adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
31,694 Commits 27 Branches 1,043 Tags
e9e9d27363368634528e75aa65fb2a00a0cabefd
Commit Graph

1726 Commits

Author SHA1 Message Date
William Vu 3075c56064 Fix "response HTML" message 
In modules/exploits/multi/browser/firefox_xpi_bootstrapped_addon.rb.
 2015-03-07 17:08:08 -06:00
jvazquez-r7 9f3f8bb727 Merging #3323 work 2015-03-05 15:44:15 -06:00
jvazquez-r7 c388fd49c2 Fix print message 2015-03-05 15:43:54 -06:00
jvazquez-r7 e1a4b046a0 Add support for tomcat 7 to struts_code_exec_classloader 2015-03-05 15:40:24 -06:00
sinn3r 8978b1d7b5 Add a version 2015-03-05 11:29:44 -06:00
Ricardo Almeida 32188f09d6 Update phpmoadmin_exec.rb 
Changes:
Added required comment at the top of the file;
Changed Class name "Metasploit3" >> "Metasploit4";
Standard name/email format for public PoC author.
 2015-03-05 12:56:08 +00:00
Ricardo Almeida 95962aab0d Update phpmoadmin_exec.rb 
Changes:
"Check if vulnerable" code improvement;
Payload delivery code improvement;
Minor indent issues.

Thanks for your feedback guys :)
 2015-03-05 12:46:53 +00:00
Ricardo Almeida 9530e15c81 Update phpmoadmin_exec.rb 
Changes:
Changed description section;
Changed 'URL' to 'EDB' in references section;
Added newline at the end.
 2015-03-04 21:59:08 +00:00
Ricardo Almeida c19895ac85 Update phpmoadmin_exec.rb 
Changes:
Added new URL;
Added CVE number;
Corrected the disclosure date;
Corrected the normalize_uri() function syntax.
 2015-03-04 21:31:44 +00:00
Ricardo Almeida 4d67e0e1bb Add PHPMoAdmin RCE 2015-03-04 18:17:31 +00:00
Tod Beardsley 94b4bc24bd Minor word choice changes 
[See #4804]
 2015-02-24 12:29:11 -06:00
William Vu 5cdb678654 Fix invalid use of RPORT (should be RHOST) 2015-02-24 05:24:09 -06:00
jvazquez-r7 1633a6d4fd Read response back while staging 2015-02-20 01:06:47 -06:00
jvazquez-r7 b0c6671721 Add module for ZDI-15-038, HPCA command injection 2015-02-20 00:41:17 -06:00
sinn3r 49f4b68671 Land #4790, injecting code into eval-based Javascript unpackers 2015-02-19 12:33:52 -06:00
joev 483a145d19 Fix msftidy issues. 2015-02-18 14:08:03 -06:00
joev f8609ab0ba Add file format exploit for injecting code into unpackers. 2015-02-18 11:26:45 -06:00
Brent Cook e08206d192 Land #4768, jvazquez-r7 reorganizes the SMB mixins 2015-02-17 10:36:19 -06:00
jvazquez-r7 0372b08d83 Fix mixin usage on modules 2015-02-13 17:17:59 -06:00
jvazquez-r7 29c68ef1ec End fixing namespaces 2015-02-10 11:55:14 -06:00
jvazquez-r7 1f4fdb5d18 Update from master 2015-02-10 10:47:17 -06:00
William Vu a7156cf4a8 Fix zabbix_script_exec datastore 2015-02-05 02:53:22 -06:00
jvazquez-r7 fbf32669c6 Use single quote 2015-02-04 09:47:27 -06:00
julianvilas de09559cc8 Change HTTP requests to succeed when going through HTTP proxies 2015-02-04 15:32:14 +01:00
Julian Vilas f983c8171e Modify description to match both Struts 1.x and 2.x versions 2015-01-30 12:35:38 +01:00
Julian Vilas 1a11ae4021 Add new references about Struts 1 2015-01-29 23:27:52 +01:00
Julian Vilas 4cc5844baf Add Struts 1 support 2015-01-29 23:12:34 +01:00
Tod Beardsley bae19405a7 Various grammar, spelling, word choice fixes 2015-01-26 11:00:07 -06:00
jvazquez-r7 d8aa282482 Delete some double quotes 2015-01-22 18:21:25 -06:00
jvazquez-r7 4c72b096b6 Switch variable from file_name to operation 2015-01-22 18:20:11 -06:00
jvazquez-r7 b003d8f750 Do final cleanup 2015-01-22 18:17:14 -06:00
jvazquez-r7 911485f536 Use easier key name 2015-01-22 18:11:48 -06:00
jvazquez-r7 eff49b5fd3 Delete files with Rex::Java::Serialization 2015-01-22 17:59:43 -06:00
jvazquez-r7 37bf66b994 Install instaget with Rex::Java::Serialization 2015-01-22 16:54:49 -06:00
jvazquez-r7 20d7fe631e Auto detect platform without raw streams 2015-01-22 15:15:08 -06:00
jvazquez-r7 ad276f0d52 Retrieve version with Rex::Java::Serialization instead of binary streams 2015-01-22 14:52:19 -06:00
jvazquez-r7 c866caac43 Randomize MLet name 2015-01-21 00:36:34 -06:00
jvazquez-r7 37ed1b1e62 Delete default values for datastore options 2015-01-21 00:14:46 -06:00
jvazquez-r7 a996efc807 Refactor exploit code 2015-01-21 00:07:00 -06:00
jvazquez-r7 2de2e657f0 Refactor get_mbean_server 2015-01-20 23:44:33 -06:00
jvazquez-r7 d90f856c00 Delete sock_server variable 2015-01-20 20:51:20 -06:00
jvazquez-r7 b792c0a5bf Create exploit_mbean_server method 2015-01-20 20:44:10 -06:00
jvazquez-r7 0b2d65749b Do better argument handling on Msf::Jmx::Mbean::ServerConnection 2015-01-20 18:46:09 -06:00
jvazquez-r7 b97c0fe398 Add Msf::Jmx::Util#extract_unicast_ref 2015-01-20 17:46:42 -06:00
jvazquez-r7 f7aaad1cf1 Delete some extraneous commas 2015-01-19 17:25:45 -06:00
jvazquez-r7 dbc77a2857 Land #4517, @pedrib's exploit for ManageEngine Multiple Products Authenticated File Upload 
* CVE-2014-5301
 2015-01-19 17:23:39 -06:00
jvazquez-r7 6403098fbc Avoid sleep(), survey instead 2015-01-19 17:22:04 -06:00
jvazquez-r7 a6e351ef5d Delete unnecessary request 2015-01-19 17:14:23 -06:00
jvazquez-r7 ed26a2fd77 Avoid modify datastore options 2015-01-19 17:11:31 -06:00
jvazquez-r7 3c0efe4a7e Do minor style changes 2015-01-19 15:36:05 -06:00