adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
34,150 Commits 27 Branches 1,043 Tags
cf8bbbfa3db867b9d6fd3bcfaf03cada93d4eb13
Commit Graph

8467 Commits

Author SHA1 Message Date
William Vu 326bec0a1f Land #5581, s/shell_command_token/cmd_exec/ 2015-06-26 16:59:40 -05:00
jvazquez-r7 a10fa02b00 Land #5606, @wchen-r7's glassfish fixes 2015-06-26 14:12:50 -05:00
wchen-r7 3b5e2a0c6e Use TARGETURI 2015-06-26 14:02:17 -05:00
wchen-r7 b46e1be22f Land #5371, Add file checking to the on_new_session cleanup 2015-06-26 13:33:57 -05:00
Tod Beardsley 31eedbcfa0 Minor cleanups on recent modules 
Edited modules/auxiliary/scanner/http/ms15_034_http_sys_memory_dump.rb
first landed in #5577, MS15-034 HTTP.SYS Information Disclosure

Edited modules/exploits/multi/browser/adobe_flash_shader_drawing_fill.rb
first landed in #5605, CVE-2015-3105 flash exploit

Edited modules/exploits/multi/browser/adobe_flash_shader_job_overflow.rb
first landed in #5559, Adobe Flash Player ShaderJob Buffer Overflow

Edited modules/auxiliary/test/report_auth_info.rb first landed in #5540,
@wchen-r7's changes for multiple auxiliary modules to use the new cred
API
 2015-06-26 12:18:33 -05:00
jvazquez-r7 7ccc86d338 Use cmd_exec 2015-06-26 11:54:19 -05:00
jvazquez-r7 31b7ef49d6 Solve conficts 2015-06-26 11:36:17 -05:00
wchen-r7 c70e38a14e Do more reporting 2015-06-25 22:39:56 -05:00
wchen-r7 5ef4cc2bb4 Save creds 2015-06-25 17:10:20 -05:00
wchen-r7 1a371b11b0 Update description 2015-06-25 17:04:31 -05:00
jvazquez-r7 ee0377ca16 Add module for CVE-2015-3105 2015-06-25 13:35:01 -05:00
wchen-r7 c330d10403 Make SSL as a basic option 
Also:

Fix #5558
 2015-06-25 02:06:51 -05:00
wchen-r7 5c98da05fb This works for Glassfish 4.0 & 9.1 2015-06-25 01:58:24 -05:00
wchen-r7 c826785ebb Fix auth bypass 2015-06-24 19:49:04 -05:00
wchen-r7 8e4fa80728 This looks good so far 2015-06-24 19:30:02 -05:00
Spencer McIntyre 2206a6af73 Support older targets x86 for MS15-051 2015-06-25 09:33:15 +10:00
William Vu a149fb5710 Land #5554, @g0tmi1k's persistence improvements 
age aborts
age aborts
 2015-06-24 14:37:25 -05:00
William Vu e7e8135acd Clean up module 2015-06-24 14:35:10 -05:00
wchen-r7 380af29482 Progress? 2015-06-24 14:17:45 -05:00
wchen-r7 6046994138 version does not return nil 2015-06-23 10:31:01 -05:00
wchen-r7 dedfca163d Change check() 2015-06-22 15:05:12 -05:00
jvazquez-r7 784be06b6f Update nmap 
* Use cmd_exec
 2015-06-22 14:20:02 -05:00
jvazquez-r7 d98d2ffd4d Update setuid_viscosity 
* Use cmd_exec
 2015-06-22 14:04:04 -05:00
jvazquez-r7 60bdc10aed Update setuid_tunnelblick 
* Use cmd_exec
 2015-06-22 13:57:33 -05:00
jvazquez-r7 6a00ce62de Update persistence module 
* Delete unused method
 2015-06-22 12:25:00 -05:00
OJ 3686accadd Merge branch 'upstream/master' into cve-2015-1701 2015-06-22 07:52:17 +10:00
Spencer McIntyre efece12b40 Minor clean ups for ruby strings and check method 2015-06-21 16:07:44 -04:00
jvazquez-r7 74bc9f7a91 Land #5529, @omarix's Windows 2003 SP1 & SP2 French targets for MS08-067 2015-06-19 16:57:07 -05:00
jvazquez-r7 61ad4ada7d Delete commas 2015-06-19 16:03:16 -05:00
William Vu 2587595a92 Land #5556, vprint_status fix 2015-06-19 11:24:54 -05:00
William Vu b994801172 Revert auto tab replacement 2015-06-19 11:22:40 -05:00
jvazquez-r7 6ec8488929 Land #5560, @wchen-r7 Changes ExcellentRanking to GoodRanking for MS14-064 2015-06-19 11:15:41 -05:00
wchen-r7 15985e8b4f Land #5559, Adobe Flash Player ShaderJob Buffer Overflow 2015-06-19 10:38:05 -05:00
jvazquez-r7 c95b3bb31d Land #5479, @wchen-r7 Updates kloxo_sqli to use the new cred API 2015-06-19 10:32:21 -05:00
jvazquez-r7 c2f0973ed0 Report attempt_time 2015-06-19 10:31:50 -05:00
jvazquez-r7 1c357e6b3c Land #5478, @wchen-r7 Updates ca_arcserve_rpc_authbypass to use the new cred API 2015-06-19 10:21:14 -05:00
jvazquez-r7 0f17f622c3 Report last_attempted_at 2015-06-19 10:20:47 -05:00
jvazquez-r7 357a3929a3 Trying to report more accurate status 2015-06-19 09:51:36 -05:00
wchen-r7 7e91121afc Change to Metasploit::Model::Login::Status::SUCCESSFUL 2015-06-18 23:44:45 -05:00
wchen-r7 fb9ad663f7 Change to Metasploit::Model::Login::Status::SUCCESSFUL 2015-06-18 23:42:16 -05:00
g0tmi1k 0b55a889d3 persistence - better ruby/msf fu 2015-06-18 21:10:16 +01:00
Tod Beardsley afcb016814 Minor description fixups. 
Edited modules/exploits/multi/browser/adobe_flash_pixel_bender_bof.rb
first landed in #5524, adobe_flash_pixel_bender_bof in flash renderer .
Removed ASCII bullets since those rarely render correctly.

