adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
41,886 Commits 27 Branches 1,043 Tags
f8a94de6710abe3042a26a9dca38dcccff2c93be
Commit Graph

21851 Commits

Author SHA1 Message Date
wchen-r7 6fb27a3da9 Undo path and move the out of bound check 2016-01-28 23:49:50 -06:00
Nicholas Starke d51be6e3da Fixing typo 
This commit fixes a typo in the word "service"
 2016-01-28 16:44:42 -06:00
Jon Hart 1749932bb4 Cleanup loot saving output 2016-01-28 14:16:47 -08:00
Jon Hart 6646785902 Don't enumerate other possible domains via TLD expansion by default 2016-01-28 14:09:09 -08:00
Jon Hart 86e7cd92c0 Minor style nit on printed NS records 2016-01-28 14:08:20 -08:00
Nicholas Starke 1ef7aef996 Fixing User : Pass delimiter 
As per the PR comments, this commit replaces the user and
pass delimiter from "/" to ":"
 2016-01-27 17:20:58 -06:00
Tod Beardsley 8af751be41 Land #6470, Telisca IPS Lock (and Unlock) 2016-01-27 16:41:25 -06:00
Tod Beardsley 86c025de25 Title and description fixes for #6470 2016-01-27 16:40:06 -06:00
Louis Sato f6f2e1403b Land #6496, specify scripting language - elastic search 2016-01-27 15:42:47 -06:00
wchen-r7 51efb2daee Land #6422, Add support for native target in Android webview exploit 2016-01-27 14:27:41 -06:00
Brent Cook 115c63e4ba karaf default credential scanner PoC 2016-01-27 03:27:48 -05:00
Chris Higgins 2df458c359 Few updates per OJ and wvu 2016-01-26 23:19:18 -06:00
Chris Higgins 3cab27086f Added PCMan FTP PUT Buffer Overflow Exploit 2016-01-26 17:09:31 -06:00
Nicholas Starke 4560d553b5 Fixing more issues from comments 
This commit includes more minor fixes from the github
comments for this PR.
 2016-01-24 19:43:02 -06:00
Nicholas Starke d877522ea5 Fixing various issues from comments 
This commit fixes issues with specifying "rhost:rport",
replacing them instead with "peer".  Also, a couple of
"Unknown" errors were replaced with "UnexpectedReply".
 2016-01-23 13:43:09 -06:00
Nicholas Starke a5a2e7c06b Fixing Disclosure Date 
Disclosure date was in incorrect format, this commit
fixes the issue
 2016-01-23 11:41:05 -06:00
Nicholas Starke 8c8cdd9912 Adding Dlink DCS Authenticated RCE Module 
This module takes advantage of an authenticated HTTP RCE
vulnerability to start telnet on a random port. The module
then connects to that telnet session and returns a shell.
This vulnerability is present in version 2.01 of the firmware
and resolved by version 2.12.
 2016-01-23 11:15:23 -06:00
wchen-r7 6187354392 Land #6226, Add Wordpress XML-RPC system.multicall Credential BF 2016-01-23 00:12:46 -06:00
wchen-r7 064af0d670 Remove unwanted comment 2016-01-23 00:11:58 -06:00
KINGSABRI ad3eed525b Handing newer version of WP, fallback CHUNKSIE to 1 2016-01-23 08:06:27 +03:00
William Vu d6facbe339 Land #6421, ADB protocol and exploit 2016-01-22 20:45:44 -06:00
wchen-r7 53e9bd7f51 This line does nothing 2016-01-22 18:55:45 -06:00
wchen-r7 0f9cf812b7 Bring wordpress_xmlrpc_login back, make wordpress_multicall as new 2016-01-22 18:54:20 -06:00
William Vu 1b386fa7f1 Add targets to avoid ARCH_ALL payload confusion 2016-01-22 16:45:10 -06:00
Christian Mehlmauer 51eb79adc7 first try in changing class names 2016-01-22 23:36:37 +01:00
wchen-r7 a3cafc3bae Update PHP meterpreter size 2016-01-22 15:14:18 -06:00
Starwarsfan2099 ad93d11868 Delete easyfilesharing_seh.rb 2016-01-22 13:04:14 -05:00
Starwarsfan2099 45c88d3189 Create easyfilesharing_seh.rb 2016-01-22 13:04:03 -05:00
Starwarsfan2099 76a8899d59 Delete EasyFileSharing_SEH.rb 2016-01-22 12:39:44 -05:00
wchen-r7 91db2597c7 normalize URIs 2016-01-22 11:27:26 -06:00
wchen-r7 b02c762b93 Grab zeroSteiner's module/jenkins-cmd branch 2016-01-22 10:17:32 -06:00
Lutz Wolf 99de466a4d Bugfix: specify scripting language 2016-01-22 15:00:10 +01:00
Christian Mehlmauer 484d57614a remove re-registered ssl options 2016-01-22 09:54:52 +01:00
Brent Cook dc6dd55fe4 Shrink the size of ms08_067 so that it again works with bind_tcp 
In #6283, we discovered that ms08_067 was busted with reverse_tcp. The
solution was to bump the amount of space needed to help with encoding.
However, we flew a little too close to the sun, and introduced a
regression with bind_tcp on Windows XP SP2 EN where the payload stages
but does not run.

This shrinks the payload just enough to make bind_tcp work again, but
reverse_tcp also continues to work as expected.
 2016-01-21 19:37:09 -06:00
wchen-r7 216986f7af Do API documentation, rspec, and other small changes 2016-01-21 17:22:14 -06:00
Starwarsfan2099 1a80878054 Create easyfilesharing_seh.rb 2016-01-21 13:46:43 -05:00
wchen-r7 d515e4db64 Unwanted comment 2016-01-21 00:55:08 -06:00
wchen-r7 bda76c7340 Update lastpass_creds module 2016-01-21 00:53:16 -06:00
KINGSABRI a8feb8cad5 make passwords faster for reading huge wordlest files 2016-01-21 03:32:50 +03:00
KINGSABRI 4cb19c75a6 Enhance the module and add version check 2016-01-21 03:19:31 +03:00
Starwarsfan2099 9b43876270 Create EasyFileSharing_SEH.rb 2016-01-20 18:18:00 -05:00
wchen-r7 fcaef76215 Do a version check 
This attack is not suitable for newer versions due to the
mitigation in place.
 2016-01-20 17:14:44 -06:00
nixawk ad107a2d1c Show - No Auth Required - Just Once 2016-01-19 08:29:33 +08:00
rastating a7cd5991ac Add encoding of the upload path into the module 2016-01-17 22:44:41 +00:00
rastating 5660c1238b Fix problem causing upload to fail on versions 1.2 and 1.3 of theme 2016-01-17 18:44:00 +00:00
nixawk 0b78406d29 clear Metasploit::Framework::LoginScanner::REDIS.new 2016-01-16 13:12:04 +08:00
nixawk b2983e1ee7 replace #{rhost}: #{rport} with #{peer} 2016-01-16 13:05:35 +08:00
nixawk 2abaca3f6b include Msf::Auxiliary::Redis / Remove default RPORT option 2016-01-16 12:58:02 +08:00
nixawk 643ebfed7e format print_status output for get_srv/get_tld 2016-01-16 11:21:16 +08:00
Martin Vigo 348ae586a7 Handle vault parsing exceptions 2016-01-15 14:54:59 -08:00