adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
54,914 Commits 27 Branches 1,043 Tags
cfd41c49ec14b7ca6b56c42e409edcbbd6cedf6a
Commit Graph

1385 Commits

Author SHA1 Message Date
William Vu a31e4034c8 Check SSL in exploit/linux/http/webmin_backdoor 2020-01-16 14:49:13 -06:00
William Vu 491c36ccaa Land #12827, credit updates to Citrix exploit 2020-01-14 10:54:57 -06:00
William Vu eaeaae7607 Reformat credit 2020-01-14 10:46:04 -06:00
Jeffrey Martin 1cd75d9f40 document additional PoC authors 2020-01-14 10:22:26 -06:00
Shelby Pace 429329c45d Land #12801, add WePresent cmd injection module 2020-01-14 08:29:40 -06:00
Jacob Baines 009ec162de Use string interpolation and removed rundant namespace and return statement 2020-01-14 07:52:30 -05:00
Jacob Baines ea6263e6bb Removed redundant return statement 2020-01-14 06:52:24 -05:00
Jacob Baines ecb825ea71 Remove redundant parameters. 2020-01-14 06:40:40 -05:00
Jacob Baines fa661e58ca Unified the POST request into one function. Fixed hardcoding of SSL. Fixed Author formatting. Fixed connection failure check in check function 2020-01-14 06:22:00 -05:00
Jacob Baines 0308f76bbd Switched to vars_post in send_request_cgi and removed unnecessary documentation 2020-01-14 05:42:06 -05:00
William Vu 5c4189fdb4 Move unix/webapp/webmin_backdoor to linux/http 2020-01-14 00:50:04 -06:00
William Vu 3a8b630262 Set a sane default HttpClientTimeout 
Totally forgot I did this for Pulse Secure.
 2020-01-13 22:26:26 -06:00
William Vu cd65efb259 Revert tuned timeout in favor of HttpClientTimeout 
Bad habit!
 2020-01-13 22:02:12 -06:00
William Vu c71a75950a Make cmd/unix/generic timeout configurable 2020-01-13 21:35:10 -06:00
William Vu 93c69b3a96 Bump send_request_cgi timeout to 3.5s for shells 2020-01-13 21:29:28 -06:00
William Vu a635676604 Update wording in module description 2020-01-13 21:04:07 -06:00
William Vu af4505f007 Clean up module 2020-01-13 20:48:18 -06:00
William Vu 04084f84f7 Run rubocop -a 2020-01-13 20:25:07 -06:00
William Vu a45821b706 Rename module 2020-01-13 20:25:07 -06:00
Jacob Baines caa02c7d2e Added exploit module for CVE-2019-3929 2020-01-09 08:03:52 -05:00
William Vu 263c7bf235 Use CheckModule in pulse_secure_cmd_exec 2019-12-03 10:39:58 -06:00
Shelby Pace baf27f9654 Land #12542, add Bludit File Upload Exploit 2019-11-12 15:44:34 -06:00
William Vu 3c1fa90a75 Land #12515, Pulse Secure VPN RCE 2019-11-12 02:55:01 -06:00
William Vu a267ad9d64 Reference env(1) as the reason we have useful RCE 2019-11-12 02:17:58 -06:00
William Vu 8df559eceb Update print to warning 2019-11-12 02:09:43 -06:00
wvu-r7 0c4580f254 Calibrate timeout for hax 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-11-12 02:03:52 -06:00
William Vu de72ed8545 Print our glorious success 2019-11-12 02:02:53 -06:00
William Vu 238c931fd3 Don't fail module if blocking through timeout 2019-11-12 01:55:56 -06:00
William Vu d8e612726c Note that an admin SID is required at present 2019-11-12 01:46:23 -06:00
William Vu 1573664c78 Reduce timeout for when the shell pops 2019-11-12 01:41:19 -06:00
William Vu bc5b0645dd Fix typo 2019-11-12 01:25:36 -06:00
William Vu 2c6c46701c Update DefaultOptions 2019-11-12 01:23:53 -06:00
William Vu 8664ac9dd8 Add target print 2019-11-12 01:17:28 -06:00
William Vu e9fb4a2528 Check for nil 
Oops.
 2019-11-12 01:10:26 -06:00
William Vu f4c7690247 Print cmd/unix/generic command output, minus HTML 2019-11-12 01:08:56 -06:00
William Vu 09901fdf56 Clarify session cookie could be invalid 2019-11-12 01:08:25 -06:00
William Vu 5b825e8245 Readd cmd/unix/generic target with manual badchars 2019-11-12 01:08:09 -06:00
Wei Chen 717a31c7c3 Fix typos and format 2019-11-11 14:47:56 -06:00
Wei Chen 553601210a Add CVE-2019-16113: Bludit Directory Traversal Image Upload Exploit 2019-11-05 08:57:15 -06:00
William Vu 81da0d18c6 Add blurb about pre-auth file read 2019-10-30 20:41:57 -05:00
William Vu f3a6aeea60 Add true post_auth? definition 2019-10-30 20:31:58 -05:00
William Vu 77c26e9a70 Add Pulse Secure VPN arbitrary command execution 2019-10-30 20:08:02 -05:00
William Vu e010f48a3b Move module to coldfusion_rds_auth_bypass 2019-10-27 11:25:56 -05:00
bwatters-r7 25b56c410d Land #12189, Add module for LibreNMS CVE-2019-10669 
Merge branch 'land-12189' into upstream-master
 2019-09-06 12:01:09 -05:00
William Vu 83de041894 Land #12243, cisco_ucs_rce exploit 2019-08-30 13:35:29 -05:00
William Vu b0b72892be Deprecate/delete cisco_rv130_rmi_rce by alias 2019-08-30 12:03:43 -05:00
William Vu 49b3af3870 Merge remote-tracking branch 'upstream/master' into pr/12133 2019-08-30 12:01:48 -05:00
Pedro Ribeiro 40b0d02f39 make some adjustments 2019-08-29 19:49:37 +07:00
Pedro Ribeiro c88ce55013 Add github link 2019-08-28 11:08:35 +07:00
Pedro Ribeiro d6f47fd03a s/Directory/Director 2019-08-28 10:58:41 +07:00