Edited modules/exploits/unix/webapp/wp_frontend_editor_file_upload.rb
first landed in #5252, @espreto's module for WordPress Front-end Editor
File Upload Vuln . Fixed up some language usage, camel-cased "WordPress."
 2015-06-18 13:25:39 -05:00
wchen-r7 13a3f2781d Change ExcellentRanking to GoodRanking for MS14-064 
The ms14_064_ole_code_execution exploit's ranking is being lowered
to GoodRanking because of these two reasons:

1. The vulnerable component isn't in Internet Explorer. And BES can't
   check it so the exploit still fires even if the target is patched.
2. Although rare, we've seen the exploit crashing IE, and since this
   is a memory curruption type of bug, it should not be in Excellent
   ranking anyway.
 2015-06-18 13:07:44 -05:00
jvazquez-r7 de1542e589 Add module for CVE-2015-3090 2015-06-18 12:36:14 -05:00
g0tmi1k ce9481d2b7 Inconstancy - If datastore['VERBOSE'] vs vprint 2015-06-18 09:27:01 +01:00
g0tmi1k a3debe1621 persistence - more options, more verbose 
...and less bugs!

+ Able to define the EXE payload filename
+ Able to setup a handler job
+ Able to execute persistence payload after installing
+ Performs various checks (should be more stable now)
+ Will display various warnings if your doing something 'different'
+ Added various verbose messages during the process
 2015-06-17 13:57:06 +01:00
William Vu 8d640a0c8f Land #5527, multi/handler -> exploit/multi/handler 2015-06-15 10:23:26 -05:00
wchen-r7 17b8ddc68a Land #5524, adobe_flash_pixel_bender_bof in flash renderer 2015-06-15 02:42:16 -05:00
0xFFFFFF c7cda25582 Empty lines removed at line 624 and line 721. 
Empty lines removed at line 624 and line 721.
 2015-06-13 14:54:10 +01:00
0xFFFFFF 7f0e334d78 Added Windows 2003 SP1 & SP2 French targets 
msf exploit(ms08_067_netap) > show targets 

Exploit targets:

   Id  Name
   --  ----
   0   Automatic Targeting
   1   Windows 2000 Universal
   2   Windows XP SP0/SP1 Universal
   3   Windows 2003 SP0 Universal
   4   Windows XP SP2 English (AlwaysOn NX)
   [...]
   62  Windows 2003 SP1 French (NX)
   63  Windows 2003 SP2 English (NO NX)
   [...]
   71  Windows 2003 SP2 French (NO NX)
   72  Windows 2003 SP2 French (NX)
 2015-06-13 13:30:02 +01:00