infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
51,630 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

2107 Commits (master)

Author SHA1 Message Date
Jacob Robles 147b9fef98
Land #11665, Add APT persistence module 2019-04-27 12:32:21 -05:00
Jacob Robles 1faa41aafe
Dont require hook name 2019-04-26 13:11:40 -05:00
@shellfail c643436383
Update modules/exploits/linux/local/apt_package_manager_persistence.rb 
Changed Disclosure Date format

Co-Authored-By: aringo <ringo.aaron@gmail.com>
 2019-04-25 20:08:50 -05:00
Aaron Ringo 261a4271fa Updated some formatting as requested along with some rubocob requested 2019-04-25 16:15:00 -05:00
Aaron Ringo bd1113d53c Updated some formatting as requested along with some rubocob requested 2019-04-25 15:55:22 -05:00
William Vu 97545ceb9d Clarify NOCVE reason for Wemo exploit 2019-04-24 11:39:34 -05:00
William Vu 00cebda89e Fix typo of "reliability" - wow, I suck 2019-04-24 11:14:06 -05:00
Brent Cook 5ef5904296
Land #11747, updated test versions for abrt_raceabrt_priv_esc 2019-04-19 11:43:06 -05:00
h00die 072ac00acd
Land #11754 linux priv esc for SystemTap 2019-04-19 08:39:20 -04:00
bcoles 43c7b8bb63
Fix check 2019-04-19 12:54:30 +10:00
Brendan Coles 64ed136f09 Add SystemTap MODPROBE_OPTIONS Privilege Escalation module 2019-04-18 17:15:22 +00:00
Brendan Coles 754255a2fa Fix file description and update tested versions 2019-04-18 15:35:37 +00:00
Brendan Coles 10871fa115 Update tested versions 2019-04-18 09:01:51 +00:00
William Vu 6326aa5dda Clean up module and randomize username 2019-04-12 14:23:57 -05:00
William Vu 2ebee1226f
Land #11613, Cisco RV130 stack BOF exploit 2019-04-12 14:06:51 -05:00
Quentin Kaiser 5e189196de Target consolidation. 2019-04-12 10:58:56 +02:00
Quentin Kaiser dfb1ebb2e2 Remove Stance value as it is already defined by core/exploit/cmdstager/http. 2019-04-12 10:57:50 +02:00
William Vu d72672feed
Land #11672, Zimbra XXE and SSRF exploit 2019-04-10 09:58:45 -05:00
Quentin Kaiser 3517a4e237 Adapt ranking and mention potential stability issue. 2019-04-09 11:31:15 +02:00
William Vu e164c2350c Properly encode command input with XML entities 
REXML would make this less ghetto.
 2019-04-03 19:10:27 -05:00
todb-r7 9e3984ea51
Remove duplicate CVE for Mailcleaner module 
See #11304
 2019-04-02 12:51:09 -05:00
Jacob Robles 3d662bd962
Fix words because words... 2019-04-01 17:21:23 -05:00
Jacob Robles 69062bb220
Syntax fixes 2019-04-01 17:05:42 -05:00
Jacob Robles c07b015734
File cleanup 2019-04-01 11:39:40 -05:00
Jacob Robles 51d1216953
Update module name 2019-04-01 07:48:26 -05:00
Jacob Robles 0873ba7ac1
Add Zimbra XXE to RCE module 2019-04-01 07:32:57 -05:00
Aaron Ringo 22c3fe35f7 Changed hook payload to redirect errors, to not show up on target screen 2019-03-31 12:09:40 -05:00
Aaron Ringo 299334ae7f fixed bug where alphanumeric was never hit 2019-03-30 22:51:18 -05:00
Aaron Ringo 38bf99e729 Re-add of module after jacking up rebase, with new arches,conditional logic, documentation 2019-03-30 22:04:21 -05:00
Brent Cook 0a24266029
Land #11482, RV320 Unauthenticated RCE 2019-03-28 17:53:05 -05:00
Quentin Kaiser 9baaedce4e Indicate potential DoS in description. Define exploit stance explicitly. 2019-03-24 22:29:07 +01:00
Quentin Kaiser 5c048e7cd6 CISCO-SA not supported. 2019-03-24 22:20:31 +01:00
Quentin Kaiser be73f56610 Only got researchers name, no email. 2019-03-24 17:50:31 +01:00
Quentin Kaiser 4451225da7 Add httpd service reloading. 2019-03-24 17:49:55 +01:00
bcoles 5e470a538d
return unless res 2019-03-23 19:38:14 +11:00
Brendan Coles ccc8d9cdab return unless res 2019-03-23 08:51:25 +00:00
Quentin Kaiser 5562af39d3 Use CmdStager instead of hardcoded wget command. 2019-03-22 20:10:29 +01:00
Quentin Kaiser ef2c4310a4 Exploit for CVE-2019-1663 on Cisco RV130(W). 2019-03-22 17:34:12 +01:00
blightzero 9bb7f11897 Unregister SSLCert option since it is never used in thisHTTPServer module. 2019-03-20 14:21:40 +01:00
blightzero 1e00c28701 Checked the functionality of module. Added ability to connect via HTTPS. 2019-03-14 15:54:02 +01:00
William Vu 50f89321a0
Land #11419, systemd user service persistence 2019-03-06 01:39:58 -06:00
William Vu 31ba073009 Add per-target SHELLPATH defaults 2019-03-06 00:07:17 -06:00
William Vu c539951311 Clean up method 2019-03-05 23:17:34 -06:00
William Vu 715409496e
Fix #11210, imperva_securesphere_exec options 2019-03-05 22:01:24 -06:00
William Vu 4e31f53ca2 Fix required USERNAME and PASSWORD 
Somehow I forgot to commit this? Strange.
 2019-03-05 21:57:42 -06:00
William Vu c48dec7331
Land #11210, imperva_securesphere_exec exploit 2019-03-05 21:52:13 -06:00
William Vu 4e76eeceb7 Clean up module 2019-03-05 21:37:55 -06:00
William Vu 1f5695de07 Fix TrailingCommaInArrayLiteral in my modules 2019-03-05 21:02:39 -06:00
blightzero 0551f3df3c Refactored code to return early. Untested. 2019-03-05 17:55:34 +01:00
William Vu 502f63c0c4 Indent SOAP requests and prefer $() over `` 2019-03-04 19:10:33 -06:00