adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
38,221 Commits 27 Branches 1,043 Tags
decd770a0b2bb7eafcce8a014bfa86f0bf891a55
Commit Graph

20045 Commits

Author SHA1 Message Date
William Vu 232cc114de Change placeholder text to something useful 
A la Shellshock. :)
 2016-05-05 14:18:42 -05:00
William Vu f32c7ba569 Add template generation details 2016-05-05 14:18:42 -05:00
William Vu 23a0517a01 Update description 2016-05-05 14:18:42 -05:00
William Vu d7b76c3ab4 Add more references 2016-05-05 14:18:42 -05:00
William Vu 5c04db7a09 Add ImageMagick exploit 2016-05-05 14:18:42 -05:00
David Maloney 891a788ad4 Land #6849, mknod to mkfifo 
lands wvu's pr to switch from mknod to
mkfifo for netcat payloads
 2016-05-05 10:34:41 -05:00
Christian Mehlmauer 9357a30725 remove duplicate key 2016-05-04 22:15:33 +02:00
William Vu 74e5772bbf Replace mknod with mkfifo for portability 
Works on BSD and OS X now. This has been bugging me for a while.
 2016-05-04 02:32:37 -05:00
wchen-r7 68ad9b0b53 Land #6835, support Windows and Java platforms for struts_dmi_exec 2016-05-02 15:04:42 -05:00
wchen-r7 df44dc9c1c Deprecate exploits/linux/http/struts_dmi_exec 
Please use exploits/multi/http/struts_dmi_exec, which supports
Windows and Java targets.
 2016-05-02 15:03:25 -05:00
Brian Patterson be363411de Land #6317, Add delay(with jitter) option to auxiliary scanner and portscan modules 2016-05-02 13:09:40 -05:00
join-us 6a00f2fc5a mv exploits/linux/http/struts_dmi_exec.rb to exploits/multi/http/struts_dmi_exec.rb 2016-05-01 00:00:29 +08:00
join-us ec66410fab add java_stager / windows_stager | exploit with only one http request 2016-04-30 23:56:56 +08:00
wchen-r7 73ac6e6fef Land #6831, Add CVE-2016-3081 Apache struts s2_032 DMI Code Exec 2016-04-29 11:53:47 -05:00
wchen-r7 d6a6577c5c Default payload to linux/x86/meterpreter/reverse_tcp_uuid 
Default to linux/x86/meterpreter/reverse_tcp_uuid for now because
of issue #6833
 2016-04-29 11:52:50 -05:00
join-us 288975a9ce rm modules/exploits/multi/http/struts_dmi_exec.rb 2016-04-30 00:44:31 +08:00
Security Corporation 9d279d2a74 Merge pull request #15 from wchen-r7/pr6831 
Changes for Apache struts from @wchen-r7
 2016-04-30 00:37:53 +08:00
join-us 15ffae4ae8 rename module name 2016-04-30 00:17:26 +08:00
join-us 1d95a8a76d rename struts_code_exec_dynamic_method_invocation.rb to struts_dmi_exec.rb 2016-04-30 00:13:34 +08:00
wchen-r7 97061c1b90 Update struts_dmi_exec.rb 2016-04-29 11:13:25 -05:00
join-us 9e56bb8358 send http request (get -> post) 2016-04-30 00:08:00 +08:00
wchen-r7 e9535dbc5b Address all @FireFart's feedback 2016-04-29 11:03:15 -05:00
wchen-r7 6f6558923b Rename module as struts_dmi_exec.rb 2016-04-29 10:34:48 -05:00
join-us 643591546e struts s2_032 rce - linux_stager 2016-04-29 10:49:56 +08:00
wchen-r7 2a91a876ff Update php/meterpreter_reverse_tcp size 2016-04-27 16:14:38 -05:00
William Vu 0cb555f28d Fix typo 2016-04-26 15:26:22 -05:00
Adam Cammack f28d280199 Land #6814, move stdapi to exist? 2016-04-24 13:41:11 -04:00
Brent Cook 194a84c793 Modify stdapi so it also uses exist? over exists? for ruby parity 
Also add an alias for backward compatibility.
 2016-04-23 17:31:22 -04:00
Brent Cook 9a873a7eb5 more style fixes 2016-04-23 12:18:28 -04:00
Brent Cook d86174c3bf style fixes 2016-04-23 12:18:28 -04:00
Brent Cook 4250725b13 fix incorrect hex port conversion 2016-04-23 12:18:28 -04:00
Brent Cook 7ff5a5fd7e switch mainframe payloads to fixed size 2016-04-23 11:40:05 -04:00
wchen-r7 da9f156913 Print IP in print_* 2016-04-22 16:03:31 -05:00
wchen-r7 3aa02891e9 Bring #6801 up to date with upstream-master 2016-04-22 14:04:26 -05:00
wchen-r7 4a435e8d13 Bring hp_dataprotector_install_service up to date w/ upstream-master 2016-04-22 13:42:41 -05:00
wchen-r7 db1d973ef0 Cosmetic changes for hp_dataprotector_install_service 2016-04-22 13:41:18 -05:00
join-us 16ff74e293 syntax check / code reduce 2016-04-22 10:53:03 +08:00
Vincent Yiu ca4bcfe62a Update enum_emet.rb 
Cleaned up a bit more
 2016-04-22 00:41:10 +01:00
Vincent Yiu c81d0ade3f Update, implemented 
Took @bcook-r7's advice
 2016-04-22 00:37:03 +01:00
Vincent Yiu 30ac6b4a93 enum_emet 
A module to enumerate all the EMET wildcard paths.
 2016-04-22 00:20:25 +01:00
dmohanty-r7 67968e912c Land #6785 Add CVE-2016-0854 Advantech WebAccess Arbitrary File Upload 2016-04-21 12:02:04 -05:00
Brent Cook 57ab974737 File.exists? must die 2016-04-21 00:47:07 -04:00
504137480 c08872144f Update advantech_webaccess_dashboard_file_upload.rb 2016-04-21 09:33:03 +08:00
504137480 dcb9c83f98 Update advantech_webaccess_dashboard_file_upload.rb 2016-04-21 09:28:42 +08:00
Louis Sato 6b3326eab2 Land #6707, support for LURI handler 2016-04-20 16:26:07 -05:00
wchen-r7 e1e43db551 Land #6789, remove overwritten keys from hashes 2016-04-20 13:33:31 -05:00
Josh Hale 57467b94d9 Fix RegExp evaluation in is_routable? function 2016-04-20 10:22:46 -05:00
Brent Cook 57cb8e49a2 remove overwritten keys from hashes 2016-04-20 07:43:57 -04:00
Brian Patterson b74930f5c9 Land #6771, Deprecate dns_bruteforce / dns_cache_scraper / dns_info / dns_reverse_lookup / dns_srv_enum 2016-04-19 16:30:36 -05:00
504137480 2400345fff Merge pull request #2 from open-security/advantech_webaccess_dashboard_file_upload 
Advantech webaccess dashboard file upload
 2016-04-19 12:59:32 +08:00