adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
41,886 Commits 27 Branches 1,043 Tags
f8a94de6710abe3042a26a9dca38dcccff2c93be
Commit Graph

21851 Commits

Author SHA1 Message Date
Mehmet Ince 089816236d Remove double spaces and fix checkcode 2016-07-20 00:01:25 +03:00
Mehmet Ince 9c8e351ba8 Use vars_get un send_request_cgi 2016-07-19 20:12:14 +03:00
Mehmet Ince ec2f8fcc71 Change check method and use meterpreter instead of unix cmd 2016-07-19 11:13:06 +03:00
forzoni 6f35a04e21 Incorporate review fixes, ensure PrependFork is true, fix echo compat. 2016-07-19 01:45:56 -05:00
Mehmet Ince 650034b600 Use normalize_uri params instead of string concatenation 2016-07-19 01:01:05 +03:00
Mehmet Ince c8deb54938 Add Drupal RESTWS Remote Unauth PHP Code Exec 2016-07-18 21:32:10 +03:00
RageLtMan 14c9569afa 2013-1710 - Use header VHOST info for redirection 
When this exploit is hit by hostname, the HTTP request contains
a Host header field which does not match the IP-based redirection.
Update the module to check request headers for host information,
and fallback to the prior behavior if none exists.

Tested in conjunction with #6611 DNS spoofer - works great, see
issue #7098 for details.
 2016-07-17 04:50:54 -04:00
Josh Hale 722133491d Wording change in advanced options and doc 2016-07-16 22:57:36 -05:00
Josh Hale 9cb9a2f69d Update for windows keylog_recorder 2016-07-16 22:38:10 -05:00
AgoraSecurity dcd09f17bd New Post Module 
New post module for windows.
It gathers the users and cracks the password of MDaemon Mail server.
NOTE: The module have a bug and I would appreciate help fixing it (problem when storing credentials)
 2016-07-16 19:07:27 -05:00
ktreimann e3801c425b Fix typo in USB error message 2016-07-16 09:43:48 -04:00
Brent Cook b08d1ad8d8 Revert "Land #6812, remove broken OSVDB references" 
This reverts commit 2b016e0216, reversing
changes made to 7b1d9596c7.
 2016-07-15 12:00:31 -05:00
h00die 03dca5fee2 updates round 2 2016-07-15 09:02:23 -04:00
h00die 33ce3ec3ed fixes round 2 2016-07-15 08:44:39 -04:00
h00die 7734279147 round 2 of updates 2016-07-15 08:21:17 -04:00
Brendan 8968a6603e Syntax cleanup 2016-07-14 13:25:31 -07:00
Brendan 927b3a88a1 Changed to one delete 2016-07-14 13:11:59 -07:00
David Maloney b6b52952f4 set ssh to non-interactive 
have to set the non-interactive flag so that it does not
prompt the user on an incorrect password

MS-1688
 2016-07-14 11:12:03 -05:00
David Maloney 01d0d1702b Merge branch 'master' into feature/MS-1688/net-ssh-cleanup 2016-07-14 09:48:28 -05:00
thao doan 9862a2fc25 Land #7080, Updated docs and made enhancements for Netgear soap password extractor 2016-07-13 14:30:46 -07:00
William Vu b2c3267a2a Land #7042, fetch_ninja_form_nonce/wponce fix 2016-07-13 11:38:11 -05:00
Brent Cook ee90e5e96d update payload sizes 2016-07-13 01:06:05 -05:00
Brent Cook fcdb32795d Land #6777, Linux Xen 4.2.0 DoS 2016-07-13 00:40:42 -05:00
Brent Cook 7b5e3a880d added module docs and some output tweaks for consistency with other modules 2016-07-13 00:38:46 -05:00
Brent Cook 3e6fed7958 update metadata 2016-07-13 00:13:02 -05:00
Brent Cook 0304b2c1e2 simplify logic, Ubuntu support 2016-07-12 23:50:32 -05:00
wchen-r7 8f928c6ca1 Land #7006, Add MS16-032 Local Priv Esc Exploit 2016-07-12 15:22:35 -05:00
wchen-r7 815c426b4d Match naming style 2016-07-12 15:18:39 -05:00
James Lee 556620d981 Fix pack on big endian host systems 2016-07-12 15:17:52 -05:00
wchen-r7 f11b84f106 Update wfsdelay and check for ms16-032 2016-07-12 15:17:21 -05:00
James Lee e9350986a4 Style 2016-07-12 14:51:37 -05:00
James Lee 1a15fc1c2e Whitespace 2016-07-12 14:51:37 -05:00
William Webb 8f73167b15 Land #7060, Fix up the 64-bit BSD reverse shell 2016-07-12 14:37:51 -05:00
William Vu f164afaef8 Land #6932, joomla_contenthistory_sqli_rce fixes 2016-07-12 14:26:49 -05:00
James Lee c3e8f81982 Land #7038, zutto_deriku, an x64 encoder 2016-07-12 13:46:55 -05:00
William Vu 310332b521 Clean up module 2016-07-12 11:17:10 -05:00
wchen-r7 b869b890c7 Land #7090, Add module for Tikiwiki Upload Exec 2016-07-12 11:16:50 -05:00
wchen-r7 2471e8bc8c Add FileDropper to cleanup properly 2016-07-12 11:16:18 -05:00
William Vu 277950cc79 Land #6733, psexec StackAdjustment fix 2016-07-12 11:14:16 -05:00
Mehmet Ince 43833c8756 Fixing double normalize function call 2016-07-12 07:30:18 +03:00
Brent Cook 2b016e0216 Land #6812, remove broken OSVDB references 2016-07-11 22:59:11 -05:00
Pearce Barry 7b1d9596c7 Land #7068, Introduce 'mettle' - new POSIX meterpreter 2016-07-11 22:38:40 -05:00
Brent Cook a530aa4cf1 restrict perms a bit more 2016-07-11 22:22:34 -05:00
Brent Cook a107a0f955 remove unneeded rport/rhost defines 2016-07-11 22:22:34 -05:00
Brent Cook 6bf51fe064 streamline payload generation 2016-07-11 22:22:34 -05:00
Brent Cook 7ef6c8bf9e ruby style updates 2016-07-11 22:22:33 -05:00
Brent Cook c1f51e7ddf Update and fixup module against OpenNMS-16 2016-07-11 22:22:33 -05:00
benpturner 50746eec29 Fixes comments in regards to #{peer} 2016-07-11 22:22:33 -05:00
benpturner ce8317294f New module to exploit the OpenNMS Java Object Unserialization RCE vulnerability. This now gets flagged inside Nessus and there was no Metasploit module to exploit this. 
This module exploits the vulnerability to a full session.
 2016-07-11 22:22:32 -05:00
Brent Cook 627fffdb08 Land #7089, correct usage of OptPort and OptRegex 2016-07-11 22:13:27 -05:00