adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
41,886 Commits 27 Branches 1,043 Tags
f8a94de6710abe3042a26a9dca38dcccff2c93be
Commit Graph

10172 Commits

Author SHA1 Message Date
Mehmet Ince dadafd1fdf Use data:// instead of bogus web server and check() improvements. 2016-07-26 13:31:46 +03:00
wchen-r7 1016cb675d Land #7107, Use VHOST info for redirection in firefox_proto_crmfrequest 2016-07-24 15:50:21 -05:00
wchen-r7 72caeaa72f Fix redirect url 2016-07-24 15:49:03 -05:00
Mehmet Ince 780e83dabb Fix for Opt params and Space limits 2016-07-22 20:48:15 +03:00
Mehmet Ince 7e9c5f9011 Fix for double space and indentation 2016-07-21 20:27:52 +03:00
Mehmet Ince 634ee93de4 Add Drupal CODER remote command execution 2016-07-21 20:23:54 +03:00
William Vu 32f1c83c9e Switch to single quotes 
Might as well, since we're avoiding escaping.
 2016-07-21 00:10:17 -05:00
William Vu 2e631cab5b Prefer quoting over escaping 
Having to escape backslashes in a single-quoted string sucks.
 2016-07-21 00:02:08 -05:00
William Vu c6b309d5c9 Fix drupal_restws_exec check method false positive 2016-07-20 23:28:49 -05:00
William Vu 8bd6db8bd7 Land #7108, Drupal RESTWS exploit 2016-07-20 13:49:37 -05:00
William Vu b49a847c98 Fix additional things 2016-07-20 13:49:23 -05:00
Mehmet Ince 51bb950201 Avoid return where not required 2016-07-20 21:27:51 +03:00
Mehmet Ince b0a0544627 Remove random string from URI 2016-07-20 20:50:10 +03:00
Pedro Ribeiro c93e88f3a3 Make changes requested by wvu-r7 2016-07-20 14:21:04 +02:00
James Lee b057a9486c Don't use ssh agent 2016-07-19 17:07:22 -05:00
James Lee ff63e6e05a Land #7018, unvendor net-ssh 2016-07-19 17:06:35 -05:00
Mehmet Ince 089816236d Remove double spaces and fix checkcode 2016-07-20 00:01:25 +03:00
Mehmet Ince 9c8e351ba8 Use vars_get un send_request_cgi 2016-07-19 20:12:14 +03:00
Mehmet Ince ec2f8fcc71 Change check method and use meterpreter instead of unix cmd 2016-07-19 11:13:06 +03:00
forzoni 6f35a04e21 Incorporate review fixes, ensure PrependFork is true, fix echo compat. 2016-07-19 01:45:56 -05:00
Mehmet Ince 650034b600 Use normalize_uri params instead of string concatenation 2016-07-19 01:01:05 +03:00
Mehmet Ince c8deb54938 Add Drupal RESTWS Remote Unauth PHP Code Exec 2016-07-18 21:32:10 +03:00
RageLtMan 14c9569afa 2013-1710 - Use header VHOST info for redirection 
When this exploit is hit by hostname, the HTTP request contains
a Host header field which does not match the IP-based redirection.
Update the module to check request headers for host information,
and fallback to the prior behavior if none exists.

Tested in conjunction with #6611 DNS spoofer - works great, see
issue #7098 for details.
 2016-07-17 04:50:54 -04:00
Brent Cook b08d1ad8d8 Revert "Land #6812, remove broken OSVDB references" 
This reverts commit 2b016e0216, reversing
changes made to 7b1d9596c7.
 2016-07-15 12:00:31 -05:00
h00die 03dca5fee2 updates round 2 2016-07-15 09:02:23 -04:00
h00die 33ce3ec3ed fixes round 2 2016-07-15 08:44:39 -04:00
Brendan 8968a6603e Syntax cleanup 2016-07-14 13:25:31 -07:00
Brendan 927b3a88a1 Changed to one delete 2016-07-14 13:11:59 -07:00
David Maloney b6b52952f4 set ssh to non-interactive 
have to set the non-interactive flag so that it does not
prompt the user on an incorrect password

MS-1688
 2016-07-14 11:12:03 -05:00
David Maloney 01d0d1702b Merge branch 'master' into feature/MS-1688/net-ssh-cleanup 2016-07-14 09:48:28 -05:00
William Vu b2c3267a2a Land #7042, fetch_ninja_form_nonce/wponce fix 2016-07-13 11:38:11 -05:00
wchen-r7 8f928c6ca1 Land #7006, Add MS16-032 Local Priv Esc Exploit 2016-07-12 15:22:35 -05:00
wchen-r7 815c426b4d Match naming style 2016-07-12 15:18:39 -05:00
wchen-r7 f11b84f106 Update wfsdelay and check for ms16-032 2016-07-12 15:17:21 -05:00
William Vu f164afaef8 Land #6932, joomla_contenthistory_sqli_rce fixes 2016-07-12 14:26:49 -05:00
William Vu 310332b521 Clean up module 2016-07-12 11:17:10 -05:00
wchen-r7 b869b890c7 Land #7090, Add module for Tikiwiki Upload Exec 2016-07-12 11:16:50 -05:00
wchen-r7 2471e8bc8c Add FileDropper to cleanup properly 2016-07-12 11:16:18 -05:00
William Vu 277950cc79 Land #6733, psexec StackAdjustment fix 2016-07-12 11:14:16 -05:00
Mehmet Ince 43833c8756 Fixing double normalize function call 2016-07-12 07:30:18 +03:00
Brent Cook 2b016e0216 Land #6812, remove broken OSVDB references 2016-07-11 22:59:11 -05:00
Brent Cook a530aa4cf1 restrict perms a bit more 2016-07-11 22:22:34 -05:00
Brent Cook a107a0f955 remove unneeded rport/rhost defines 2016-07-11 22:22:34 -05:00
Brent Cook 6bf51fe064 streamline payload generation 2016-07-11 22:22:34 -05:00
Brent Cook 7ef6c8bf9e ruby style updates 2016-07-11 22:22:33 -05:00
Brent Cook c1f51e7ddf Update and fixup module against OpenNMS-16 2016-07-11 22:22:33 -05:00
benpturner 50746eec29 Fixes comments in regards to #{peer} 2016-07-11 22:22:33 -05:00
benpturner ce8317294f New module to exploit the OpenNMS Java Object Unserialization RCE vulnerability. This now gets flagged inside Nessus and there was no Metasploit module to exploit this. 
This module exploits the vulnerability to a full session.
 2016-07-11 22:22:32 -05:00
khr0x40sh 7211936f96 Fix Payload exit issue 
Fixed payload exiting issue by adding while ($true){Start-Sleep 1000};
statement.
 2016-07-11 16:21:08 -04:00
Mehmet Ince fc56ab6722 Fixing some coding style because of rubocop 2016-07-11 23:10:18 +03:00