adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
38,881 Commits 27 Branches 1,043 Tags
ce8317294f645f4382fa0d2a30c04965b1f256d8
Commit Graph

1109 Commits

Author SHA1 Message Date
benpturner ce8317294f New module to exploit the OpenNMS Java Object Unserialization RCE vulnerability. This now gets flagged inside Nessus and there was no Metasploit module to exploit this. 
This module exploits the vulnerability to a full session.
 2016-07-11 22:22:32 -05:00
William Webb 52c6daa0f2 Land #7048, Riverbed SteelCentral NetProfiler and NetExpress Remote 
Command Injection
 2016-07-10 18:54:12 -05:00
Francesco b75084249a Removed duplicate 'Privileged' key 2016-07-10 01:37:03 -04:00
sho-luv 25f49c0091 Fixed Description 
Just cleaned up Description.
 2016-07-08 16:17:39 -07:00
Francesco 4ed12d7077 Added: support for credentials saving using report_cred method as suggested 
Added: support for detection of valid user credentials to skip login SQLi if not necessary.
 2016-07-02 01:41:13 -04:00
William Vu 9663f88fdc Download profile.zip instead of including it 
profile.zip is GPL-licensed...
 2016-07-01 01:17:23 -05:00
Francesco 068a4007de Riverbed SteelCentral NetProfiler & NetExpress Exploit Module 
Changes to be committed:
    new file:   modules/exploits/linux/http/riverbed_netprofiler_netexpress_exec.rb
 2016-06-29 22:27:40 -04:00
William Vu 68bd4e2375 Fire and forget the shell 
Edge case where reverse_perl returns 302 when app is unconfigured.
 2016-06-29 14:51:05 -05:00
William Vu 5f08591fef Add Nagios XI exploit 2016-06-27 15:17:18 -05:00
wchen-r7 de5152401a Land #6992, Add tiki calendar exec exploit 2016-06-22 11:18:14 -05:00
wchen-r7 8697d3d6fb Update tiki_calendar_exec module and documentation 2016-06-22 11:17:45 -05:00
h00die 9cb57d78d7 updated check and docs that 14.2 may not be vuln 2016-06-21 16:48:09 -04:00
h00die 15a3d739c0 fix per wchen 2016-06-20 17:57:10 -04:00
h00die 6fe7698b13 follow redirect automatically 2016-06-19 20:24:54 -04:00
h00die 3f25c27e34 2 void-in fixes of 3 2016-06-19 14:35:27 -04:00
h00die ddfd015310 functionalized calendar call, updated docs 2016-06-19 08:53:22 -04:00
h00die 3feff7533b tiki calendar 2016-06-18 13:11:11 -04:00
Brendan Watters 9ea0b8f944 Land #6934, Adds exploit for op5 configuration command execution 2016-06-16 14:36:10 -05:00
William Vu ea988eaa72 Add setsid to persist the shell 
Prevents the watchdog from killing our session.
 2016-06-16 11:31:35 -05:00
h00die cfb034fa95 fixes all previously identified issues 2016-06-15 20:58:04 -04:00
h00die 81fa068ef0 pulling out the get params 2016-06-15 12:27:31 -04:00
h00die 52db99bfae vars_post for post request 2016-06-15 07:24:41 -04:00
h00die 625d60b52a fix the other normalize_uri 2016-06-14 15:03:07 -04:00
h00die bd4dacdbc3 added Rank 2016-06-13 19:04:06 -04:00
h00die 72ed478b59 added exploit rank 2016-06-13 18:56:33 -04:00
h00die f63273b172 email change 2016-06-11 21:05:34 -04:00
William Vu ec1248d7af Convert to CmdStager 2016-06-10 20:42:01 -05:00
William Vu 46239d5b0d Add Apache Continuum exploit 2016-06-09 22:35:38 -05:00
h00die d63dc5845e wvu-r7 comment fixes 2016-06-09 21:52:21 -04:00
William Vu 6da8c22171 Rename hash method to crypt 
To avoid a conflict with Object#hash in Pro.

MS-1636
 2016-06-09 15:21:40 -05:00
h00die 6f5edb08fe pull uri from datastore consistently 2016-06-08 20:28:36 -04:00
Brendan Watters c4aa99fdac Land #6925, ipfire proxy exec 2016-06-07 10:24:59 -05:00
Brendan Watters 7e84c808b2 Merge remote-tracking branch 'upstream/pr/6924' into dev 2016-06-07 09:24:25 -05:00
h00die c2699ef194 rubocop fixes 2016-06-03 17:43:11 -04:00
h00die 2f837d5d60 fixed EDB spelling 2016-06-03 17:17:36 -04:00
h00die 8d76bdb8af fixed EDB reference 2016-06-03 17:13:36 -04:00
Brendan Watters d7cd10f586 Suggested updates for style and clarity 2016-06-03 14:04:58 -05:00
Brendan Watters 91658d2a61 Changes per rubocop and sinn3r 2016-06-03 12:42:38 -05:00
h00die 68d647edf1 Merge branch 'master' of https://github.com/rapid7/metasploit-framework into op5 2016-06-01 18:05:18 -04:00
h00die 52d5028548 op5 config exec 2016-06-01 15:07:31 -04:00
h00die 8ce59ae330 travis fixes 2016-05-31 05:46:20 -04:00
h00die 057947d7e8 ipfire proxy exec 2016-05-30 10:24:17 -04:00
h00die 9b5e3010ef doc/module cleanup 2016-05-30 06:33:48 -04:00
h00die df55f9a57c first add of ipfire shellshock 2016-05-29 20:40:12 -04:00
William Vu 6581fbd294 Add note about "mf" malware 
This is the malware I found upon shelling my friend's device.
 2016-05-20 23:09:10 -05:00
William Vu a16f4b5167 Return nil properly in rescue 
Missed this because I copypasta'd myself.
 2016-05-19 15:35:38 -05:00
William Vu d018bba301 Store SSH key as a note 
I know, I know, it should use the creds model. >:[
 2016-05-19 15:12:58 -05:00
William Vu 9f738c3e41 Add note about overwritten files 2016-05-19 15:07:27 -05:00
William Vu 8fccb26446 Add Ubiquiti airOS exploit 
Thanks to my friend wolf359 for providing a test device!
 2016-05-19 14:50:20 -05:00
Nicholas Starke 4b23d2dc58 Adjusting exception handling 
This commit adjusts the error handling to close the socket before
calling fail_with and adds specific exceptions to catch
 2016-05-11 17:18:51 -05:00