 49176a3606 Land #11952, Supra Smart Cloud TV RFI module 2019-06-28 12:12:15 -05:00
William Vu baa17290e4 Adjust name :) 2019-06-28 12:08:27 -05:00
Dhiraj Mishra 09d6ae3458 Removing comments 
Thanks wvu-r7 for your support.
 2019-06-28 16:17:08 +05:30
William Vu d7a5eae146 Fix bug, adjust prints, and check body for "OK" 2019-06-28 04:12:57 -05:00
William Vu 7a26e1c257 Fix sshexec hanging on exec! and blocking close 2019-06-27 22:07:37 -05:00
James Barnett 2ed8e6db97 Deregister PASSWORD_SPRAY option for LoginScanner modules 2019-06-27 17:06:32 -05:00
William Vu 1503dcd168 Land #11997, SilentCleanup UAC bypass 2019-06-27 11:52:56 -05:00
William Vu 6f1aaac70e Add enigma0x3 and fix nyshone69 researchers 2019-06-27 11:38:34 -05:00
asoto-r7 26cd53efb6 Land #11977, AWS EC2, S3, and IAM Enumeration 2019-06-27 11:29:05 -05:00
William Vu 7b0aac72ec Fix missing is_in_admin_group? method 
This was missed in the refactor, since admin_group was removed.
 2019-06-27 11:16:49 -05:00
Jeff McJunkin 2927fd5dc8 Update bypassuac_sluihijack: Fix typo 2019-06-26 14:25:32 -07:00
asoto-r7 0c83e55b00 enum_iam: Update 'Console Login' output to accurately reflect Disabled status 2019-06-26 14:57:32 -05:00
William Vu 61f09d0538 Land #12017, xdebug_unauth_exec nil fix 2019-06-26 12:26:30 -05:00
William Vu cc3fd747aa Add Pen Test Partners reference 
Did we somehow miss this?
 2019-06-26 11:05:22 -05:00
Patrick Webster 8d6f36e05c Minor fix for xdebug_unauth_exec 
Avoid triggering error where res.headers may not exist.
 2019-06-27 01:00:49 +10:00
William Vu 933b5f0413 Tidy up send_request_cgi 2019-06-26 00:59:53 -05:00
William Vu 00530031fd Try not encoding the GET parameters 2019-06-26 00:55:23 -05:00
William Vu f3b509a1bc Implement on_request_uri 2019-06-25 23:47:19 -05:00
William Vu fe11eabe62 Merge remote-tracking branch 'upstream/master' into pr/11952 2019-06-25 23:47:06 -05:00
asoto-r7 84b6f05947 Fix 'bucket' typo 2019-06-25 16:35:44 -05:00
Wei Chen 685fb55179 Land #11987, Add Nagios XI 5.5.6 magpie_debug Root Exploit 2019-06-25 16:17:50 -05:00
Wei Chen 23dbc4d90d Change file name 2019-06-25 16:10:44 -05:00
Wei Chen e9fc9970ba Make names more random. Also, make metadata changes 2019-06-25 16:09:15 -05:00
William Vu 5c14aea1a0 Fix target_platform check (it's empty, not nil) 2019-06-25 12:56:36 -05:00
William Vu cf140f0840 Make SRVHOST the callback address 2019-06-25 12:43:04 -05:00
William Vu 44ad25ae34 Land #12008, struts2_content_type_ognl 302 fix 2019-06-25 00:40:58 -05:00
Carter Brainerd 5e8b076714 Final review changes 2019-06-25 07:21:08 +02:00
James Lee 303bfaa7eb Don't worry about response code 
I found one that returned a 302
 2019-06-24 13:53:31 -05:00
William Vu 7739e9f43e Update my modules 2019-06-24 13:38:14 -05:00
Jacob Robles 8be8aa603c Adjust logic 
Early return to reduce nesting ifs
 2019-06-24 12:43:26 -05:00
Jacob Robles 3d143f366c Remove LIMIT and adjust quotes 2019-06-24 12:40:01 -05:00
Carter Brainerd d2dc5f6077 Review changes 2019-06-22 00:18:44 -04:00
Carter Brainerd d90dba5d6e Hopefully final msftidy fixes 2019-06-20 17:03:38 -04:00
asoto-r7 358ff635dd Renamed modules per @wvu's offline suggestion 2019-06-20 15:08:30 -05:00
Carter Brainerd 1a877abe09 Msftidy was not happy 2019-06-20 14:50:56 -04:00
Carter Brainerd 534e2bc405 Make the darn thing work 2019-06-20 14:40:46 -04:00
Carter Brainerd fded7fb922 Create bypassuac_silentcleanup.rb 2019-06-20 13:53:54 -04:00
Wei Chen 8920152eca Add a ZDI reference for CVE-2019-5420 Rails exploit 2019-06-20 10:43:21 -05:00
Jeffrey Martin e1b982dfa9 Land #11993, Explicitly require 'rc4' in the BlueKeep scanner. 2019-06-19 14:42:01 -05:00
Wei Chen a93a520c3a Land #11960, Add LPE for Cisco Prime Infrastructure's runrshell exe 2019-06-19 10:49:17 -05:00
Wei Chen c637755ebd Land #11956 - Add Cisco Prime Infrastructure Health Monitor Tar RCE 2019-06-19 10:46:35 -05:00
Shelby Pace 4d7d807025 Land #11983, add Webmin package update rce 2019-06-19 08:35:01 -05:00
Shelby Pace ddf7eadeee modified version check 2019-06-19 08:31:48 -05:00
Pearce Barry 3f0810502e Explicitly require 'rc4' in the BlueKeep scanner. 
Appears to still operate as-expected:

	msf5 > use auxiliary/scanner/rdp/cve_2019_0708_bluekeep
	msf5 auxiliary(scanner/rdp/cve_2019_0708_bluekeep) > set rhosts <target>
	rhosts => <target>
	msf5 auxiliary(scanner/rdp/cve_2019_0708_bluekeep) > run

	[+] <target>:3389      - The target is vulnerable.
	[*] <target>:3389 - Scanned 1 of 1 hosts (100% complete)
	[*] Auxiliary module execution completed

Fixes MS-4291.
 2019-06-19 08:27:04 -05:00
Jacob Robles efeb0a5f5c Land #11971, zip extraction from modbus pcap 2019-06-18 16:25:27 -05:00