adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
41,886 Commits 27 Branches 1,043 Tags
f8a94de6710abe3042a26a9dca38dcccff2c93be
Commit Graph

10172 Commits

Author SHA1 Message Date
joev 22aae81006 Rename to exec_payload. 2016-01-02 14:13:54 -06:00
joev 6575f4fe4a Use the cmdstager mixin. 2016-01-02 14:09:56 -06:00
joev a88471dc8d Add ADB client and module for obtaining shell. 2016-01-02 01:13:53 -06:00
Micheal 5c9c27691e Execute commands on postgres through built-in functionality 2016-01-01 04:26:20 -08:00
Micheal 2fd796a699 Execute commands on postgres through built-in functionality 2016-01-01 03:51:00 -08:00
Micheal 814bf2a102 Execute commands on postgres through built-in functionality 2016-01-01 02:43:56 -08:00
Micheal fa3431c732 Pushing now. Still working on it. 2015-12-26 17:53:52 -05:00
g0tmi1k 9120a6aa76 iis_webdav_upload_asp: Add COPY and a few other tricks 2015-12-26 16:01:46 +00:00
Jon Hart 283cf5b869 Update msftidy to catch more potential URL vs PACKETSTORM warnings 
Fix the affected modules
 2015-12-24 09:12:24 -08:00
Jon Hart 27a6aa0be1 Fix current msftidy warnings about PACKETSTORM vs URL 2015-12-24 09:05:02 -08:00
Jon Hart efdb6a8885 Land #6392, @wchen-r7's 'def peer' cleanup, fixing #6362 2015-12-24 08:53:32 -08:00
Jon Hart 0f2f2a3d08 Remove peer; included via Exploit::Remote::Tcp in lib/msf/core/exploit/mysql.rb 2015-12-24 07:46:55 -08:00
Brent Cook e4f9594646 Land #6331, ensure generic payloads raise correct exceptions on failure 2015-12-23 15:43:12 -06:00
Brent Cook 7444f24721 update whitespace / syntax for java_calendar_deserialize 2015-12-23 15:42:27 -06:00
wchen-r7 cea3bc27b9 Fix #6362, avoid overriding def peer repeatedly 
def peer is a method that gets repeated a lot in modules, so we
should have it in the tcp mixin. This commit also clears a few
modules that use the HttpClient mixin with def peer.
 2015-12-23 11:44:55 -06:00
Brent Cook 493700be3a remove duplicate key warning from Ruby 2.2.x 
This gets rid of the warning:

modules/exploits/multi/http/uptime_file_upload_2.rb:283: warning: duplicated key at line 284 ignored: "newuser"
 2015-12-23 10:39:35 -06:00
Christian Mehlmauer 424e7b6bfe Land #6384, more joomla rce references 2015-12-22 22:54:58 +01:00
JT 18398afb56 Update joomla_http_header_rce.rb 2015-12-23 05:48:26 +08:00
JT cc40c61848 Update joomla_http_header_rce.rb 2015-12-23 05:38:57 +08:00
Christian Mehlmauer f6eaff5d96 use the new and shiny joomla mixin 2015-12-22 21:36:42 +01:00
JT 314e902098 Add original exploit discoverer and exploit-db ref 
Adding Gary @ Sec-1 ltd for the original exploit and two exploit-db references. Marc-Alexandre Montpas modified Gary's exploit that uses "User-Agent" header. Marc-Alexandre Montpas used "X-FORWARDED-FOR" header to avoid default logged to access.log
 2015-12-22 22:44:59 +08:00
Louis Sato 3034cd22df Land #6372, fix psexec nil bug + missing return 2015-12-21 10:59:10 -06:00
William Vu f129c0363e Fix broken logic 
Forgot to set retval when I removed the ensure.
 2015-12-21 10:52:03 -06:00
Louis Sato 726578b189 Land #6370, add joomla reference 2015-12-18 17:05:07 -06:00
William Vu afe4861195 Fix nil bug and missing return 2015-12-18 15:54:51 -06:00
Christian Mehlmauer fb6ede80c9 add joomla reference 2015-12-18 18:27:48 +01:00
wchen-r7 485196af4e Remove modules/exploits/multi/http/uptime_file_upload.rb 
Please use exploit/multi/http/uptime_file_upload_1 for exploiting
post2file.php on an older version of uptime.

If you are exploiting uptime that is patched against
exploit/multi/http/uptime_file_upload_1, then you may want to try
exploit/multi/http/uptime_file_upload_2.
 2015-12-17 23:01:57 -06:00
wchen-r7 06f1949e2c Land #6355, Joomla HTTP Header Unauthenticated Remote Code Execution 
CVE-2015-8562
 2015-12-16 17:55:51 -06:00
Christian Mehlmauer 8c43ecbfaf add random terminator and clarify target 2015-12-17 00:08:52 +01:00
Christian Mehlmauer 08d0ffd709 implement @wvu-r7 's feedback 2015-12-16 22:44:01 +01:00
Christian Mehlmauer 76438dfb2f implement @wchen-r7 's suggestions 2015-12-16 20:31:43 +01:00
Christian Mehlmauer b43d580276 try to detect joomla version 2015-12-16 16:16:59 +01:00
Christian Mehlmauer 30f90f35e9 also check for debian version number 2015-12-16 15:19:33 +01:00
Christian Mehlmauer 67eba0d708 update description 2015-12-16 14:46:00 +01:00
Christian Mehlmauer fa3fb1affc better ubuntu version check 2015-12-16 14:18:44 +01:00
Christian Mehlmauer 60181feb51 more ubuntu checks 2015-12-16 14:02:26 +01:00
Christian Mehlmauer 934c6282a5 check for nil 2015-12-16 13:52:06 +01:00
Christian Mehlmauer 2661cc5899 check ubuntu specific version 2015-12-16 13:49:07 +01:00
Christian Mehlmauer 675dff3b6f use Gem::Version for version compare 2015-12-16 13:04:15 +01:00
Christian Mehlmauer 01b943ec93 fix check method 2015-12-16 07:26:25 +01:00
Christian Mehlmauer 595645bcd7 update description 2015-12-16 07:03:01 +01:00
Christian Mehlmauer d80a7e662f some formatting 2015-12-16 06:57:06 +01:00
Christian Mehlmauer c2795d58cb use target_uri.path 2015-12-16 06:55:23 +01:00
Christian Mehlmauer 2e54cd2ca7 update description 2015-12-16 06:42:41 +01:00
Christian Mehlmauer d4ade7a1fd update check method 2015-12-16 00:18:39 +01:00
Christian Mehlmauer c603430228 fix version check 2015-12-15 18:26:21 +01:00
wchen-r7 b9b280954b Add a check for joomla 2015-12-15 11:03:36 -06:00
Christian Mehlmauer e4309790f5 renamed module because X-FORWARDED-FOR header is also working 2015-12-15 17:37:45 +01:00
Christian Mehlmauer 84d5067abe add joomla RCE module 2015-12-15 17:20:49 +01:00
wchen-r7 ab3fe64b6e Add method peer for jenkins_java_deserialize.rb 2015-12-15 01:18:27 -06:00