adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
57,058 Commits 27 Branches 1,043 Tags
ff4db5daeac984845ebccd3ed34db41f8a37e7aa
Commit Graph

2614 Commits

Author SHA1 Message Date
William Vu 398c13a1b2 Add Mikhail Klyuchnikov's writeup as a reference 2020-07-08 14:36:42 -05:00
William Vu ee240393f4 Credit Mikhail Klyuchnikov for CVE-2019-19781 2020-07-08 14:35:16 -05:00
William Vu d726a2cdcb Fix a few final things 2020-07-07 12:06:05 -05:00
William Vu c8176b803a Add version information to the description 2020-07-06 16:24:22 -05:00
William Vu 7ef4cb64ad Tweak timeouts to avoid a race condition 2020-07-06 14:30:27 -05:00
William Vu be90526d5f Add vuln discovery credit and reference 2020-07-06 14:26:52 -05:00
William Vu 41bb4d3a8d Add dir_trav method back in 
I was wondering why I refactored it away. Oh, I needed it.
 2020-07-05 18:23:45 -05:00
William Vu 1f765d0e1f Upgrade CheckCodes, since the dir traversal passed 2020-07-05 16:29:53 -05:00
William Vu 6e7701ba21 Add rudimentary check method 2020-07-05 16:18:03 -05:00
William Vu 0417e88ff2 Add F5 BIG-IP TMUI RCE (CVE-2020-5902) 2020-07-05 15:22:15 -05:00
William Vu 36b5d237fa Make cmd/unix target types consistent to :unix_cmd 
There were some using :unix_command, and it was just an oversight.
 2020-07-05 11:16:47 -05:00
William Vu 01899d4843 Land #13787, AutoCheck mixin refactor with prepend 2020-07-01 14:49:03 -05:00
William Vu 08c1402be9 Land #13733, AnyDesk GUI CVE-2020-13160 exploit 2020-07-01 14:47:07 -05:00
William Vu ffc07d6c8f Merge remote-tracking branch 'upstream/master' into pr/13787 2020-07-01 14:42:16 -05:00
Spencer McIntyre a27bf9df38 Fix some grammatical mistakes and set a default target for anydesk 2020-07-01 15:27:33 -04:00
wvu-r7 e0fbc9fd05 Correct whitespace change 
Seems like a typo.
 2020-07-01 11:00:04 -05:00
Shelby Pace e2f6330755 Land #13725, fix error / clean up atutor exploit 2020-06-30 13:32:34 -05:00
William Vu 755d2d3261 Use subpar regex validation on LEAK_FILE 2020-06-30 11:17:26 -05:00
Alan Foster b841246536 Update autocheck to use prepend instead of include, add ForceExploit functionality 2020-06-30 11:40:46 +01:00
Spencer McIntyre bb33bc9c62 Randomize the bad unicode character used to trigger the vulnerability 2020-06-26 13:05:43 -04:00
Pedro Ribeiro 6e8178735f Update ibm_drm_rce.rb 2020-06-26 11:38:55 +07:00
Pedro Ribeiro 2ba8573ef9 Update IBM DRM rce module 2020-06-26 11:31:10 +07:00
Pedro Ribeiro 34fd858265 Update IBM DRM SSH module 2020-06-26 11:28:21 +07:00
Spencer McIntyre fb4ec60a30 Apply rubocop linting and add an Ubuntu 20.04 target 2020-06-25 16:18:17 -04:00
adfoster-r7 fceb96e659 Land #13608, update elog calls to be consistent across 2020-06-23 09:47:01 +01:00
Adam Galway 1a2bf98222 creates standard elog & updates exisiting usages 2020-06-22 12:48:39 +01:00
h00die 6e93dcf8c2 Land #13645, Trend Micro WebSecurity RCE 2020-06-22 06:51:26 -04:00
h00die 6a3633c2c0 fixing up some styles and such 2020-06-20 12:05:48 -04:00
mdisec 260607e8f9 Adding check on exploit method 2020-06-19 19:00:52 +03:00
mdisec 7ab5474175 Change check method and regex for cookie 2020-06-19 16:15:11 +03:00
mdisec 229760a826 Fixing document file and module improvements 2020-06-18 20:11:55 +03:00
Shelby Pace db4006e9f6 Land #13607, add Cayin exploit modules 2020-06-18 10:33:49 -05:00
h00die 7bd2ba3aed remove debugging 2020-06-17 12:04:18 -04:00
h00die c2c931030f review comments 2020-06-17 11:47:11 -04:00
Spencer McIntyre f1c4cecf6d Add module docs for CVE-2020-13160 2020-06-17 11:30:41 -04:00
Tod Beardsley dc54145fa9 Add CVE-2020-7357 as a reference for Caiyn CMS 2020-06-17 09:56:10 -05:00
Spencer McIntyre 3edae89496 Add an exploit for CVE-2020-13160 2020-06-17 10:14:35 -04:00
kalba-security f0255e3c81 Fix atutor_filemanager_traversal credentials checks and clean up code 2020-06-15 12:15:00 -04:00
mdisec a0740f4698 Add trend micro websecurity rce 2020-06-14 20:33:46 +03:00
h00die 4702d87684 cleanup 2020-06-12 10:46:44 -04:00
dwelch-r7 10bb17d8fd Land #13374, Fix encoding bug 2020-06-11 12:30:12 +01:00
Christophe De La Fuente 797673fd57 Land #13537, add new module linuxki_rce (CVE-2020-7209) 2020-06-10 11:46:34 +02:00
Numan Türle 14bb64c8ae Update linuxki_rce.rb 
default payload added
 2020-06-10 01:59:00 +03:00
Numan Türle 095b6855e9 Update modules/exploits/linux/http/linuxki_rce.rb 
Co-authored-by: cdelafuente-r7 <56716719+cdelafuente-r7@users.noreply.github.com>
 2020-06-08 16:03:33 +03:00
numanturle d238c00e1c add target 2020-06-07 20:36:01 +03:00
William Vu 64de8c4503 Document directory traversals 2020-06-02 22:13:07 -05:00
William Vu 4a9c2988e2 Base64-encode command payload to avoid escaping 2020-06-02 22:13:07 -05:00
William Vu 32ae47c9a9 Add Cisco UCS Director Cloupia script RCE 2020-06-02 22:13:07 -05:00
numanturle dd5ed53217 fix missing module 
CmdStager included
 2020-05-30 06:09:49 +03:00
numanturle f7cdbc5faf author name change 2020-05-30 05:49:22 +03:00