adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
41,886 Commits 27 Branches 1,043 Tags
f8a94de6710abe3042a26a9dca38dcccff2c93be
Commit Graph

5244 Commits

Author SHA1 Message Date
wizard32 c55e2e58f0 'raw_headers' Updated 2017-01-05 15:19:17 +02:00
wizard32 1d82ee0470 'raw_headers' field Updated 2017-01-05 15:17:17 +02:00
wizard32 c29a9ac00f Show Info updated 2017-01-05 14:18:38 +02:00
wizard32 1a38caa230 Encode - Decode code Updated 2017-01-05 13:07:34 +02:00
wizard32 9f4be89391 Update websphere_java_deserialize.rb 
Update information "Options" field
 2017-01-05 12:38:54 +02:00
wizard32 82e49fb27e Update websphere_java_deserialize.rb 2017-01-04 10:23:48 +02:00
wizard32 b06c5bac2f Invalid CVE format and Spaces at EOL fixed 2017-01-03 21:45:22 +02:00
wizard32 0722944b47 Invalid CVE format fixed 2017-01-03 21:38:32 +02:00
wizard32 8534fde50f Websphere Java Deserialization (RCE) 
This module exploits a vulnerability in IBM's WebSphere Application Server. An unsafe deserialization call of unauthenticated Java objects exists to the Apache Commons Collections (ACC) library, which allows remote arbitrary code execution. Authentication is not required in order to exploit this vulnerability.
 2017-01-03 16:04:51 +02:00
wchen-r7 174cd74900 Land #7532, Add bypass UAC local exploit via Event Viewer module 2016-12-01 11:16:49 -06:00
wchen-r7 1e9d80c998 Fix another typo 2016-12-01 11:16:06 -06:00
wchen-r7 b8243b5d10 Fix a typo 2016-12-01 11:15:26 -06:00
OJ 6890e56b30 Remove call to missing function 2016-12-01 07:57:54 +10:00
David Maloney d1be2d735f Land #7578, pdf-shaper exploit 
Land lsato's work on the pdf-shaper buffer overflow
exploit
 2016-11-30 11:13:12 -06:00
OJ 6ae8a2dd2e Remove unused/empty function body 2016-11-21 17:59:49 +10:00
OJ 8c036885bc Fix msftidy issues 2016-11-21 17:23:03 +10:00
OJ e226047457 Merge 'upstream/master' into the bypassuac via eventvwr mod 2016-11-21 17:18:40 +10:00
Brent Cook 005d34991b update architecture 2016-11-20 19:09:33 -06:00
Brent Cook f313389be4 Merge remote-tracking branch 'upstream/master' into land-7507-uuid-arch 2016-11-20 19:08:56 -06:00
Louis Sato 920ecf6fc5 finishing metacoms work for pdf-shaper-bo 2016-11-18 11:36:02 -06:00
wchen-r7 e1ff37f3eb Title change and handling Rex::TimeoutError exception 2016-11-16 16:23:44 -06:00
wchen-r7 7b83720b90 Bring #6638 up to date 2016-11-15 12:27:05 -06:00
wchen-r7 fa9f2b340e def setup isn't needed 2016-11-14 15:52:02 -06:00
wchen-r7 bab07b5691 Bring #7540 up to date 2016-11-14 14:59:21 -06:00
William Webb 4e40546958 Land #7502, Disk Pulse Enterprise Login Buffer Overflow 2016-11-14 10:28:53 -06:00
Chris Higgins 4e9802786c Removed spaces causing build to fail 2016-11-13 21:46:24 -06:00
scriptjunkie 268a72f210 Land #7193 Office DLL hijack module 2016-11-08 23:15:27 -06:00
Yorick Koster 3c1f642c7b Moved PPSX to data/exploits folder 2016-11-08 16:04:46 +01:00
Chris Higgins 099a5984f9 Updated with style suggestions from msftidy and rubocop. 
Also updated with commented from other contributors.
 2016-11-07 10:18:52 -06:00
Chris Higgins 689fc28d1b Added WinaXe 7.7 FTP client Server Ready buffer overflow 2016-11-06 23:35:16 -06:00
OJ 4bf966f695 Add module to bypassuac using eventvwr 
This module was inspired by the work done by Matt Nelson and Matt
Graeber who came up with the method in the first place. This works
nicely on a fully patched Windows 10 at the time of writing.
 2016-11-05 04:41:38 +10:00
OJ 3c57ff5c59 Avoid internal constants for bypassuac file path generation 2016-11-01 01:32:24 +10:00
OJ 6ce7352c45 Revert silly change in applocker bypass 2016-11-01 01:30:54 +10:00
OJ 57eabda5dc Merge upstream/master 2016-10-29 13:54:31 +10:00
OJ 0737d7ca12 Tidy code, remove regex and use comparison for platform checks 2016-10-29 13:41:20 +10:00
OJ 1ca2fe1398 More platform/arch/session fixes 2016-10-29 08:11:20 +10:00
Chris Higgins c153686465 Added Disk Pulse Enterprise Login Buffer Overflow 2016-10-27 21:49:17 -05:00
OJ 1d617ae389 Implement first pass of architecture/platform refactor 2016-10-28 07:16:05 +10:00
Brent Cook ed35bf5011 remove unneeded badchars from payload specification 2016-10-26 04:47:33 -05:00
Pearce Barry 51ffea3e03 Land #7470, fixes bad file refs for cmdstagers 2016-10-21 14:01:04 -05:00
Pearce Barry 9a0307b0c0 Land #7369, Panda Antivirus Priv Esc 2016-10-21 13:20:41 -05:00
David Maloney 6b77f509ba fixes bad file refs for cmdstagers 
when moving to the rex-exploitation gem some of the
file references were missed, partially due to silly differences
between how each file was referenced

Fixes #7466
 2016-10-21 12:31:18 -05:00
h00die 12e4fe1c5c updated dlls and docs 2016-10-20 20:45:50 -04:00
OJ 25238f1a26 Update capcom exploit module to support Windows 10 2016-10-15 11:56:48 +10:00
Pearce Barry a2a1d6c28a Land #7411, Add an HTA server module using Powershell 2016-10-12 13:05:40 -05:00
Spencer McIntyre bd110430e9 Remove unnecessary require statements 2016-10-11 15:35:49 -04:00
Catatonic Prime da307a5312 Adding description of the module 2016-10-10 06:22:11 +00:00
Catatonic Prime 467f9e700d msftidy fixes for title & removing unused dependency 2016-10-10 06:11:29 +00:00
Catatonic Prime 6cbae172f8 Adding Ektron 8.5 Web Service XSLT RCE 2016-10-10 05:21:45 +00:00
wchen-r7 0e57808914 Update to class name MetasploitModule 2016-10-08 14:06:35 -05:00