adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
41,886 Commits 27 Branches 1,043 Tags
f8a94de6710abe3042a26a9dca38dcccff2c93be
Commit Graph

21851 Commits

Author SHA1 Message Date
Christian Mehlmauer 84d5067abe add joomla RCE module 2015-12-15 17:20:49 +01:00
wchen-r7 ab3fe64b6e Add method peer for jenkins_java_deserialize.rb 2015-12-15 01:18:27 -06:00
Jon Hart b78f7b4d55 Land #6319, @all3g's module for abusing redis to achieve file uploads 2015-12-14 18:00:44 -08:00
Tyler Bennett bda6c940cf fixed issues with printing of tables and cleaned up output a bit removed unecessary prints 2015-12-14 16:23:18 -05:00
Jon Hart e448bc3e27 If saving fails, print_error and mention permissions 2015-12-14 10:47:05 -08:00
Jon Hart 19acd366d6 Rename redis file upload module; remove the 'auth' part 2015-12-14 10:40:28 -08:00
Tod Beardsley 30c805d9c7 Land #6344, R7-2015-22 / CVE-2015-8249 2015-12-14 12:30:51 -06:00
Tod Beardsley b25aae3602 Add refs to module 
See rapid7#6344.
 2015-12-14 12:05:46 -06:00
Brent Cook c00f05faba Land #6346, jenkins_java_deserialize check reliability fixes 2015-12-14 11:44:33 -06:00
William Vu b085989923 Land #6266, rsync creds scraper 2015-12-14 11:37:30 -06:00
wchen-r7 bd8aea2618 Fix check for jenkins_java_deserialize.rb 
This fixes the following:

* nil return value checks
* handle missing X-Jenkins-CLI-Port scenario more properly
* proper HTTP path normalization
 2015-12-14 11:25:59 -06:00
wchen-r7 5ffc80dc20 Add ManageEngine ConnectionId Arbitrary File Upload Vulnerability 2015-12-14 10:51:59 -06:00
Spencer McIntyre 4e492a1b0c Add an additional grammar change to the listener option 2015-12-13 12:04:20 -05:00
radekk 90a523fb0a Typos inside parameters description. 2015-12-12 22:48:20 +01:00
Vex Woo dee23e4bda Merge pull request #3 from jhart-r7/pr/fixup-6319 
Cleanup redis unauth_file_upload, move redis stuff to mixin
 2015-12-12 03:32:05 +00:00
dmohanty-r7 eb4611642d Add Jenkins CLI Java serialization exploit module 
CVE-2015-8103
 2015-12-11 14:57:10 -06:00
Jon Hart 9ef46140c0 Improve output when success 2015-12-11 10:10:44 -08:00
Jon Hart 32a64c3d8e Make auth easier, work automatically and on older redis versions 
Also, improve check
 2015-12-11 10:04:47 -08:00
Jon Hart ac47c87af4 Move Password option to redis mixin 2015-12-11 08:53:11 -08:00
Jon Hart 38d0b0a0f2 Wire in @all3g's redis auth code 2015-12-11 08:42:59 -08:00
Tyler Bennett c000e590d4 verified table values are correctly typed as Strs, but it still fails to print the tables 2015-12-10 15:51:59 -05:00
Jon Hart 555e52e416 Document the redis upload process more 2015-12-10 09:35:46 -08:00
Jon Hart 48a27170c2 Document process better, delete correct key 2015-12-10 09:13:13 -08:00
Jon Hart d2f54af23f Reset the dir and dbfilename back to their original settings 2015-12-10 08:56:24 -08:00
Jon Hart 21ab4e96e5 First pass at redis mixin 2015-12-10 08:29:59 -08:00
karllll a5c6e260f2 Update hp_vsa_login_bof.rb 
Updated reference URL to latest location
 2015-12-10 10:56:39 -05:00
William Vu 563be5c207 Land #6322, another Perl IRC bot exploit 2015-12-10 09:43:07 -06:00
William Vu a945350821 Land #6307, Perl IRC bot exploit 2015-12-10 09:42:35 -06:00
nixawk 0d8fc78257 make code more clear 2015-12-10 15:13:50 +00:00
nixawk 42013c18ba add a password option - AUTH_KEY 2015-12-10 08:24:47 +00:00
nixawk 28bc5b4d4f move it from exploit to auxiliary 2015-12-10 08:23:38 +00:00
Jon Hart 4cc7853ad8 Don't run_host unless check returns vulnerable; report_service 2015-12-09 18:33:40 -08:00
Jon Hart 624e5aeffa First pass at converting redis module to aux; style cleanup 2015-12-09 17:59:48 -08:00
Tyler Bennett c2ef7be217 cleaned up regex isseus and added the appropriate rex tables. Having issues with printing them due to type errors, but Im working on it 2015-12-09 17:49:38 -05:00
wchen-r7 11c1eb6c78 Raise Msf::NoCompatiblePayloadError if generate_payload_exe fails 
Most exploits don't check nil for generate_payload_exe, they just
assume they will always have a payload. If the method returns nil,
it ends up making debugging more difficult. Instead of checking nil
one by one, we just raise.
 2015-12-08 21:13:23 -06:00
Jon Hart 39da306b1d Land #6057, @danilbaz's module for dumping Bitlocker master key (FVEK) 2015-12-08 18:16:39 -08:00
Tyler Bennett e574c844de added rex table for channels func, has an issues with TypeError no implicit conversion of String into Integer upon building the table 2015-12-08 18:19:30 -05:00
Tyler Bennett 48cd350711 updated authors list with contributors 2015-12-08 16:29:00 -05:00
Tyler Bennett 92d56cd050 cleaned up uncessary Rex Tables working on the rest of them for users, groups and channels 2015-12-08 16:24:47 -05:00
wchen-r7 080ec26afb Land #4489, Update SMB admin modules to use Scanner & fixes 2015-12-08 14:49:26 -06:00
Jon Hart ed8076f361 Merge branch 'master' into pr/6197 2015-12-08 12:08:15 -08:00
Jon Hart 2177b979fd Update SessionTypes command to describe why shell is not listed 2015-12-08 12:06:47 -08:00
Jon Hart 3890961155 Correct SEP client exclusion enumeration 2015-12-08 10:16:25 -08:00
wchen-r7 7378e7b128 Do elog() when print_error() 2015-12-08 11:06:59 -06:00
BAZIN-HSC be5f648969 manage-bde.exe path test if in System32 or sysnative 2015-12-08 16:14:13 +01:00
wchen-r7 53acfd7ce3 Land #6303, Add phpFileManager 0.9.8 Remote Code Execution 2015-12-07 21:13:48 -06:00
wchen-r7 ea3c7cb35b Minor edits 2015-12-07 21:13:14 -06:00
Tyler Bennett 75e31c252e added rex table for nas settings, still working on users and hashes rex table 2015-12-07 14:48:28 -05:00
William Vu db788d1b7c Land #6238, CmdStager BOURNE_{PATH,FILE} options 2015-12-07 12:34:42 -06:00
Tyler Bennett 3d892bd1d6 added rex table for grab_email func instead of printing out values 2015-12-07 10:37:36 -05:00