adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
41,886 Commits 27 Branches 1,043 Tags
f8a94de6710abe3042a26a9dca38dcccff2c93be
Commit Graph

41886 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
bwatters-r7 272d1845fa Land #7934, Add exploit module for OpenOffice with a malicious macro 2017-02-09 13:42:58 -06:00
wchen-r7 4b5bc84f5c Land #7918, Fix report_vuln for aux/scanner checks 2017-02-09 12:18:33 -06:00
wchen-r7 188f7370d4 Fix grammar issues 2017-02-09 11:53:11 -06:00
Jeffrey Martin 3abd93d336 inverted conditional 2017-02-09 09:30:19 -06:00
Christian Mehlmauer 8ade9b8aae Land #7905, WordPress content injection module 2017-02-09 15:49:50 +01:00
wchen-r7 e1a1ea9d68 Fix grammar 2017-02-08 19:26:35 -06:00
William Vu cf395ea7b1 Make error checks more consistent 2017-02-08 18:00:44 -06:00
William Vu 0d56676690 Add error check for listing posts 2017-02-08 17:13:12 -06:00
wchen-r7 cf8aad9ee5 Add demo 2017-02-08 16:51:25 -06:00
wchen-r7 3e2e15c7b8 Add doc for openoffice_document_macro 2017-02-08 16:41:42 -06:00
wchen-r7 047a9b17cf Completed version of openoffice_document_macro 2017-02-08 16:29:40 -06:00
Spencer McIntyre cba5e266f8 Land #7916, module for netgear password disclosure 2017-02-08 15:48:55 -05:00
Carter e7b421e226 Update netgear_password_disclosure.rb 2017-02-08 13:40:11 -05:00
Mehmet Ince 4ee05313d8 Update tested version numbers 2017-02-08 19:31:01 +03:00
Tim 095831e029 fix silly typo 2017-02-08 23:41:15 +08:00
William Vu b06895b604 Hide RPORT more intelligently 2017-02-08 09:40:42 -06:00
Tim 870621d169 Add OverrideScheme option, fixes #7841 2017-02-08 23:30:29 +08:00
William Vu e76b53c5d1 Update doc 2017-02-08 09:25:16 -06:00
William Vu 766e7b013d Once more, with feeling 2017-02-08 09:17:37 -06:00
William Vu a71b097e6b Revert status iteration, since it doesn't work 
Also.
 2017-02-08 09:13:42 -06:00
Carter fd935c8e3c Update netgear_password_disclosure.rb 2017-02-08 09:14:39 -05:00
William Vu 6b2a995a7d Revert AutoPublish, since it doesn't work 
Apparently.
 2017-02-08 07:43:17 -06:00
William Vu df38a91fbd Be nice and parse JSON for the error 2017-02-08 07:37:09 -06:00
Carter 2dfff95669 Fix msftidy warning 2017-02-08 08:28:23 -05:00
William Vu befe224c58 Use wordpress_and_online? before actions 2017-02-08 07:24:57 -06:00
William Vu 3fdd3d3651 Move .rb module doc to .md 
I'm tired.
 2017-02-08 06:21:43 -06:00
William Vu 46ab03f528 Add SearchTerm to filter listed posts 2017-02-08 06:10:46 -06:00
William Vu 8493a734cb Add module doc to appease the @h00die god 
Straight rip of the PR description, yo.
 2017-02-08 05:35:52 -06:00
William Vu 064420075f Update diagnostics and print better header 2017-02-08 04:54:25 -06:00
William Vu 6df55c9733 Gotta catch 'em (post statuses) all 2017-02-08 04:31:06 -06:00
William Vu 7583d050b7 Add AutoPublish to publish updated posts 2017-02-08 04:01:42 -06:00
William Vu e480107bd5 Add PostCount (default 100) to list more posts 2017-02-08 03:52:20 -06:00
jvoisin f3bcc9f23f Take care of suhosin 2017-02-08 09:59:36 +01:00
jvoisin 028d4d6077 Make the payload a bit more random 2017-02-08 09:59:22 +01:00
William Vu 13f4b0d7ae Be more specific with invalid post ID 2017-02-08 02:18:52 -06:00
Carter c16b7e42a6 Fix review stuff 2017-02-07 21:41:38 -05:00
Carter 46fbc9dd3f Fix some formatting 2017-02-07 21:32:19 -05:00
Metasploit d81bdc1c02 Bump version of framework to 4.13.21 2017-02-07 17:27:47 -08:00
Brent Cook 906c56eb90 Land #7933, bump rex-core, fix path normalization 4.13.20 2017-02-07 19:22:53 -06:00
Brent Cook 74e029f3b1 Land #7932, Fix CVE-2017-5229 2017-02-07 19:22:36 -06:00
Brent Cook 522c6dce8e Land #7931, Fix CVE-2017-5231 and respect user's dest 2017-02-07 19:22:17 -06:00
Brent Cook db36cf5755 Land #7930, Fix CVE-2017-5228 2017-02-07 19:21:56 -06:00
Brent Cook 2d1989ef16 bump rex-core, fix path normalization 
Brings in fixes from https://github.com/rapid7/rex-core/pull/4
 2017-02-07 19:17:44 -06:00
Brent Cook 68a5d300fe minor style issues 2017-02-07 18:35:35 -06:00
William Vu 6f4ff89218 Add WPVDB reference 2017-02-07 18:33:58 -06:00
Brent Cook b370dd0654 Fix CVE-2017-5229 - extapi Clipboard.parse_dump() Directory Traversal 2017-02-07 18:24:06 -06:00
jvoisin cb03ca91e1 Make php_cgi_arg_injection work in certain environnement 
This commit sets two more options to `0` in the payload:

- [cgi.force_redirect](https://secure.php.net/manual/en/ini.core.php#ini.cgi.force-redirect)
- [cgi.redirect_status_env](https://secure.php.net/manual/en/ini.core.php#ini.cgi.redirect-status-env)

The configuration directive `cgi.force_redirect` prevents anyone from calling PHP
directly with a URL like http://my.host/cgi-bin/php/secretdir/script.php.
Instead, PHP will only parse in this mode if it has gone through a web server redirect rule.

The string set in the configuration directive `cgi.redirect_status_env`
is the one that PHP will look for to know it's ok to continue its
execution. This might be use together with the previous configuration
option as a security measure.

Setting those variables to 0 is (as stated in the documentation) a
security issue, but it also make the exploit work on some Apache2 setup.
 2017-02-07 18:59:27 +01:00
jvoisin 96f7b2e245 http_version now store the fngerprints 
Currently, the `http_version` module doesn't store the fingerprints
into the database; this commit should fix this behaviour.
 2017-02-07 18:36:36 +01:00
wchen-r7 cefbee2df4 Add PoC for OpenOffice macro module 2017-02-07 10:12:23 -06:00
Carter f4580a2616 Add token value check 
Sometimes it wouldn't return creds if the token is 0. It usually works after running it another time.
 2017-02-07 10:53:25 -05:00