adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
53,061 Commits 27 Branches 1,043 Tags
d0803e49becbe8f93235e2cbb3fcdd7ecdfeabe1
Commit Graph

3118 Commits

Author SHA1 Message Date
William Vu 042c181f67 Land #12058, cisco_dcnm_upload_2019 exploit 2019-08-30 13:33:19 -05:00
Pedro Ribeiro 3dd9c38fd1 Update cisco_dcnm_upload_2019.rb 2019-08-29 12:42:01 +07:00
Pedro Ribeiro bbbf426ec7 make requested changes 2019-08-29 12:16:58 +07:00
Pedro Ribeiro bda1120cac make requested changes 2019-08-29 11:14:40 +07:00
Shelby Pace bc6cff3d4f Land #12207, add LibreOffice/Logo file fmt exploit 2019-08-19 13:14:23 -05:00
Shelby Pace 8fd5c1e0c1 remove PrependMigrate option 2019-08-19 13:12:54 -05:00
Load b0a531982e Adds default options 
- Changes target to Automatic
- Set default options instead of default target for options
- Adds links for the two vulnerabilities exploited by this module
- Removes unnecessary double encoding+eval
 2019-08-18 14:42:48 +02:00
Shelby Pace 409b3c9c4b using python payload for platform independence 2019-08-16 15:36:42 -05:00
Load 3838fc2164 Adds references to the next CVE 
This new CVE explains this exploit (global events are used)
 2019-08-16 12:59:23 +02:00
William Vu 32334c2386 Update all module splats from http:// to https:// 2019-08-15 18:10:44 -05:00
LoadLow c3b6e33f2e Adds suggested modifications 2019-08-03 06:10:11 +02:00
Load ce552ab88b Removes double quotes in libreoffice_logo_exec 
Co-Authored-By: Carter Brainerd <0xCB@protonmail.com>
 2019-08-03 05:52:12 +02:00
Pedro Ribeiro 817726699c make requested changes 2019-08-02 22:48:54 +01:00
Adam Cammack e11de696d4 Make msftidy happy 2019-08-02 11:17:41 -05:00
Adam Cammack cf9b94a964 Set needs_cleanup flag for exploits that need it 
The `needs_cleanup` flag needs to be set per-module when an exploit
needs an interactive session to clean up. Some `FileDropper` exploits
need additional cleanup to what the mixin provides, but since all
`FileDropper`s already mark themselves as needing cleanup those are not
covered here. A few of these could potentially be refactored to use the
original exploitation method to clean up or to compile the list of
files/commands to clean up ahead of time, but that is out of the scope
of this fix.
 2019-08-02 10:23:53 -05:00
Adam Cammack 5e64f8560a Fix whitespace 2019-08-02 10:23:41 -05:00
LoadLow 8e8e6a2cf7 Fixes indent 2019-07-31 00:14:08 +02:00
LoadLow 88f3ff9d59 Updates references 2019-07-31 00:00:30 +02:00
LoadLow 5f478b7fd6 Adds exploit module for CVE-2019-9848 
uses on dom-loaded event (triggered just after opening the document) and still working on 6.2.5
 2019-07-30 23:07:20 +02:00
Wei Chen f09cfade62 Land #11205, Add support for Linux and pubprn.vbs to web_delivery 2019-07-25 09:15:40 -05:00
Wei Chen 967b2a018f Land #12010, Add exploit module for wp-database-backup Wordpress plugin 2019-07-23 12:21:23 -05:00
Wei Chen ca664512ce Minor corrections in check and a unsed return value 2019-07-23 12:20:14 -05:00
Pedro Ribeiro 18f76f00b5 Rename modules/exploit/multi/http/cisco_dcnm_upload_2019.rb to modules/exploits/multi/http/cisco_dcnm_upload_2019.rb 2019-07-12 22:02:05 +01:00
bcoles 645b9179a2 Add support for pubprn 2019-07-12 23:16:43 +10:00
William Vu c917ec70d1 Fix missing split in struts2_rest_xstream 2019-07-10 11:15:36 -05:00
William Vu e6300bfd63 Fix cmd_psh_payload requiring an arch string 
We may want to update Rex::Powershell to take the first in an array.
 2019-07-09 17:43:23 -05:00
William Vu 7a26e1c257 Fix sshexec hanging on exec! and blocking close 2019-06-27 22:07:37 -05:00
Shelby Pace 258f631f84 remove echo cmdstagerflavor 2019-06-26 13:56:13 -05:00
Shelby Pace 2f29c914ab add changes, remove db backup delete code 2019-06-26 13:48:14 -05:00
William Vu 5c14aea1a0 Fix target_platform check (it's empty, not nil) 2019-06-25 12:56:36 -05:00
William Vu cf140f0840 Make SRVHOST the callback address 2019-06-25 12:43:04 -05:00
Shelby Pace 2af76c1997 add documentation and finished module 2019-06-25 11:21:15 -05:00
William Vu 44ad25ae34 Land #12008, struts2_content_type_ognl 302 fix 2019-06-25 00:40:58 -05:00
James Lee 303bfaa7eb Don't worry about response code 
I found one that returned a 302
 2019-06-24 13:53:31 -05:00
Shelby Pace 54aff89563 add requests to create, remove, clean db backups 2019-06-21 16:00:56 -05:00
Shelby Pace e43fc2d921 added skeleton, check method 2019-06-20 14:05:41 -05:00
Wei Chen 8920152eca Add a ZDI reference for CVE-2019-5420 Rails exploit 2019-06-20 10:43:21 -05:00
suzu991154 cdce03f42d fix_os_check 2019-06-03 16:17:23 +09:00
suzu991154 0a6f1d5538 Add support for Windows 10(10240) to CVE-2015-5122 2019-06-01 14:44:30 +09:00
William Vu a0c6035380 Prefer initial slash in normalize_uri 
I missed the indirect call in check. This decides on a style.

If a URI part contains a slash, we begin with a slash.
 2019-05-30 00:08:17 -05:00
William Vu 0b4cc5b547 Update go_go_gadget2 2019-05-22 15:03:44 -05:00
William Vu 6d004862e4 Update go_go_gadget1 2019-05-22 15:03:44 -05:00
William Vu be89a4d9c5 Update exploit method 2019-05-22 15:03:05 -05:00
William Vu f70b3d13a0 Update metadata 2019-05-22 15:03:05 -05:00
William Vu 73aabd1adc Land #11861, WebLogic AsyncResponseService updates 2019-05-22 14:23:45 -05:00
Shelby Pace 0d6008862b Land #11805, add bsd targets to sshexec 2019-05-20 14:16:10 -05:00
Wei Chen 6847fcc199 Update CVE reference and datastore options for WebLogic exploit 2019-05-20 13:10:06 -05:00
bwatters-r7 966582a10c Land #11833, moodle_cmd_exec nil check 
Merge branch 'land-11833' into upstream-master
 2019-05-20 13:08:11 -05:00
William Vu 0328814241 Indent ternary statement in struts2_rest_xstream 2019-05-20 12:35:52 -05:00
Wei Chen ad08c4e56b Land #11828, Add CVE-2017-18357: Shopware Object Instantiation 2019-05-17 18:22:48 -05:00