adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
41,886 Commits 27 Branches 1,043 Tags
f8a94de6710abe3042a26a9dca38dcccff2c93be
Commit Graph

10172 Commits

Author SHA1 Message Date
wizard32 8534fde50f Websphere Java Deserialization (RCE) 
This module exploits a vulnerability in IBM's WebSphere Application Server. An unsafe deserialization call of unauthenticated Java objects exists to the Apache Commons Collections (ACC) library, which allows remote arbitrary code execution. Authentication is not required in order to exploit this vulnerability.
 2017-01-03 16:04:51 +02:00
Pedro Ribeiro 9d3e90e8e5 cleanup 2017-01-02 17:32:38 +00:00
Pedro Ribeiro 4c29d23c8a further cleaning 2016-12-31 17:02:34 +00:00
Pedro Ribeiro 956602cbfe add final wnr2000 sploits 2016-12-31 16:49:05 +00:00
Spencer McIntyre cd90fd3b1c Fix PHPMailer targets since 5.2.20 is not affected 2016-12-30 15:31:15 -05:00
Spencer McIntyre 1eab4b3a7d Add an optional explicit triggeruri for phpmailer 2016-12-30 14:24:07 -05:00
Spencer McIntyre 64037b0d6e Use a proper target instead of VERSION 2016-12-29 17:37:16 -05:00
Spencer McIntyre c9dd7a50b6 Add the PHPMailer Argument Injection exploit 2016-12-29 17:17:06 -05:00
William Vu 9d0ada9b83 Land #7749, make drb_remote_codeexec great again 2016-12-28 06:11:48 -06:00
William Vu cfca4b121c Clean up module 2016-12-28 06:10:46 -06:00
William Vu afd8315e1d Remove apache_continuum_cmd_exec CmdStager flavor 
It is inferred from the platform, and we don't want to override it
needlessly. :bourne is what worked during testing, but it won't always
work. Now we can override the flavor with CMDSTAGER::FLAVOR.
 2016-12-27 16:24:16 -06:00
Pedro Ribeiro 870e8046b5 add sploits 2016-12-27 21:12:35 +00:00
Brent Cook 57e4bcbf71 Land #7454, add CVE-2013-6282, put_user/get_user exploit for Android 2016-12-24 14:44:34 -06:00
joernchen of Phenoelit 679ebf31bd Minor fix to make dRuby great again 2016-12-23 15:12:22 +01:00
joernchen of Phenoelit d69acd116d Make dRuby great again 2016-12-22 15:37:16 +01:00
William Vu 934b05e736 Land #7310, at(1) persistence module 2016-12-22 03:33:58 -06:00
William Vu b65a62ba93 Clean up module 2016-12-22 03:33:08 -06:00
Tim 25a8283af3 fork early and use WfsDelay 2016-12-20 00:59:27 +08:00
Tim f1efa760df more fixes 2016-12-20 00:52:11 +08:00
Tim 7ac3859393 convert futex_requeue module to use targetting and core_loadlib 2016-12-20 00:52:11 +08:00
Tim c2dc350378 better fix for session compatibility 2016-12-15 17:41:44 +08:00
Brent Cook fa016de78a Land #7634, Implement universal HTTP/S handlers for Meterpreter payloads 2016-12-13 18:13:22 -06:00
Tim fe9972cc25 fork early and use WfsDelay 2016-12-13 17:02:23 +08:00
Tim 7b7deb0588 better library cleanup 2016-12-13 17:02:23 +08:00
Tim 96b01effa7 cleanup library after use 2016-12-13 17:02:23 +08:00
Tim 909773120c typos 2016-12-13 17:02:23 +08:00
Tim ebf7ae0739 add CVE-2013-6282, put_user/get_user exploit for Android 2016-12-13 17:02:23 +08:00
Tod Beardsley a4f681ae35 Add quoted hex encoding 2016-12-06 09:05:35 -06:00
Tod Beardsley d549c2793f Fix module filename to be TR-064 2016-12-02 08:49:21 -06:00
Tod Beardsley 9e4e9ae614 Add a reference to the TR-064 spec 2016-12-02 08:48:09 -06:00
Tod Beardsley ddac5600e3 Reference TR-064, not TR-069 2016-12-02 08:45:15 -06:00
wchen-r7 41355898fa Remove extra def report_cred in vbulletin_vote_sqli_exec 2016-12-01 15:31:24 -06:00
wchen-r7 174cd74900 Land #7532, Add bypass UAC local exploit via Event Viewer module 2016-12-01 11:16:49 -06:00
wchen-r7 1e9d80c998 Fix another typo 2016-12-01 11:16:06 -06:00
wchen-r7 b8243b5d10 Fix a typo 2016-12-01 11:15:26 -06:00
William Vu 1d6ee7192a Land #7427, new options for nagios_xi_chained_rce 2016-11-30 17:11:02 -06:00
William Vu 3e8cdd1f36 Polish up USER_ID and API_TOKEN options 2016-11-30 17:10:52 -06:00
OJ ebf5121359 Merge branch 'upstream/master' into add-bypassuac-eventvwr 2016-12-01 07:58:16 +10:00
OJ 6890e56b30 Remove call to missing function 2016-12-01 07:57:54 +10:00
David Maloney d1be2d735f Land #7578, pdf-shaper exploit 
Land lsato's work on the pdf-shaper buffer overflow
exploit
 2016-11-30 11:13:12 -06:00
Tod Beardsley 43cd788350 Switch back to echo as cmdstager flavor 2016-11-30 10:18:09 -06:00
Tod Beardsley b75fbd454a Add missing peer in vprint_error 2016-11-30 07:59:41 -06:00
Tod Beardsley 657d52951b Linemax 63, switch to printf 2016-11-30 07:51:36 -06:00
Tod Beardsley 08b9684c1a Add a FORCE_EXPLOIT option for @FireFart 2016-11-29 16:37:13 -06:00
Tod Beardsley 57d156a5e2 Revert "XML encode the command passed" 
This reverts commit 9952c0ac6f.
 2016-11-29 16:24:26 -06:00
Tod Beardsley b7904fe0cc Oh silly delimiters and lack thereof 2016-11-29 15:53:05 -06:00
Tod Beardsley 9952c0ac6f XML encode the command passed 2016-11-29 15:49:55 -06:00
Tod Beardsley 851aae3f15 Oops, wrong module 
This reverts commit d55d2099c5.
 2016-11-29 15:15:18 -06:00
Tod Beardsley d55d2099c5 Just one platform thanks 2016-11-29 15:08:45 -06:00
Tod Beardsley 4d6b2dfb46 Use CmdStager instead 
Oh, and this is totally untested as of this commit.
 2016-11-29 15:03:38 -06:00