adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
52,317 Commits 27 Branches 1,043 Tags
d7a5eae146e3c8b2fd3b2dcc3f0a2ea407d6e8a3
Commit Graph

26616 Commits

Author SHA1 Message Date
William Vu d7a5eae146 Fix bug, adjust prints, and check body for "OK" 2019-06-28 04:12:57 -05:00
William Vu 933b5f0413 Tidy up send_request_cgi 2019-06-26 00:59:53 -05:00
William Vu 00530031fd Try not encoding the GET parameters 2019-06-26 00:55:23 -05:00
William Vu f3b509a1bc Implement on_request_uri 2019-06-25 23:47:19 -05:00
William Vu fe11eabe62 Merge remote-tracking branch 'upstream/master' into pr/11952 2019-06-25 23:47:06 -05:00
Wei Chen 685fb55179 Land #11987, Add Nagios XI 5.5.6 magpie_debug Root Exploit 2019-06-25 16:17:50 -05:00
Wei Chen 23dbc4d90d Change file name 2019-06-25 16:10:44 -05:00
Wei Chen e9fc9970ba Make names more random. Also, make metadata changes 2019-06-25 16:09:15 -05:00
William Vu 5c14aea1a0 Fix target_platform check (it's empty, not nil) 2019-06-25 12:56:36 -05:00
William Vu cf140f0840 Make SRVHOST the callback address 2019-06-25 12:43:04 -05:00
William Vu 44ad25ae34 Land #12008, struts2_content_type_ognl 302 fix 2019-06-25 00:40:58 -05:00
James Lee 303bfaa7eb Don't worry about response code 
I found one that returned a 302
 2019-06-24 13:53:31 -05:00
Wei Chen 8920152eca Add a ZDI reference for CVE-2019-5420 Rails exploit 2019-06-20 10:43:21 -05:00
Jeffrey Martin e1b982dfa9 Land #11993, Explicitly require 'rc4' in the BlueKeep scanner. 2019-06-19 14:42:01 -05:00
Wei Chen a93a520c3a Land #11960, Add LPE for Cisco Prime Infrastructure's runrshell exe 2019-06-19 10:49:17 -05:00
Wei Chen c637755ebd Land #11956 - Add Cisco Prime Infrastructure Health Monitor Tar RCE 2019-06-19 10:46:35 -05:00
Shelby Pace 4d7d807025 Land #11983, add Webmin package update rce 2019-06-19 08:35:01 -05:00
Shelby Pace ddf7eadeee modified version check 2019-06-19 08:31:48 -05:00
Pearce Barry 3f0810502e Explicitly require 'rc4' in the BlueKeep scanner. 
Appears to still operate as-expected:

	msf5 > use auxiliary/scanner/rdp/cve_2019_0708_bluekeep
	msf5 auxiliary(scanner/rdp/cve_2019_0708_bluekeep) > set rhosts <target>
	rhosts => <target>
	msf5 auxiliary(scanner/rdp/cve_2019_0708_bluekeep) > run

	[+] <target>:3389      - The target is vulnerable.
	[*] <target>:3389 - Scanned 1 of 1 hosts (100% complete)
	[*] Auxiliary module execution completed

Fixes MS-4291.
 2019-06-19 08:27:04 -05:00
Jacob Robles efeb0a5f5c Land #11971, zip extraction from modbus pcap 2019-06-18 16:25:27 -05:00
Wei Chen 384cfc7db5 update checkcode 2019-06-18 15:58:57 -05:00
Jacob Robles 66c3c6a94b Remove unused mixin, update save loot logic 
Capture mixin was not used. Loot was being
saved when a zip file wasn't found. Updated
file path so the module is under analyze.
 2019-06-18 14:08:47 -05:00
Shelby Pace d4d2eab770 removed some whitespace, added a check 2019-06-17 15:29:08 -05:00
Özkan Mustafa Akkuş a5020b8f30 Fix spaces at EOL 2019-06-17 13:16:56 +03:00
Özkan Mustafa Akkuş b5e34cb783 Converting version check request to vars_get 
We also need to add the "testing = 1" cookie to the login request. Otherwise, the browser displays a No-Cookie error.
 2019-06-17 10:46:46 +03:00
yaumn e13456ce0d Add root to the filename 2019-06-16 23:32:57 +01:00
siberguvenlik 17f686a87d Adding module documentation 2019-06-16 18:27:01 -04:00
yaumn 8faa138289 Change targets and default http delay 2019-06-16 23:13:45 +01:00
siberguvenlik 3d463a1e20 Adding correction of Check and Payload definitions 2019-06-16 17:58:31 -04:00
yaumn 863beaea92 First commit for module Nagios XI RCE 2019-06-16 22:10:32 +01:00
siberguvenlik 414c614b55 CVE-2019-12840 - Add Webmin 1.910 RCE Module 2019-06-16 11:26:00 -04:00
William Vu 379caff828 Land #11932, TLS and doc'd packets for BlueKeep 2019-06-14 21:10:08 -05:00
William Vu 3d8b474632 Clean up module 2019-06-14 21:09:57 -05:00
jdiog0 6646295d51 modbus zip 
Co-Authored-By: @shellfail <jrobles@rapid7.com>
 2019-06-14 19:27:54 +01:00
bwatters-r7 b9cefe1b79 Land #11958, abrt_raceabrt_priv_esc: Fix abrt package version check 
Merge branch 'land-11958' into upstream-master
 2019-06-13 14:02:15 -05:00
bwatters-r7 aed504c0a9 Land #11944, Implement bind TCP with RC4 decryption for x64 
Merge branch 'land-11944' into upstream-master
 2019-06-13 12:09:31 -05:00
Tom Sellers a2863ff3cf Add comment to pdu_connect_initial 2019-06-12 10:46:12 -05:00
Tom Sellers 008f9061f6 Randomize client random, sanity check fields 2019-06-12 07:49:45 -05:00
Tom Sellers f4aa86c9b3 rubocop cleanup 2019-06-11 13:29:05 -05:00
Tom Sellers cc93b312ac Add ability to configure username, client, IP, etc 2019-06-11 13:07:59 -05:00
Brent Cook fa09b239e8 Land #11941, add support for module aliases 2019-06-11 12:57:01 -05:00
Matthew Kienow d91459f2eb Correct module CVE reference 2019-06-11 09:14:40 -04:00
Wei Chen d74881a3c0 Update based on bcole's feedback 2019-06-10 12:12:49 -05:00
Wei Chen caa9987a77 Register payload for cleanup 2019-06-10 11:20:25 -05:00
Wei Chen d63484562c Correct disclosure date 2019-06-10 11:14:41 -05:00
Wei Chen 12cfada465 Add Cisco Prime Infrastructure runrshell Privilege Escalation 2019-06-10 10:29:43 -05:00
Brendan Coles 8cac968acb Fix abrt package version check 2019-06-10 02:21:10 +00:00
Pedro Ribeiro 6693e3e347 add cve to trueonline v2 2019-06-08 17:41:04 +07:00
Pedro Ribeiro 903ea5ebce add cve to p660hn v1 2019-06-08 17:38:44 +07:00
Pedro Ribeiro c763f84348 add cve to billion module 2019-06-08 17:37:05 +07:00