infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
23,751 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

645 Commits (0b3f49f22ad463a0b349dee4040d6b18f5cb3b06)

Author SHA1 Message Date
sinn3r 0c3a535434
Land #3133 - LifeSize UVC Authenticated RCE via Ping 2014-03-24 21:16:10 -05:00
sinn3r 53b25c8c93 Fix header & author e-mail format 2014-03-24 21:15:27 -05:00
Brandon Perry d2a9a26bc8 real fix for sinn3r bug 2014-03-24 18:40:48 -05:00
Brandon Perry ec35f4b13f some bugs for sinn3r 2014-03-24 18:17:50 -05:00
Tod Beardsley cfdd64d5b1
Title, description grammar and spelling 2014-03-24 12:16:59 -05:00
Brandon Perry d6f397ab6d whoops that isn't how you EDB 2014-03-22 11:48:41 -05:00
Brandon Perry 291692d6e0 Update lifesize_uvc_ping_rce.rb 2014-03-22 11:30:00 -05:00
Brandon Perry 67a3a7227b Create lifesize_uvc_ping_rce.rb 2014-03-21 21:33:12 -05:00
jvazquez-r7 144b86fee3 Add reference 2014-03-19 12:17:53 -05:00
jvazquez-r7 27d142b387 Solve conflict by keeping file 2014-03-19 12:15:05 -05:00
jvazquez-r7 fb645b6692 Clean code 2014-03-19 12:06:20 -05:00
jvazquez-r7 38176ad67d
Land #3109, @xistence's Loadbalancer.org Enterprise VA applicance exploit 2014-03-18 06:53:26 -05:00
jvazquez-r7 ddd923793a Do minor clean up 2014-03-18 06:52:50 -05:00
jvazquez-r7 ad49df4301 Register RHOST 2014-03-18 06:17:41 -05:00
jvazquez-r7 600338bd29
Land #3108, @xistence's exploit for Quantum vmPRO shell-escape 2014-03-18 06:12:18 -05:00
jvazquez-r7 f656e5fedb Do minor clean up 2014-03-18 06:11:02 -05:00
xistence 9bb4e5cfc3 Loadbalancer.org Enterprise VA SSH privkey exposure 2014-03-17 14:22:51 +07:00
xistence c116697c70 Quantum vmPRO backdoor command 2014-03-17 14:19:27 +07:00
xistence ef4a019b20 Quantum DXi V1000 SSH private key exposure 2014-03-17 14:15:00 +07:00
William Vu 170608e97b Fix first chunk of msftidy "bad char" errors 
There needs to be a better way to go about preventing/fixing these.
 2014-03-11 11:18:54 -05:00
James Lee 68205fa43c
Actually use the argument 2014-03-04 11:30:42 -06:00
jvazquez-r7 79d559a0c9 Fix MIME message to_s 2014-02-10 22:23:23 -06:00
Tod Beardsley 1236a4eb07
Fixup on description and some option descrips 2014-02-10 14:41:59 -06:00
sinn3r c96116b193
Land #2949 - Add module Kloxo SQLi 2014-02-08 13:45:11 -06:00
jvazquez-r7 c679b1001b Make pring_warning verbose 2014-02-07 10:23:07 -06:00
James Lee 4236abe282
Better SIGHUP handling 2014-02-06 15:21:54 -06:00
jvazquez-r7 fdb954fdfb Report credentials 2014-02-05 14:37:33 -06:00
jvazquez-r7 631559a2e8 Add module for Kloco SQLi 2014-02-05 14:18:56 -06:00
xistence 50f860757b Changes made to pandora_fms_exec module as requested 2014-02-03 14:10:27 +07:00
xistence 9a929e75e4 Added Pandora FMS RCE 2014-01-29 12:46:23 +07:00
sinn3r a7fa4e312b This module fails to load due to the missing end 2014-01-24 17:56:47 -06:00
sinn3r cdc425e4eb Update some checks 2014-01-24 12:08:23 -06:00
sinn3r 0a10c1297c Address nil 2014-01-23 11:00:28 -06:00
sinn3r 333229ea7e Throw Unknown if connection times out 2014-01-23 10:54:45 -06:00
sinn3r c83053ba9b Progress 2014-01-22 11:20:10 -06:00
sinn3r 646f7835a3 Saving progress 2014-01-21 17:14:55 -06:00
jvazquez-r7 272fe5ddfd Delete debug comments 2014-01-16 16:12:12 -06:00
jvazquez-r7 8213eed49f Delete Netgear N150 target, ist's a Netgear DGN1000 model 2014-01-16 15:14:31 -06:00
jvazquez-r7 139119d32c Add Manual targets to sercomm_exec 2014-01-16 12:44:26 -06:00
jvazquez-r7 0922aef8d1 Update module description 2014-01-16 11:16:11 -06:00
Matt Andreko b7b1ddf1e8 Sercomm Exploit module fixes 
Added targets for 8 specific targets that I've tested: Cisco WAP4410N,
Honeywell WAP-PL2 IP Camera, Netgear DG834, Netgear DG834G, Netgear
DG834PN, Netgear DGN1000, Netgear DSG835, Netgear WPNT834
Added functionality to the CmdStagerEcho mix-in to support encoding via
octal instead of hex based on the :enc_type option. This is because many
devices would not output hex encoded values properly.
Added options on a per-target basis for the PackFormat (endian pack()
values for communication), UploadPath (because /tmp wasn't always
writable), and PayloadEncode (previously mentioned octal encoding
option)
Note for some reason, some devices communicate over one endianness, but
then require a payload for the other endianess. I'm not sure what's
causing this, but if those specific combinations are not used, the
exploit fails. More research may be required for this.
 2014-01-13 16:58:32 -05:00
jvazquez-r7 24c57b34a7 Have into account endianess 2014-01-13 15:04:23 -06:00
Tod Beardsley 671027a126
Pre-release title/desc fixes 2014-01-13 13:57:34 -06:00
jvazquez-r7 9d14dd59eb Delete parentheses 2014-01-09 15:17:13 -06:00
jvazquez-r7 85203c2f2a
Land #2823, @mandreko's exploit module for OSVDB 101653 2014-01-09 10:27:44 -06:00
Matt Andreko 40d2299ab4 Added tested device 2014-01-09 10:46:14 -05:00
Matt Andreko c50f7697a5 Merge branch 'review_2823' of https://github.com/jvazquez-r7/metasploit-framework into sercomm_exec 2014-01-09 10:39:12 -05:00
jvazquez-r7 bbaaecd648 Delete commas 2014-01-09 08:01:11 -06:00
jvazquez-r7 5e510dc64c Add minor fixes, mainly formatting 2014-01-09 07:51:42 -06:00
Matt Andreko ed6723655d Code Review Feedback 
Fixed some handling of errors and invalid hosts
 2014-01-09 08:44:01 -05:00