adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
41,886 Commits 27 Branches 1,043 Tags
f8a94de6710abe3042a26a9dca38dcccff2c93be
Commit Graph

21851 Commits

Author SHA1 Message Date
David Maloney 3e94abe555 put net:ssh::commandstream back 
this was apparently our own creation for doing
ssh sessions

MD-1688
 2016-06-22 15:02:36 -05:00
David Maloney 6072697126 continued 2016-06-22 14:54:00 -05:00
David Maloney 140621ad9b start to move to canonical net-ssh 
removed vendored net::ssh
pulled in net:ssh gem
made Rex::Socket::SSHFactory clas to bridge rex sockets in
Renamed getpeername to getpeername-as_array to not override
core socket behaviour

MS-1688
 2016-06-22 14:52:33 -05:00
wchen-r7 de5152401a Land #6992, Add tiki calendar exec exploit 2016-06-22 11:18:14 -05:00
wchen-r7 8697d3d6fb Update tiki_calendar_exec module and documentation 2016-06-22 11:17:45 -05:00
James Lee 07f7e5e148 Convert non-loginscanner MSSQL to rubyntlm 2016-06-22 10:15:22 -05:00
khr0x40sh df1a9bee13 Move ps1, Use Env var, Fix license, New Cleanup 
MS16-032 ps1 moved to external file.  This ps1 will now detect windir
to find cmd.exe.  The module now also detects windir to find
powershell.exe.  The license is now BSD_LICENSE, and the required
copyright has been moved to the ps1. The previous optional cleanup stage
 is now standard.  The optional 'W_PATH' assignment is corrected to
select the user's variable unless 'W_PATH' is nil.
 2016-06-22 09:25:48 -04:00
h00die 0f2c1d886c append over read and write 2016-06-21 16:56:34 -04:00
h00die 42697b46ac append over read and write 2016-06-21 16:52:40 -04:00
h00die 9cb57d78d7 updated check and docs that 14.2 may not be vuln 2016-06-21 16:48:09 -04:00
Meatballs 81f30ca962 Land #6966, Microsoft Office Trusted Locations Enumeration 2016-06-21 21:45:39 +01:00
khr0x40sh b9d0bcc193 Add MS16-032 Local Priv Esc Exploit to tree 
This module will use the powershell port of ms16-032 created by
@FuzzySec.  All payloads are pushed to a compress powershell script in a
plain text file on the disk to execute.
 2016-06-21 14:56:12 -04:00
h00die c7bacebd5b slight issues found by void-in 2016-06-21 05:12:10 -04:00
h00die 4b8f572976 cron persistence 2016-06-20 21:45:04 -04:00
h00die c50f935412 shell > cmd all day 2016-06-20 17:59:01 -04:00
h00die 15a3d739c0 fix per wchen 2016-06-20 17:57:10 -04:00
William Webb 3f9d0630ce Merge remote-tracking branch 'upstream/pr/6955' into land-6955 2016-06-20 13:14:37 -05:00
William Webb e692e32dae Land #6955, DarkComet C2 Arbitrary File Download Exploit 2016-06-20 12:03:38 -05:00
William Webb c816af1e4d Merge remote-tracking branch 'upstream/pr/6955' into land-6955 2016-06-20 12:00:19 -05:00
wchen-r7 2b85b210e9 Fix #6984, Undefined method 'winver' in ms10_092_schelevator 
Fix #6984
 2016-06-20 10:37:41 -05:00
Pearce Barry 95517b4a45 Avoid exception on missing key in prefs. 2016-06-20 09:26:10 -05:00
William Vu 6cb2a6970e Fix unused SessionType in two modules 
Pretty sure it should be "shell."
 2016-06-19 23:41:34 -05:00
h00die 6905a29b10 sshkey persistence 2016-06-19 22:40:03 -04:00
HD Moore 856a4c7684 Reference BadTunnel (appropriate for the nat module) 2016-06-19 20:50:12 -05:00
h00die 6fe7698b13 follow redirect automatically 2016-06-19 20:24:54 -04:00
HD Moore a84614f2c0 Whitespace only 2016-06-19 18:44:32 -05:00
HD Moore ce7c6496dd Rework to clarify that this a brute force spoof, unrelated to BadTunnel 2016-06-19 13:36:39 -05:00
h00die 3f25c27e34 2 void-in fixes of 3 2016-06-19 14:35:27 -04:00
h00die ddfd015310 functionalized calendar call, updated docs 2016-06-19 08:53:22 -04:00
Interference Security 0fa1fc50f8 Fixed false positive bug 
Checking for "(ERROR_STACK=(ERROR=" is not enough to mark a target as vulnerable. TNS response packet bytes for "Accept" and "Refuse" are required to be sure.
Reference: https://thesprawl.org/research/oracle-tns-protocol/
 2016-06-19 17:33:05 +05:30
HD Moore 6507e520c7 Cleanups, addition of a 'direct' module 2016-06-18 15:37:54 -05:00
HD Moore d8f6be0a3f Silly typo [cosmetic] 2016-06-18 14:34:49 -05:00
h00die 3feff7533b tiki calendar 2016-06-18 13:11:11 -04:00
HD Moore b4af7eb039 Remove useless include 2016-06-18 01:31:55 -05:00
HD Moore 3aff0050ee Whitespace 2016-06-18 01:24:45 -05:00
HD Moore 01a951d5aa Add references & credit 2016-06-18 01:23:49 -05:00
samvartaka 5405b0f3db clarified attack failure error message 2016-06-18 04:31:58 +02:00
Brendan Watters c02a05f913 Removed code that was already commented out 2016-06-17 15:47:15 -05:00
Brendan Watters 1225a93179 Moved ClamAV scanner to scanning module 
s
 2016-06-17 15:40:33 -05:00
Brendan Watters c130495968 Updated logging, but still probably wrong. 2016-06-17 13:31:24 -05:00
Brendan Watters 813777a8e4 Cleaned up the code a little after trying to fix ip printing issues. 2016-06-17 13:09:03 -05:00
Brendan Watters fee54b4a5a Changed the module to support scanning 2016-06-17 13:03:28 -05:00
HD Moore 0af2fa7164 Add a module for the 'BadTunnel' vulnerability 2016-06-17 03:06:04 -05:00
h00die ebde552982 gem version 2016-06-16 21:09:56 -04:00
Brendan Watters 9ea0b8f944 Land #6934, Adds exploit for op5 configuration command execution 2016-06-16 14:36:10 -05:00
William Vu ea988eaa72 Add setsid to persist the shell 
Prevents the watchdog from killing our session.
 2016-06-16 11:31:35 -05:00
Brendan Watters 050b604e77 Fixed the syntax error 2016-06-15 21:45:52 -05:00
Brendan Watters 0e5c5559cf Updated documentation and printing per suggestions 2016-06-15 21:32:53 -05:00
h00die cfb034fa95 fixes all previously identified issues 2016-06-15 20:58:04 -04:00
h00die baa603b637 wvu-r7 rex sleep suggestions 2016-06-15 20:41:25 -04:00