adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
43,772 Commits 27 Branches 1,043 Tags
ef282ea15487ef709d4e4e40a5ea359034e4bd33
Commit Graph

475 Commits

Author SHA1 Message Date
h00die 7a87e11767 land #8781 Utilize Rancher Server to exploit hosts 2017-10-07 13:04:34 -04:00
h00die 7535fe255f land #8736 RCE for orientdb 2017-10-06 14:35:42 -04:00
h00die e7aa06c1c4 fix documentation 2017-10-06 14:29:39 -04:00
Martin Pizala 701d628a1b Features for selecting the target 2017-10-01 02:04:10 +02:00
bigendiansmalls 9ae8bdda1c Added Bind Shell JCL Payload for mainframe 
The bind shell is the companion payload to the reverse_shell_jcl
payload for the mainframe platform.
 2017-09-29 16:52:36 -05:00
William Vu 9b75ef7c36 Land #8343, qmail Shellshock module 2017-09-29 00:28:30 -05:00
Martin Pizala f973ff13b6 Add some lines to Exploit Detection and Mitigation 2017-09-29 00:55:53 +02:00
Martin Pizala 40c58e3017 Function for selecting the target host 2017-09-28 23:43:59 +02:00
Martin Pizala cc98e80002 Change arch to ARCH_X64 2017-09-28 20:50:18 +02:00
William Vu 98ae054b06 Land #8931, Node.js debugger exploit 2017-09-25 14:00:13 -05:00
h00die 4d1e51a0ff Land #8906 RCE for supervisor 2017-09-24 08:03:30 -04:00
h00die 9528f279a5 cleaned up version, and docs 2017-09-23 10:51:52 -04:00
Mehmet Ince 3d543b75f5 Fixing typos and replacing double quotes with single 2017-09-21 23:48:12 +03:00
Mehmet Ince ee969ae8e5 Adding DenyAll RCE module 2017-09-19 14:53:37 +03:00
loftwing e3deaadcc7 Documentation added 2017-09-14 11:52:15 -05:00
Martin Pizala 5ae708081d Wording, reviewer remarks 2017-09-11 23:25:10 +02:00
Brent Cook 8f864c27e3 Land #8924, Add Apache Struts 2 REST Plugin XStream RCE 2017-09-08 13:59:52 -05:00
Brent Cook 54a62976f8 update versions and add quick module docs 2017-09-08 13:59:29 -05:00
dmohanty-r7 c91ef1f092 Land #8768, Add Docker Daemon TCP exploit module 2017-09-08 12:50:00 -05:00
Patrick Thomas 637b83a0ea add docs for nodejs debugger eval exploit 2017-09-06 22:29:46 -07:00
h00die be66ed8af3 Land #8788 exploits for Gh0st and PlugX malware controllers 2017-09-05 20:42:07 -04:00
h00die d05c401866 modules cleanup and add docs 2017-09-04 20:57:23 -04:00
Calum Hutton 52c8fff3cb Make options a list 2017-08-30 03:10:46 +01:00
Calum Hutton 42ab00fd2c Add documentation for module 2017-08-30 03:10:46 +01:00
Brent Cook 202c936868 Land #8826, git submodule remote command execution 2017-08-29 18:11:32 -05:00
Brent Cook 8928197584 rename module docs so they are viewable 2017-08-29 18:09:30 -05:00
Tim e1b38ac3a3 fix malicious typo 2017-08-29 17:52:51 +08:00
Tim 5631ddc246 add docs for the git submodule vulnerability 2017-08-29 17:06:30 +08:00
james 5bf1d916bc Fix uneven quotes in various documentation files 
Uneven quotes lead to malformed markdown, which will not render as intended.
Even out the quotes in several files.
 2017-08-26 19:12:48 -05:00
William Vu 4c285c0129 Land #8827, QNAP Transcode Server RCE 2017-08-22 23:07:01 -05:00
h00die a0585dcb9e Land #8872 docs for octopusdeploy_deploy 2017-08-22 21:36:44 -04:00
james 7f8e6b83dc Update documentation for exploit/windows/http/octopusdeploy_deploy 
Remove self explanatory options.
 2017-08-21 19:47:24 -05:00
james 60215297be Update documentation for exploit/windows/http/octopusdeploy_deploy 
Fix awkward wording.
 2017-08-21 19:17:41 -05:00
james de9392995a Add documentation for exploit/windows/http/octopusdeploy_deploy 2017-08-21 19:11:36 -05:00
Brent Cook eabe4001c2 Land #8492, Add IBM OpenAdmin Tool SOAP welcomeServer PHP Code Execution module 2017-08-20 18:48:22 -05:00
Brent Cook 840c0d5f56 Land #7808, add exploit for VMware VDP with known ssh private key (CVE-2016-7456) 2017-08-20 17:36:45 -05:00
Brent Cook 2eba188166 Land #8789, Add COM class ID hijack method for bypassing UAC 2017-08-20 13:57:17 -05:00
OJ 408a83a36b Added comhijack module documentation 2017-08-16 13:05:27 +10:00
Brendan Coles 60f7534969 Add documentation 2017-08-15 03:43:22 +00:00
Brent Cook da3ca9eb90 update some documentation 2017-08-03 17:09:44 -05:00
Yorick Koster 67dddd2402 Typo reported by @nixawk 2017-08-02 15:47:21 -05:00
Yorick Koster 3229320ba9 Code review feedback from @nixawk 2017-08-02 15:46:51 -05:00
Yorick Koster 565a3355be CVE-2017-8464 LNK Remote Code Execution Vulnerability 
This module exploits a vulnerability in the handling of Windows
Shortcut files (.LNK) that contain a dynamic icon, loaded from a
malicious DLL.

This vulnerability is a variant of MS15-020 (CVE-2015-0096). The
created LNK file is similar except in an additional
SpecialFolderDataBlock is included. The folder ID set in this
SpecialFolderDataBlock is set to the Control Panel. This is enought to
bypass the CPL whitelist. This bypass can be used to trick Windows into
loading an arbitrary DLL file.
 2017-08-02 15:46:30 -05:00
Martin Pizala d7d64286e2 Add documentation for exploit module Rancher Server - Docker Exploit 2017-07-28 08:04:59 +02:00
Martin Pizala dd0c78484a Fix mistake 2017-07-26 02:17:51 +02:00
Martin Pizala cd418559bc Docker Daemon - Unprotected TCP Socket Exploit 2017-07-26 00:21:35 +02:00
Ricardo Almeida fe5c6dc28f Orientdb 2.2.x RCE - Update documentation 2017-07-24 10:09:06 +01:00
Brent Cook 7c55cdc1c8 fix some module documentation 
3 modules got documentation landed in the wrong spot. This also fixes a few
typos and improves formatting.
 2017-07-23 07:46:52 -07:00
Pearce Barry 6bb745744b Land #8471, Add VICIdial user_authorization Unauthenticated Command Execution module 2017-07-21 15:57:08 -05:00
Ricardo Almeida 00a817d228 Orientdb 2.2.x RCE - Add documentation 2017-07-20 09:03:26 +01:00