adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
41,886 Commits 27 Branches 1,043 Tags
f8a94de6710abe3042a26a9dca38dcccff2c93be
Commit Graph

10172 Commits

Author SHA1 Message Date
HD Moore 779a7c0f68 Switch to the default rails server port 2016-05-03 02:06:58 -05:00
HD Moore 8b04eaaa60 Clean up various whitespace 2016-05-03 02:06:37 -05:00
wchen-r7 df44dc9c1c Deprecate exploits/linux/http/struts_dmi_exec 
Please use exploits/multi/http/struts_dmi_exec, which supports
Windows and Java targets.
 2016-05-02 15:03:25 -05:00
HD Moore 3300bcc5cb Make msftidy happier 2016-05-02 02:33:06 -05:00
HD Moore 67c9f6a1cf Add rails_web_console_v2_code_exec, abuse of a debug feature 2016-05-02 02:31:14 -05:00
join-us 6a00f2fc5a mv exploits/linux/http/struts_dmi_exec.rb to exploits/multi/http/struts_dmi_exec.rb 2016-05-01 00:00:29 +08:00
join-us ec66410fab add java_stager / windows_stager | exploit with only one http request 2016-04-30 23:56:56 +08:00
wchen-r7 73ac6e6fef Land #6831, Add CVE-2016-3081 Apache struts s2_032 DMI Code Exec 2016-04-29 11:53:47 -05:00
wchen-r7 d6a6577c5c Default payload to linux/x86/meterpreter/reverse_tcp_uuid 
Default to linux/x86/meterpreter/reverse_tcp_uuid for now because
of issue #6833
 2016-04-29 11:52:50 -05:00
join-us 288975a9ce rm modules/exploits/multi/http/struts_dmi_exec.rb 2016-04-30 00:44:31 +08:00
Security Corporation 9d279d2a74 Merge pull request #15 from wchen-r7/pr6831 
Changes for Apache struts from @wchen-r7
 2016-04-30 00:37:53 +08:00
join-us 15ffae4ae8 rename module name 2016-04-30 00:17:26 +08:00
join-us 1d95a8a76d rename struts_code_exec_dynamic_method_invocation.rb to struts_dmi_exec.rb 2016-04-30 00:13:34 +08:00
wchen-r7 97061c1b90 Update struts_dmi_exec.rb 2016-04-29 11:13:25 -05:00
join-us 9e56bb8358 send http request (get -> post) 2016-04-30 00:08:00 +08:00
wchen-r7 e9535dbc5b Address all @FireFart's feedback 2016-04-29 11:03:15 -05:00
wchen-r7 6f6558923b Rename module as struts_dmi_exec.rb 2016-04-29 10:34:48 -05:00
join-us 643591546e struts s2_032 rce - linux_stager 2016-04-29 10:49:56 +08:00
William Vu c16a02638c Add Oracle Application Testing Suite exploit 2016-04-26 15:41:27 -05:00
William Vu 0cb555f28d Fix typo 2016-04-26 15:26:22 -05:00
wchen-r7 4a95e675ae Rm empty references 2016-04-24 11:46:08 -05:00
wchen-r7 816bc91e45 Resolve #6807, remove all OSVDB references. 
OSVDB is no longer a vulnerability database, therefore all the
references linked to it are invalid.

Resolve #6807
 2016-04-23 12:32:34 -05:00
wchen-r7 4a435e8d13 Bring hp_dataprotector_install_service up to date w/ upstream-master 2016-04-22 13:42:41 -05:00
wchen-r7 db1d973ef0 Cosmetic changes for hp_dataprotector_install_service 2016-04-22 13:41:18 -05:00
dmohanty-r7 67968e912c Land #6785 Add CVE-2016-0854 Advantech WebAccess Arbitrary File Upload 2016-04-21 12:02:04 -05:00
504137480 c08872144f Update advantech_webaccess_dashboard_file_upload.rb 2016-04-21 09:33:03 +08:00
504137480 dcb9c83f98 Update advantech_webaccess_dashboard_file_upload.rb 2016-04-21 09:28:42 +08:00
Brent Cook 57cb8e49a2 remove overwritten keys from hashes 2016-04-20 07:43:57 -04:00
504137480 2400345fff Merge pull request #2 from open-security/advantech_webaccess_dashboard_file_upload 
Advantech webaccess dashboard file upload
 2016-04-19 12:59:32 +08:00
join-us 0407acc0ec add print_status with vuln_version? 2016-04-19 11:22:00 +08:00
join-us c88ddf1cc4 fix NilClass for res.body 2016-04-19 10:27:20 +08:00
thao doan fd603102db Land #6765, Fixed SQL error in lib/msf/core/exploit/postgres 2016-04-18 10:44:20 -07:00
xiaozhouzhou a895b452e6 fix 2016-04-19 00:21:26 +08:00
join-us ce9b692dd8 add print_status 2016-04-18 20:43:39 +08:00
join-us 7143668671 fix version_match 2016-04-18 20:31:32 +08:00
join-us 897238f3ec identify fingerpriint / make the code clear 2016-04-18 19:55:42 +08:00
504137480 7d1095bc08 Update advantech_webaccess_dashboard_file_upload.rb 2016-04-18 11:24:03 +08:00
504137480 47b5398152 Update advantech_webaccess_dashboard_file_upload.rb 2016-04-18 11:05:25 +08:00
504137480 ae23da39b8 Update advantech_webaccess_dashboard_file_upload.rb 2016-04-17 21:23:45 +08:00
504137480 ab9e988dd4 Update advantech_webaccess_dashboard_file_upload.rb 2016-04-17 21:15:03 +08:00
504137480 6c969b1c3b Update advantech_webaccess_dashboard_file_upload.rb 2016-04-17 18:49:56 +08:00
xiaozhouzhou 32192d3034 Advantech WebAccess Dashboard Viewer Arbitrary File Upload 
Advantech WebAccess Dashboard Viewer Arbitrary File Upload
 2016-04-17 11:29:06 +08:00
wchen-r7 a434622d21 Land #6769, Add CVE-2016-1593 Novell ServiceDesk Authenticated Upload 2016-04-15 18:59:37 -05:00
wchen-r7 92ef8f4ab3 Land #6751, Correct proftp version check at module runtime 2016-04-14 15:34:53 -05:00
Pedro Ribeiro 8dfe98d96c Add bugtraq reference 2016-04-14 10:23:53 +01:00
William Vu 252632a802 Use %w{} for a couple things 
Why not? :)
 2016-04-13 19:38:57 -05:00
William Vu de004d7da3 Line up some hash rockets 2016-04-13 19:32:35 -05:00
William Vu f8e4253e2f Add telnet to RequiredCmd 
Baffles me that cmd/unix/reverse isn't cmd/unix/reverse_telnet.
 2016-04-13 18:22:28 -05:00
William Vu 07ee18a62b Do something shady with the exploit method 
Hat tip @acammack-r7.
 2016-04-13 18:15:17 -05:00
William Vu 43e74fce9e Add Exim privesc 2016-04-13 17:51:20 -05:00