adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
50,939 Commits 27 Branches 1,043 Tags
edb94e9ef581c4cb2f856428fe5e05eb470d7fbd
Commit Graph

1239 Commits

Author SHA1 Message Date
Wei Chen 18a4af1d1d Land #11279, improve imap_open exploit to be more robust 2019-02-08 18:28:08 -06:00
Tod Beardsley daa3076d42 Add CVE-2018-1000999 to MailCleaner module 
See PR #11148

This adds the new CVE assigned by DWF for this vulnerability.

Note that [CVE-2018-10933](https://www.cvedetails.com/cve/CVE-2018-10933/)
describes a vulnerability in libssh, but this one describes the issue as
it pertains to MailCleaner specifically.
 2019-01-23 09:27:12 -06:00
h00die f47060870a horde imp h3 imap_open 2019-01-18 19:43:45 -05:00
h00die 2585e4b708 horde imp h3 imap_open 2019-01-18 19:38:30 -05:00
h00die 5d49f04948 not working horde imp imap_open 2019-01-17 19:55:42 -05:00
Wei Chen 47f8738f74 Add Imran Rashid to CVE-2018-11770 credit 2019-01-14 15:28:08 -06:00
Wei Chen 52ff0a8b75 Update exploits/linux/http/spark_unauth_rce as CVE-2018-11770 2019-01-14 15:10:29 -06:00
Brendan Coles 24f807490f revisionism 2019-01-10 19:19:14 +00:00
h00die 799a79b715 ueb priv esc suggestion 2019-01-09 20:28:53 -05:00
Jacob Robles a0acfa79d7 Target payloads 2019-01-08 13:27:26 -06:00
Mehmet İnce 4e8ad22a7a Adding CVE number 2018-12-26 13:15:36 +03:00
Mehmet İnce fa542b9691 Adding platform and arch to top level 2018-12-25 15:56:25 +03:00
Mehmet İnce 9481ad04f2 Adding support for ARCH_CMD and updating docs 2018-12-20 12:12:01 +03:00
Mehmet İnce 68ceb08957 Fixing minor issues such as err codes 2018-12-19 22:17:34 +03:00
Mehmet İnce e5c8c18ded Adding Mailcleaner exec 2018-12-19 17:35:40 +03:00
William Vu cb5648a1c7 Add WEBUI_PORT to hp_van_sdn_cmd_inject exploit 2018-12-13 12:22:36 -06:00
William Vu e69f006992 Remove CommandShell mixin in exploits 
This was cargo culting. Exploits use handler instead of start_session.
 2018-12-12 15:43:13 -06:00
Tod Beardsley 140833215f Add CVE as issued by DWF 
See discussion on #10987.

Now that I said that out loud, I realize that the original PR for this
module is a really funny PR number.
 2018-12-06 14:59:05 -06:00
Jacob Robles dec08a0b43 Land #10954, apache spark unauth rce module 2018-11-29 13:56:21 -06:00
Jacob Robles 01af176679 Change delay implementation 2018-11-29 10:05:47 -06:00
Jacob Robles ed6c2896e3 Remove duplicate check 2018-11-29 10:04:51 -06:00
Jacob Robles 8508824cc2 Modify check logic 2018-11-29 10:04:05 -06:00
Green-m 4888ec0c29 Delete unused variable. 2018-11-29 10:48:25 +08:00
Green-m ca0a2684f5 Randomize payload main class. 2018-11-28 11:26:51 +08:00
h00die 63125bbc1a update imap_open refs 2018-11-27 20:31:57 -05:00
Brent Cook b05bb616bf Land #10987, add exploit for PHP imap_open function against various web apps 2018-11-27 16:44:51 -06:00
Brent Cook 0fddb8e31c Land #10768, Exploit for Netgear CVE-2016-1555 2018-11-26 11:45:10 -06:00
h00die e2d58afe13 cleaned up code, added custom 2018-11-25 10:59:53 -05:00
Brendan Coles debf79416b Replace WsfDelay with WfsDelay - Fixes #11018 2018-11-25 04:22:11 +00:00
h00die 945755b058 add custom php_imap target 2018-11-24 14:18:13 -05:00
h00die 45f2c5beb2 update php_imap_open docs 2018-11-24 07:26:42 -05:00
h00die e36cef3b96 e107 exploitable now 2018-11-23 20:16:53 -05:00
Green-m 2197da4cd9 Fix code as jrobles suggest. 2018-11-21 11:24:50 +08:00
h00die acf421ffb0 remove eol spaces 2018-11-20 19:45:17 -05:00
h00die 31ad58fb91 edb and author 2018-11-20 19:30:43 -05:00
h00die 4111a61e1a fix module description 2018-11-20 18:35:20 -05:00
h00die 4c59a271e2 added suitecrm to imap_open exploit 2018-11-20 18:33:42 -05:00
Green-m 9884bea84e Update the reference link. 2018-11-20 17:39:01 +08:00
Green-m 9f573d6f27 Fix code as jrobles suggest. 2018-11-20 16:54:22 +08:00
h00die a28feed7d8 fix normalize and date 2018-11-19 04:00:58 -05:00
h00die 4b09584047 php_imap_open_rce 2018-11-18 21:28:19 -05:00
William Vu 90b9204703 Update DisclosureDate to ISO 8601 in my modules 
Basic msftidy fixer:

diff --git a/tools/dev/msftidy.rb b/tools/dev/msftidy.rb
index 9a21b9e398..e9ff2b21e5 100755
--- a/tools/dev/msftidy.rb
+++ b/tools/dev/msftidy.rb
@@ -442,6 +442,8 @@ class Msftidy
     # Check disclosure date format
     if @source =~ /["']DisclosureDate["'].*\=\>[\x0d\x20]*['\"](.+?)['\"]/
       d = $1  #Captured date
+      File.write(@full_filepath, @source.sub(d, Date.parse(d).to_s))
+      fixed('Probably updated traditional DisclosureDate to ISO 8601')
       # Flag if overall format is wrong
       if d =~ /^... (?:\d{1,2},? )?\d{4}$/
         # Flag if month format is wrong
 2018-11-16 12:18:28 -06:00
Green-m f43aaac290 Clean code. 2018-11-14 16:48:39 +08:00
Green-m 7cc4d09a92 Clean code. 2018-11-14 10:35:38 +08:00
Green-m 388aebc335 Add exploit module for spark unauthenticated rce. 2018-11-12 17:07:50 +08:00
Imran E. Dawoodjee 16d146fd59 Fixing indentation. 2018-11-12 13:24:00 +08:00
Imran E. Dawoodjee 3e4df06500 Some more modifications 
Placed contents of request_post into execute_command
Randomized fingerprint with rand_text_alpha(12)
Spaces at EOL fixed
Normalized target URI
 2018-11-12 13:04:42 +08:00
Imran E. Dawoodjee 818cb37aca Implemented changes recommended by @bcoles. 2018-11-12 12:26:23 +08:00
Brendan Coles 1f14a9846d Land #10767, Add Cisco Prime Infrastructure remote root exploit 2018-11-10 17:08:16 +00:00
Green-m 981893a8bf Merge branch 'master' into sparkrce 2018-11-09 14:12:33 +08:00