adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
41,886 Commits 27 Branches 1,043 Tags
f8a94de6710abe3042a26a9dca38dcccff2c93be
Commit Graph

21851 Commits

Author SHA1 Message Date
William Vu c6214d9c5e Fix and clean module 2016-09-14 14:36:29 -05:00
James Lee 27be29edb4 Fix typo 2016-09-14 13:21:37 -05:00
James Barnett 6509b34da1 Land #7255, Fix issue causing Glassfish to fail uploading to Windows targets. 2016-09-14 12:57:41 -05:00
William Vu 8533e6c5fd Land #7252, ARCH_CMD to ARCH_PHP for phoenix_exec 2016-09-14 10:38:37 -05:00
Jon Hart 79a8123d2f Trim platform, expand payload 2016-09-13 21:44:41 -07:00
Jon Hart 18d424bb83 Update waiting message to indicate that it will wait up to that long 2016-09-13 21:16:59 -07:00
William Vu cac890a797 Land #7308, disclosure date additions 2016-09-13 23:16:30 -05:00
William Vu e4e6f5daac Fix indentation 2016-09-13 23:15:37 -05:00
William Vu a5502264d4 Land #7305, missing env var fix for Steam module 2016-09-13 23:11:40 -05:00
Jon Hart b16e84f574 Bump default WfsDelay to account for execution at 0s and execution delays 
Also, platforms, which I think achieves nothing right now.
 2016-09-13 21:04:30 -07:00
Jon Hart 18c54ebb5e Minor rubocop gripe 2016-09-13 20:54:30 -07:00
Jon Hart 15e44e296b Fix cmd execution; use and cleanup temporary files 2016-09-13 20:51:32 -07:00
h00die d73531c0d3 added disclosure dates 2016-09-13 20:37:04 -04:00
Jon Hart 972db476ef Implement check for at_persistence 2016-09-13 16:08:49 -07:00
Brent Cook 7352029497 first round of SSL damage fixes 2016-09-13 17:42:31 -05:00
wchen-r7 245237d650 Land #7288, Add LoginScannerfor Octopus Deploy server 2016-09-13 17:26:56 -05:00
wchen-r7 10efafe44e Land #7306, Update links and add CVE to WebNMS modules 2016-09-13 15:52:27 -05:00
wchen-r7 ed5bbb9885 Land #7284, Add SugarCRM REST PHP Object Injection exploit 2016-09-13 15:46:46 -05:00
wchen-r7 a0095ad809 Check res properly and update Ruby syntax 
If res is nil, it should not be doing res.code
 2016-09-13 15:45:57 -05:00
Pedro Ribeiro 8d4ee3fac6 Forgot the bracket! 2016-09-13 19:01:22 +01:00
Pedro Ribeiro 4d49f7140c update links and CVE on webnms_file_download 2016-09-13 18:50:53 +01:00
Pedro Ribeiro 41bdae4b84 update links and CVE on webnms_file_upload 2016-09-13 18:50:25 +01:00
Pedro Ribeiro 8b90df8b67 update links and CVE on webnms_cred_disclosure 2016-09-13 18:49:58 +01:00
Jon Hart c69d65c47e Initial commit of at(1) 'persistence' 
Initial inspiration from @h00die's cron module in #7003
 2016-09-13 10:25:13 -07:00
wchen-r7 89705cc803 Avoid potential undef method error '+' for nil 2016-09-13 11:13:02 -05:00
wchen-r7 50447fc4cf Fix post/windows/gather/credentials/steam for an empty env var 2016-09-13 11:04:42 -05:00
Justin Steven 17bad7bd4f fix popchain 
ERB changed as per <https://github.com/ruby/ruby/commit/e82f4195d4>
which broke the popchain used for code execution.
 2016-09-13 21:25:14 +10:00
nixawk 1ce9aedb97 parenthesis for condition expression 2016-09-13 03:37:47 -05:00
nixawk fd16c1c3b7 Fix issue-7295 2016-09-13 01:32:20 -05:00
aushack 11342356f8 Support LHOST for metasploit behind NAT 2016-09-13 11:23:49 +10:00
Tijl Deneut 8df8f7dda0 Initial commit of profinet_siemens.rb 2016-09-11 09:15:41 +02:00
scriptjunkie a0e05d4c4c Land #7287, mdaemon cred dumper 2016-09-10 08:43:07 -05:00
Brent Cook a81f351cb3 Land #7274, Remove deprecated modules 2016-09-09 12:01:59 -05:00
Brent Cook 1d4b0de560 Land #6616, Added an Outlook EWS NTLM login module. 2016-09-09 11:43:52 -05:00
Justin Steven 6bafad44f2 drop 'require uri', tweak option text 2016-09-09 20:31:23 +10:00
Justin Steven 0b012c2496 Combine Unix and Windows modules 2016-09-09 20:28:13 +10:00
Agora Security 00f09d19b1 SMTP Typo 
Correct SMTP Type (before SMPT)
 2016-09-09 01:36:37 -05:00
William Vu 92dba8ff9d Land #7290, env var check for WinSCP module 2016-09-07 21:08:12 -05:00
Brendan a30711ddcd Land #7279, Use the rubyntlm gem (again) 2016-09-07 16:33:35 -05:00
wchen-r7 a9c3c5d391 Fix typos 2016-09-07 15:40:10 -05:00
wchen-r7 831c7a08a8 Check environment variables before using for winscp module 2016-09-07 15:24:22 -05:00
William Vu 7d44bd5ba4 Clean up module 2016-09-06 23:30:58 -05:00
aushack 015b790295 Added default rport. 2016-09-07 14:24:07 +10:00
aushack 7632c74aba Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2016-09-07 14:15:57 +10:00
aushack 6e21684ff7 Fix typo. 2016-09-07 14:08:46 +10:00
james-otten dcf0d74428 Adding module to scan for Octopus Deploy server 
This module tries to log into one or more Octopus Deploy servers.

More information about Octopus Deploy:
https://octopus.com
 2016-09-06 20:52:49 -05:00
catatonic c06ee991ed Adding WiFi pineapple command injection via authenticaiton bypass. 2016-09-06 17:22:25 -07:00
catatonic 8d40dddc17 Adding WiFi pineapple preconfig command injection module. 2016-09-06 17:18:36 -07:00
EgiX df5fdbff41 Add module for KIS-2016-07: SugarCRM REST PHP Object Injection 
This PR contains a module to exploit KIS-2016-07, a PHP Object Injection vulnerability in SugarCRM CE before version 6.5.24 that allows unauthenticated users to execute arbitrary PHP code with the permissions of the webserver. Successful exploitation of this vulnerability should require SugarCRM to be running on PHP before version 5.6.25 or 7.0.10, which fix CVE-2016-7124.
 2016-09-07 01:58:41 +02:00
Quentin Kaiser e4d118108a Trend Micro SafeSync exploit. 2016-09-06 19:33:23 +00:00