adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
50,939 Commits 27 Branches 1,043 Tags
edb94e9ef581c4cb2f856428fe5e05eb470d7fbd
Commit Graph

25895 Commits

Author SHA1 Message Date
William Vu 6ff18828c0 Land #11481, Drupal SA-CORE-2019-003/CVE-2019-6340 2019-03-05 21:09:06 -06:00
William Vu 0de69e776a Add friendly default payloads 2019-03-05 20:25:00 -06:00
William Vu 2f76ad4205 Move print_line for DUMP_OUTPUT 2019-03-05 20:10:32 -06:00
William Vu 84376c30c4 Refactor check methods once again 2019-03-05 19:47:41 -06:00
William Vu c7f12b2594 Sneak in a change to libssh_auth_bypass 2019-03-05 17:21:11 -06:00
William Vu 72bb49aca9 Make HTTP method configurable and prefer POST 2019-03-05 17:16:04 -06:00
William Vu d30bfe2cbf Update drupal_drupalgeddon2 2019-03-05 13:26:05 -06:00
William Vu ea7c589b19 Refactor module and address review comments 2019-03-05 13:26:01 -06:00
Wei Chen 6765ed80d6 Land #11077, Improvements and documentation for wing_ftp_admin_exec 2019-03-05 12:42:33 -06:00
Wei Chen bc29543886 Land #11397, Add checkJNDI to jboss_vulnscan plus a basic mod doc 2019-03-05 11:22:05 -06:00
William Vu a8a48050f9 Merge remote-tracking branch 'upstream/master' into pr/11481 2019-03-05 11:14:56 -06:00
Wei Chen 027c0fc100 Land #11423, Moved bruteforce(ip) under the sys_name check 2019-03-05 11:02:33 -06:00
William Vu a9f72a39d0 Fix misplaced error check in Crock-Pot module 2019-03-04 19:26:17 -06:00
William Vu 502f63c0c4 Indent SOAP requests and prefer $() over `` 2019-03-04 19:10:33 -06:00
William Vu 1dd243b8bd Improve positive/negative prints in check method 2019-03-04 19:08:47 -06:00
William Vu 225e0549c0 Revert CheckCode::Vulnerable to CheckCode::Appears 2019-03-04 18:38:44 -06:00
William Vu 4100f1cfeb Revert vprint_status to vprint_good 2019-03-04 18:22:12 -06:00
William Vu f8208bf0ef Land #11464, version checking for Wemo exploit 2019-03-04 18:18:02 -06:00
William Vu 40ff708306 Refactor check method and address review comments 2019-03-04 17:49:09 -06:00
John Q. Public a9ba765e76 Update hp_sys_mgmt_login.rb 
Removed the tab at 175.
 2019-03-04 13:37:11 -06:00
Brendan Coles 42941cfb78 Land #11500, Add more checks to cisco_directory_traversal module 2019-03-01 20:21:25 +00:00
Wei Chen 811720e85a Land #11461, Update manageengine_deviceexpert_traversal.rb 2019-03-01 02:49:34 -06:00
Wei Chen 41a8019124 Check 404 2019-03-01 02:35:29 -06:00
Shelby Pace ca39542f7e check res before accessing res body 2019-02-28 16:48:54 -06:00
Shelby Pace 457c740e47 added more checks for potential vulnerable devices 2019-02-28 16:25:07 -06:00
Brent Cook ca6508de67 Land #11445, always save output with winrm_cmd 2019-02-28 16:11:17 -06:00
Brent Cook b22c49679b remove some extra complication 2019-02-28 15:03:04 -06:00
rotemreiss 2c2e1f0615 Remove custom imp. in favor of library change 
Remove custom full_uri implementation in favor of a library change in #11485 which adds vhost support in the full_uri method.
 2019-02-26 13:35:32 -05:00
John Q. Public 7435913904 Fixed the if statement on line 53. 2019-02-26 09:02:08 -06:00
y_k_oo7 31bf6a11ad Updated Module 2019-02-26 16:18:52 +05:30
rotemreiss a6148f7733 Code improvements and fixes 2019-02-25 17:24:34 -05:00
rotemreiss edf7c41478 Code smells and documentation 2019-02-25 15:21:46 -05:00
rotemreiss 54ce49c4e6 Feedback from PR fixes 2019-02-25 14:09:07 -05:00
William Vu c769555557 Clarify why WfsDelay was repurposed 2019-02-25 12:19:03 -06:00
William Vu 5c84330c18 Clarify DUMP_OUTPUT description once more 2019-02-25 12:06:20 -06:00
William Vu b5368ed2e4 Add sleep(wfs_delay) back to drupal_drupalgeddon2 
And drop WfsDelay back down to 2. I see why I did it in the first place.
 2019-02-25 12:02:31 -06:00
William Vu cb962a22ef Add WfsDelay back to drupal_drupalgeddon2 
And bump it to 10, though 2 worked in testing.
 2019-02-25 11:44:02 -06:00
William Vu f35a13d795 Fix exploit/multi/http/oracle_ats_file_upload 2019-02-25 11:35:34 -06:00
William Vu f534fd9755 Fix exploit/multi/http/apache_jetspeed_file_upload 2019-02-25 11:32:06 -06:00
William Vu 53bf15b184 Fix exploit/multi/http/struts2_rest_xstream 2019-02-25 11:18:27 -06:00
William Vu 6ecb4bc4a7 Fix exploit/unix/webapp/drupal_drupalgeddon2 2019-02-25 11:18:20 -06:00
John Q. Public 1150c896d3 Removed the tab at line 59. 2019-02-25 08:48:00 -06:00
bcoles 9249f2a119 Update modules/exploits/unix/webapp/drupal_sa_core_2019_003.rb 
Co-Authored-By: rotemreiss <reiss.r@gmail.com>
 2019-02-25 08:53:19 -05:00
bcoles 8912c1a943 Update modules/exploits/unix/webapp/drupal_sa_core_2019_003.rb 
Co-Authored-By: rotemreiss <reiss.r@gmail.com>
 2019-02-25 08:53:02 -05:00
bcoles d279e092cb Update modules/exploits/unix/webapp/drupal_sa_core_2019_003.rb 
Co-Authored-By: rotemreiss <reiss.r@gmail.com>
 2019-02-25 08:46:30 -05:00
rotemreiss eabd0b485c Update ranking 2019-02-25 08:08:06 -05:00
rotemreiss e93dffb32c Add new exploit for Drupal SA-CORE-2019-003 2019-02-25 07:57:04 -05:00
Nicholas Starke 7c7a233d67 Addressing PR Comments 2019-02-23 14:41:11 -06:00
Nicholas Starke 6bd1489f62 Adding version checking to wemo module 
Addresses Github Issue 11452 by parsing out the version
information returned in /setup.xml. New code then performs
a version check, and then alerts the user to whether or not
it is likely the remote host is vulnerable given that version
check.
 2019-02-23 12:06:57 -06:00
William Vu fc9245fa66 Fix author names in a couple modules 
It me.
 2019-02-22 17:02:15 -06:00