adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
41,886 Commits 27 Branches 1,043 Tags
f8a94de6710abe3042a26a9dca38dcccff2c93be
Commit Graph

21851 Commits

Author SHA1 Message Date
William Webb c21d78b23b Land #8186, Convert DNS Fuzzer to use bindata 2017-04-11 23:27:08 -05:00
William Webb c867b7e228 Land #8204, Add Cambian ePMP SNMP Configuration download 2017-04-11 10:59:13 -05:00
William Vu 288e384164 Land #8189, irssi password post gather module 2017-04-10 23:34:54 -05:00
Jonathan Claudius 96927b449c Rework module to grab entire irssi configs 2017-04-11 00:02:40 -04:00
Jonathan Claudius 6a1531da34 Fix loot name attributes 2017-04-10 23:52:31 -04:00
Jonathan Claudius d92f94e077 Fix grammar issue 2017-04-10 23:44:18 -04:00
Jonathan Claudius d9e96a8b4f Consolidate loot into single file 2017-04-10 23:42:50 -04:00
Jonathan Claudius 7f6bbb6ff2 Fix trailing space issue 2017-04-10 21:38:30 -04:00
Jonathan Claudius 9432a3543f Extend irssi post mod to grab network passwords 2017-04-10 15:35:26 -04:00
Jonathan Claudius 47d74819a5 Update regex per reviewer request 2017-04-10 14:45:10 -04:00
Jonathan Claudius d816092c56 Fix missing new line 2017-04-10 14:41:25 -04:00
William Vu 06ca406d18 Fix weird whitespace 2017-04-09 22:23:58 -05:00
juushya 3c189f0cb0 Adding Cambium SNMP Loot module 2017-04-07 01:32:45 +05:30
Christian Mehlmauer 74dc7e478f update piwik module 2017-04-05 20:19:07 +02:00
bwatters-r7 dd5a91f153 Land #8008, Added archmigrate module for windows sessions 2017-04-05 08:55:27 -05:00
Koen Riepe 08b2a97293 Changed styling to be more in line with rubocop. 2017-04-05 10:05:56 +02:00
Jonathan Claudius b8af7c1db0 Add irssi password post gather module 2017-04-05 00:56:24 -04:00
bwatters-r7 64c06a512e Land #8020, ntfs-3g local privilege escalation 2017-04-04 09:48:15 -05:00
Brent Cook 891e7e465e convert DNS fuzzer to bindata 2017-04-04 03:03:32 -05:00
Brent Cook 98ffa4d380 Land #7652, add varnish cache CLI authentication scanner module 2017-04-02 21:52:45 -05:00
Brent Cook 4c0539d129 Land #8178, Add support for non-Ruby modules 2017-04-02 21:02:37 -05:00
h00die a34c01ebd2 Land #8137 shodan honeyscore module 2017-04-02 21:37:36 -04:00
h00die 0092818893 Land #8169 add exploit rank where missing 2017-04-02 20:59:25 -04:00
Bryan Chu 151ed16c02 Re-ranking files 
../exec_shellcode.rb
Rank Great -> Excellent

../cfme_manageiq_evm_upload_exec.rb
Rank Great -> Excellent

../hp_smhstart.rb
Rank Average -> Normal
 2017-04-02 18:33:46 -04:00
h00die e80b8cb373 move sploit.c out to data folder 2017-03-31 20:51:33 -04:00
William Webb 035f37cf42 Land #8144, Add Moxa Device Discovery Scanner Module 2017-03-31 19:11:27 -05:00
William Webb f870f94fa9 Land #8163, Add Cambium ePMP Arbitrary Command Execution 2017-03-31 19:06:19 -05:00
Adam Cammack 6910cb04dd Add first exploit written in Python 2017-03-31 17:07:55 -05:00
h00die 823c1a6286 added more verifieds 2017-03-31 16:52:20 -04:00
h00die 23ac9214ea land #8010 post gather module for tomcat creds 2017-03-31 16:15:55 -04:00
h00die 34a152dc76 handle no sysinfo from ssh_login 2017-03-31 16:15:16 -04:00
Pearce Barry ab4d86fd21 Land #8168, change description of alpha encoders 2017-03-31 11:37:12 -05:00
dmohanty-r7 1ce7bf3938 Land #8126, Add SolarWind LEM Default SSH Pass/RCE 2017-03-31 11:21:32 -05:00
dmohanty-r7 c445a1a85a Wrap ssh.loop with begin/rescue 2017-03-31 11:16:10 -05:00
Koen Riepe 628827cda9 Added some documentation and gracefull error handeling. 2017-03-31 12:45:30 +02:00
Koen Riepe df2a9a4af3 Added documentation file and implemented fixes for output and linux parsing. 2017-03-31 11:19:12 +02:00
Bryan Chu 5e31a32771 Add missing ranks 
../exec_shellcode.rb
Rank = Great
This exploit is missing autodetection and version checks,
but should be ranked Great due to high number of possible targets

../cfme_manageiq_evm_upload_exec.rb
Rank = Great
This exploit implements a check to assess target availability,
and the vulnerability does not require any user action

../dlink_dcs_930l_authenticated_remote_command_execution
Rank = Excellent
Exploit utilizes command injection

../efw_chpasswd_exec
Rank = Excellent
Exploit utilizes command injection

../foreman_openstack_satellite_code_exec
Rank = Excellent
Exploit utilizes code injection

../nginx_chunked_size
Rank = Great
Exploit has explicit targets with nginx version auto-detection

../tp_link_sc2020n_authenticated_telnet_injection
Rank = Excellent
See dlink_dcs_930l_authenticated_remote_command_execution,
exploit uses OS Command Injection

../hp_smhstart
Rank = Average
Must be specific user to exploit, no autodetection,
specific versions only
 2017-03-31 02:39:44 -04:00
Christian Mehlmauer 0a398a59c5 change description 2017-03-30 20:06:23 +02:00
bwatters-r7 6bcb9b523b Land #8165, Fix x86 mettle shellcode 2017-03-30 11:45:11 -05:00
Pearce Barry a13d6a7810 Land #8166, Add new SMB LoginScanner using RubySMB for SMB1/SMB2 Support 2017-03-30 11:08:17 -05:00
Pearce Barry ac83ff7e48 Land #8155, Style fixes for HWBridge RF and a couple small bug fixes 2017-03-29 20:37:13 -05:00
Carter 4bdbdc0e00 Fix response parsing 2017-03-29 18:21:12 -05:00
bwatters-r7 691811af5a Land #7994, Add Windows Gather DynaZIP Saved Password Extraction post module 2017-03-29 16:04:09 -05:00
David Maloney a571bcdba4 update module description 2017-03-29 13:58:36 -05:00
David Maloney 418e371e35 add SMB2 login scanner and module 
add smb2_login module backed by an smb2
LoginScanner class. This is a temporary alternative
to smb_login until ruby_smb catches up more on feature parity

MS-2557
 2017-03-29 11:36:33 -05:00
Adam Cammack 2758010355 Fix x86 mettle shellcode 2017-03-28 17:59:13 -05:00
juushya 30896d1fab Add Cambium ePMP Arbitrary Command Execution Module 2017-03-28 00:17:36 +05:30
William Webb 66a585ab41 Land #8050, Add Cambium ePMP System Hash Dumper 2017-03-27 12:08:53 -05:00
William Webb 935c59306b Land #7897, Add Cambium ePMP 1000 Device Configuration file dumper 2017-03-27 12:05:11 -05:00
William Webb d705949b37 Land #7784, Cambium ePMP 1000 Login Scanner 2017-03-27 12:01:56 -05:00