adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
41,886 Commits 27 Branches 1,043 Tags
f8a94de6710abe3042a26a9dca38dcccff2c93be
Commit Graph

10172 Commits

Author SHA1 Message Date
Jin Qian 2f8d3c3cf3 Remove the bug where downcase() is invoked on password which is optional and can be empty. 2016-11-03 15:23:19 -05:00
Brendan dae1f26313 Land #7521, Modernize TLS protocol configuration for SMTP / SQL Server 2016-11-03 12:56:50 -05:00
William Vu eca4b73aab Land #7499, check method for pkexec exploit 2016-11-03 10:59:06 -05:00
William Vu 1c746c0f93 Prefer CheckCode::Detected 2016-11-03 11:14:48 +01:00
William Vu 2cdff0f414 Fix check method 2016-11-03 11:14:48 +01:00
William Webb 31b593ac67 Land #7402, Add Linux local privilege escalation via overlayfs 2016-11-01 12:46:40 -05:00
Brent Cook f8912486df fix typos 2016-11-01 05:43:03 -05:00
OJ 3c57ff5c59 Avoid internal constants for bypassuac file path generation 2016-11-01 01:32:24 +10:00
OJ 6ce7352c45 Revert silly change in applocker bypass 2016-11-01 01:30:54 +10:00
OJ 3c56f1e1f7 Remove commented x64 arch from sock_sendpage 2016-11-01 01:29:11 +10:00
Alex Flores 45d6012f2d fix check method 2016-10-30 14:57:42 -04:00
Spencer McIntyre ccce361768 Remove accidentally included debug output 2016-10-29 18:46:51 -04:00
Spencer McIntyre fa7cbf2c5a Fix the jenkins exploit module for new versions 2016-10-29 18:19:14 -04:00
OJ 57eabda5dc Merge upstream/master 2016-10-29 13:54:31 +10:00
OJ 0737d7ca12 Tidy code, remove regex and use comparison for platform checks 2016-10-29 13:41:20 +10:00
OJ 1ca2fe1398 More platform/arch/session fixes 2016-10-29 08:11:20 +10:00
dmohanty-r7 d918e25bde Land #7439, Add Ghostscript support to ImageMagick Exploit 2016-10-28 17:07:13 -05:00
Quentin Kaiser c7b775ac1c Fix detection following @bwatters-r7 recommendations. Remove safesync exploit that shouldn't be here. 2016-10-28 18:03:56 +00:00
Chris Higgins c153686465 Added Disk Pulse Enterprise Login Buffer Overflow 2016-10-27 21:49:17 -05:00
OJ 1d617ae389 Implement first pass of architecture/platform refactor 2016-10-28 07:16:05 +10:00
mr_me 16b7c77851 satisfying travis 2016-10-27 13:37:04 -05:00
mr_me a8ab7b09b0 Added Bassmaster batch Arbitrary JavaScript Injection Remote Code Execution Vulnerability (CVE-2014-720) 2016-10-27 13:22:39 -05:00
Julien (jvoisin) Voisin 23ab4f1fc1 Remove one last tab 2016-10-27 12:32:40 +02:00
Julien (jvoisin) Voisin d9f07183bd Please h00die ;) 2016-10-27 12:18:33 +02:00
Julien (jvoisin) Voisin 2ac54f5028 Add a check for the linux pkexec module 2016-10-27 10:28:13 +02:00
Brent Cook ed35bf5011 remove unneeded badchars from payload specification 2016-10-26 04:47:33 -05:00
nixawk 6a8da3223e set payload file executable bit 2016-10-22 03:30:10 -05:00
Pearce Barry 51ffea3e03 Land #7470, fixes bad file refs for cmdstagers 2016-10-21 14:01:04 -05:00
Pearce Barry 9a0307b0c0 Land #7369, Panda Antivirus Priv Esc 2016-10-21 13:20:41 -05:00
David Maloney 6b77f509ba fixes bad file refs for cmdstagers 
when moving to the rex-exploitation gem some of the
file references were missed, partially due to silly differences
between how each file was referenced

Fixes #7466
 2016-10-21 12:31:18 -05:00
h00die 12e4fe1c5c updated dlls and docs 2016-10-20 20:45:50 -04:00
wolfthefallen 684feb6b50 moved STAGE0 and STAGE1 into datastore 2016-10-18 11:47:38 -04:00
wolfthefallen e806466fe3 correct carriage return and link issue 2016-10-17 10:31:39 -04:00
wolfthefallen 7e68f7d2a4 EmpirePowerShell Arbitrary File Upload (Skywalker) 2016-10-17 10:03:07 -04:00
h00die 0d1fe20ae5 revamped 2016-10-15 20:57:31 -04:00
OJ 25238f1a26 Update capcom exploit module to support Windows 10 2016-10-15 11:56:48 +10:00
William Webb 5e7d546fa2 Land #7094, OpenNMS Java Object Deserialization RCE Module 2016-10-14 13:19:11 -05:00
Brent Cook cfddc734a8 Land #7286, WiFi pineapple preconfig command injection module 2016-10-14 12:57:42 -05:00
Brent Cook e05a325786 Land #7285, WiFi pineapple command injection via authentication bypass 2016-10-14 12:57:05 -05:00
William Vu 1da40b5deb Change HAVE_POPEN to USE_POPEN 
PS target doesn't support it, so the option should be renamed.
 2016-10-14 11:58:39 -05:00
Brent Cook acec45c8b3 Land #7409, CVE-2013-5093 Graphite Pickle Handling - Add Version Check 2016-10-14 08:54:57 -05:00
h00die 12493d5c06 moved c code to external sources 2016-10-13 20:37:03 -04:00
William Vu 5b46e72aea Update module logic 2016-10-13 17:40:16 -05:00
William Vu 6f4f2bfa5f Add PS target and remove MIFF 2016-10-13 17:39:55 -05:00
William Vu e70ba8110d Update references 2016-10-13 17:35:55 -05:00
William Vu 88bb2e2295 Update description 2016-10-13 17:35:30 -05:00
wchen-r7 9e97febcd1 Land #7429, Ruby on Rails Dynamic Render File Upload Remote Code Exec 2016-10-13 11:45:46 -05:00
Brent Cook 2014b2d2ab Land #7432, Fix erroneous cred reporting in SonicWALL exploit 2016-10-12 22:39:15 -05:00
Pearce Barry a2a1d6c28a Land #7411, Add an HTA server module using Powershell 2016-10-12 13:05:40 -05:00
William Vu e78d3d6bf0 Fix erroneous cred reporting in SonicWALL exploit 
A session ID will be returned in the parsed JSON if the login succeeded.

Bad user:

{"noldapnouser"=>1, "loginfailed"=>1}

Bad password:

{"loginfailed"=>1}

Good user/password:

{"userid"=>"1", "sessionid"=>"4WJ9cNg1TkBrwjzX"}
 2016-10-11 19:25:52 -05:00