adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
41,886 Commits 27 Branches 1,043 Tags
f8a94de6710abe3042a26a9dca38dcccff2c93be
Commit Graph

10172 Commits

Author SHA1 Message Date
Brent Cook 8019a9e519 Land #7947, fix crash in panda_psevents when an unexpected target OS is found 2017-02-17 14:08:27 -06:00
wchen-r7 1f23b44003 I modified windows/fileformat/office_word_macro the wrong way 2017-02-16 23:16:06 -06:00
wchen-r7 7503f643cc Deprecate windows/fileformat/office_word_macro 
Please use exploits/multi/fileformat/office_word_macro instead,
because the new one supports OS X.
 2017-02-16 12:32:14 -06:00
wchen-r7 3d269b46ad Support OS X for Microsoft Office macro exploit 2017-02-16 12:28:11 -06:00
Carter 811f6d4d58 Update netgear_r7000_cgibin_exec.rb 2017-02-16 08:38:06 -05:00
Carter 90224af813 Fix msftidy warning 2017-02-15 22:39:16 -05:00
Carter 81d63c8cc7 Create netgear_r7000_cgibin_exec.rb 2017-02-15 22:33:48 -05:00
David Manouchehri f113114643 Added assigned CVE. 2017-02-15 17:05:23 -05:00
h00die 843f559069 land #7917 piwik exploit module 2017-02-14 00:52:27 -05:00
OJ ec316bfb6c Use DATABASE when logging in with SQL mixin 2017-02-14 10:34:27 +10:00
h00die a47a479bd3 add else case 2017-02-12 19:08:31 -05:00
Christian Mehlmauer baa473a1c6 add piwik superuser plugin upload module 2017-02-11 00:20:50 +01:00
James Lee 026f6eb715 Land #7929, improve php_cgi_arg_injection 2017-02-10 10:01:38 -06:00
OJ 2d834a3f5a Finalise module, and add supporting binaries 2017-02-10 12:56:40 +10:00
OJ 1c62559e55 Add v1 of SQL Clr stored proc payload module 2017-02-10 10:28:22 +10:00
bwatters-r7 272d1845fa Land #7934, Add exploit module for OpenOffice with a malicious macro 2017-02-09 13:42:58 -06:00
wchen-r7 e1a1ea9d68 Fix grammar 2017-02-08 19:26:35 -06:00
wchen-r7 047a9b17cf Completed version of openoffice_document_macro 2017-02-08 16:29:40 -06:00
Mehmet Ince 4ee05313d8 Update tested version numbers 2017-02-08 19:31:01 +03:00
jvoisin f3bcc9f23f Take care of suhosin 2017-02-08 09:59:36 +01:00
jvoisin 028d4d6077 Make the payload a bit more random 2017-02-08 09:59:22 +01:00
jvoisin cb03ca91e1 Make php_cgi_arg_injection work in certain environnement 
This commit sets two more options to `0` in the payload:

- [cgi.force_redirect](https://secure.php.net/manual/en/ini.core.php#ini.cgi.force-redirect)
- [cgi.redirect_status_env](https://secure.php.net/manual/en/ini.core.php#ini.cgi.redirect-status-env)

The configuration directive `cgi.force_redirect` prevents anyone from calling PHP
directly with a URL like http://my.host/cgi-bin/php/secretdir/script.php.
Instead, PHP will only parse in this mode if it has gone through a web server redirect rule.

The string set in the configuration directive `cgi.redirect_status_env`
is the one that PHP will look for to know it's ok to continue its
execution. This might be use together with the previous configuration
option as a security measure.

Setting those variables to 0 is (as stated in the documentation) a
security issue, but it also make the exploit work on some Apache2 setup.
 2017-02-07 18:59:27 +01:00
wchen-r7 cefbee2df4 Add PoC for OpenOffice macro module 2017-02-07 10:12:23 -06:00
Mehmet Ince 906fcfe355 OSSIM 5.0.0 version requires a authen token on action create 2017-02-03 23:45:33 +03:00
wchen-r7 c73c189a61 Set DisablePayloadHandler default to true 2017-02-03 11:25:50 -06:00
wchen-r7 ccaa783a31 Add Microsoft Office Word Macro exploit 2017-02-02 17:44:55 -06:00
wchen-r7 3c6fa12aca Update firefox_smil_uaf to use BrowserExploitServer 2017-01-31 16:04:16 -06:00
William Webb 2ff170a1fa Land #7820, Exploit for TrueOnline Billion 5200W-T 2017-01-31 11:33:56 -06:00
William Webb f167358540 Land #7821, Command Injection Exploit for TrueOnline ZyXEL P660HN 2017-01-31 11:28:46 -06:00
William Webb b3521dfb69 Land #7822, Command Injection Exploit for TrueOnline P660HN v2 2017-01-31 11:22:49 -06:00
Mehmet Ince c666ac93f5 Adding xff header 2017-01-31 14:37:22 +03:00
Mehmet Ince 40108c2374 first commit 2017-01-31 14:15:46 +03:00
Pedro Ribeiro 0aceb0b1cb Fix whitespace, thanks msftidy! 2017-01-30 10:16:42 +00:00
Pedro Ribeiro 5fd31e621e Add CVE number 2017-01-30 10:03:46 +00:00
William Webb dd60fc3598 move cisco_webex_ext to exploits/windows/browser/ 2017-01-27 16:59:20 -06:00
William Webb 94f9971300 add module doc and remove the word EXPLOIT from document title 2017-01-26 13:36:18 -06:00
William Webb d87cb4b085 nfi why i didnt set ssl by default 2017-01-25 21:02:34 -06:00
William Webb ad0e2c7d95 remove extraneous warning alerts 2017-01-25 18:53:54 -06:00
William Webb d2bc8c7f7e msftidy complaints 2017-01-25 18:24:10 -06:00
William Webb 10066e0c16 get your targets straight son 2017-01-25 18:21:58 -06:00
William Webb d4b18bb3b9 initial commit of webex rce mod 2017-01-25 18:03:19 -06:00
William Vu 48ed8a72c2 Add helpful comment 2017-01-24 20:03:39 -06:00
William Vu ec8add6caa Always check and print status 2017-01-24 20:00:17 -06:00
William Vu 42a8e2a113 Remove extraneous variable 2017-01-24 19:50:31 -06:00
William Vu 97050a6c47 Fix nil bug in scan 2017-01-24 19:49:23 -06:00
wchen-r7 f4db90edeb Land #7852, Firefox nsSMILTimeContainer::NotifyTimeChange() rce 2017-01-23 11:56:01 -06:00
wchen-r7 04648888b3 Be conservative and do NormalRanking 2017-01-23 11:55:30 -06:00
Brent Cook ff2b8dcf99 Revert "Land #7605, Mysql privilege escalation, CVE-2016-6664" - premature merge 
This reverts commit 92a1c1ece4, reversing
changes made to 9b16cdf602.
 2017-01-22 19:16:33 -06:00
Brent Cook 92a1c1ece4 Land #7605, Mysql privilege escalation, CVE-2016-6664 2017-01-22 17:17:28 -06:00
Brent Cook 836da6177f Cipher::Cipher is deprecated 2017-01-22 10:20:03 -06:00