adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
41,886 Commits 27 Branches 1,043 Tags
f8a94de6710abe3042a26a9dca38dcccff2c93be
Commit Graph

10172 Commits

Author SHA1 Message Date
Roberto Soares 13ded8abe7 Added WPVDB. 2015-04-16 05:08:45 -03:00
Roberto Soares 64923ffdc2 Fixed plugin name in check method 2015-04-16 05:06:36 -03:00
Roberto Soares e9212c4d6b wordpress_url_admin_ajax intead of wordpress_url_backend 2015-04-16 04:53:05 -03:00
Roberto Soares 81d898fd7e Rewrote check code. 2015-04-16 04:51:40 -03:00
Roberto Soares aeb0484889 Removed timeout 2. 2015-04-16 04:48:00 -03:00
Roberto Soares e6e9c173e3 Rewrote res conditions. 2015-04-16 04:43:34 -03:00
Roberto Soares d11db4edc7 Rewrote check code. 2015-04-16 04:37:30 -03:00
Roberto Soares f13d31c7c2 Added WPVDB. 2015-04-16 04:31:23 -03:00
Roberto Soares cccda4e851 Removed unnecessary line. 2015-04-16 04:27:15 -03:00
Roberto Soares d3a6de761d Removed timeout 2. 2015-04-16 04:09:02 -03:00
William Vu 01625e3bba Land #5148, DRY BSD/OS X shellcode 
Also fix a semi-regression in the Rootpipe exploit.
 2015-04-16 02:08:18 -05:00
William Vu 13da15e434 Add default PAYLOAD again 
PrependSetreuid doesn't work with generic/shell_reverse_tcp.
 2015-04-16 02:07:02 -05:00
Roberto Soares 1249f29ee8 Add JSON::ParserError exception handler. 2015-04-16 04:03:54 -03:00
jvazquez-r7 c1753672bf Delete file_contents initialization 2015-04-15 17:58:32 -05:00
jvazquez-r7 28fac60c81 Add module for CVE-2015-0556 2015-04-15 14:08:16 -05:00
jvazquez-r7 ef6bf54e2f Fix metadata 2015-04-15 09:22:59 -05:00
jvazquez-r7 1da6b32df7 Land #4924, @m-1-k-3's DLink CVE-2015-1187 exploit 
* ncc service ping.cpp command injection
 2015-04-15 09:17:10 -05:00
jvazquez-r7 6019bbe0d2 Add ranking comment 2015-04-15 09:12:03 -05:00
jvazquez-r7 ad465c4d5b Do code cleanup 2015-04-15 09:10:18 -05:00
sinn3r b5335ab266 Some progress, mostly documentation 2015-04-14 19:03:08 -05:00
sinn3r aca93cc86e Add missing Rank 2015-04-14 13:33:37 -05:00
sinn3r 6c9cc7c725 Some progress 2015-04-14 13:30:34 -05:00
sinn3r 4486831ba3 Module loading portion 2015-04-14 01:33:02 -05:00
William Vu e114c85044 Land #5127, x64 OS X prepend stubs 'n' stuff 2015-04-14 01:25:39 -05:00
Roberto Soares a09e643a71 Add author, URL, WPVDB and disclosure date. 2015-04-13 22:54:05 -03:00
Roberto Soares 271a81778e Add Module WP N-Media Website Contact Form Upload 2015-04-13 22:48:34 -03:00
Roberto Soares 7f10fb5bf0 Fix disclosure date 2015-04-13 18:53:20 -03:00
Roberto Soares e94ca0bdd1 Add EDB, OSVDB and author. 2015-04-13 18:42:17 -03:00
Roberto Soares d5d975c450 Add Module WordPress Creative Contact Form Upload 2015-04-13 18:38:43 -03:00
William Vu e324819feb Add Privileged to info hash 
Also remove default payload. Was set for CMD.
 2015-04-13 15:23:30 -05:00
Tod Beardsley bd3b6514fa Dubbed. Whump whump. 2015-04-13 10:52:32 -05:00
Tod Beardsley d87483b28d Squashed commit of the following: 
commit 49f480af8b9d27e676c02006ae8873a119e1aae6
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date:   Mon Apr 13 10:42:13 2015 -0500

    Fix funny punctuation on rootpipe exploit title

    See #5119

commit 0b439671efd6dabcf1a69fd0b089c28badf5ccff
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date:   Mon Apr 13 10:37:39 2015 -0500

    Fix vendor caps

    Trusting the github repo README at

    https://github.com/embedthis/goahead

    See #5101
 2015-04-13 10:46:47 -05:00
Roberto Soares 7b57496501 Fix typo and add email addr. 2015-04-13 04:12:32 -03:00
Roberto Soares abee3f17c4 Add author, CVE and EDB references 2015-04-13 04:08:34 -03:00
Roberto Soares 58c4042321 Add Module WP Slideshow Gallery Shell Upload 2015-04-13 03:56:59 -03:00
Roberto Soares 2d1f8c510e Add author and references 2015-04-12 21:21:49 -03:00
Roberto Soares 9f06cee53d Add Module WordPress WorkTheFlow Shell Upload 2015-04-12 21:09:44 -03:00
joev c132a3fb0a Fix OSX prepends and implement x64 setreuid. 2015-04-11 20:04:21 -05:00
jvazquez-r7 656abac13c Use keyword arguments 2015-04-10 18:03:45 -05:00
jvazquez-r7 1720d4cd83 Introduce get_file_contents 2015-04-10 17:34:00 -05:00
jvazquez-r7 ca6a5cad17 support changing files 2015-04-10 16:53:12 -05:00
jvazquez-r7 b2e17a61a9 Fix disclosure date 2015-04-10 13:09:24 -05:00
jvazquez-r7 ab944b1897 Add module to exploit dangerous group policy startup scripts 2015-04-10 13:01:50 -05:00
joev 3313dac30f Land #5119, @wvu's addition of the OSX rootpipe privesc exploit. 
orts
borts
 2015-04-10 12:38:25 -05:00
sinn3r 4419c1c728 Land #5120, Adobe Flash Player casi32 Integer Overflow 2015-04-10 12:18:11 -05:00
William Vu fc814a17ae Add admin check 
Also break out version check.
 2015-04-10 11:24:49 -05:00
William Vu 41885133d8 Refactor and clean 
Finally breaking free of some stubborn old habits. :)
 2015-04-10 11:22:27 -05:00
William Vu a7601c1b9a Use zsh to avoid dropping privs 
Also add some configurable options.
 2015-04-10 11:22:00 -05:00
William Vu 4cc6ac6eaa Clarify vulnerable versions 2015-04-10 11:22:00 -05:00
William Vu c4b7b32745 Add Rootpipe exploit 2015-04-10 11:22:00 -05:00