infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
45,876 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

1700 Commits (1acff72f2286f61eb2fb676ab1d013487728a9b0)

Author SHA1 Message Date
Brendan Coles f0136e5a42
Land #10767, Add Cisco Prime Infrastructure remote root exploit 2018-11-10 09:00:37 -08:00
Wei Chen 69e72e6a1f
Land #10847 - Add blueimp's jQuery (Arbitrary) File Upload 
CVE-2018-9206
 2018-11-05 09:39:35 -08:00
Brent Cook c2405c2750
Land #10888, Fix Net::SSH::CommandStream session open failure 2018-11-05 09:16:54 -08:00
Green-m f29dc68353
Land #10919, Add doc for ftp capture module. 
And add a custom option banner for it.
 2018-11-04 22:20:29 -08:00
Jacob Robles ea1c4596d9
Land #10901, Add modules for iOS images and texts 2018-11-02 11:49:40 -07:00
Brent Cook 549c835af5
Land #10836, Add Morris worm sendmail debug mode exploit 2018-11-02 09:22:22 -07:00
Brent Cook 1ae0455b2e
Land #10700, Add Morris worm fingerd exploit and VAX reverse shell 2018-11-02 09:22:21 -07:00
bwatters-r7 4a9f6f5d06
Land #10561, Add Windows local privilege escalation - CVE-2018-0824 
Merge branch 'land-10561' into upstream-master
 2018-10-25 12:33:06 -07:00
Wei Chen a43edc4fbf
Land #10864, Add Cisco WebEx RCE Modules 2018-10-25 12:33:06 -07:00
Brent Cook faf1a44cc4
Land #10848, improve play_youtube post module 2018-10-23 14:48:44 -07:00
Brent Cook 2c347d51b1
Land #10855, Enable non-session command output for SSH modules 2018-10-23 16:44:03 -05:00
Brent Cook 833807973c
Land #10835, libssh fingerprint improvements 2018-10-19 19:13:36 -07:00
Brent Cook f88790c2c0
Land #10820, Add libssh authentication bypass scanner/"exploit" 2018-10-19 12:03:28 -07:00
Wei Chen 3cbc33204c
Land #10664, add Windows SetImeInfoEx Win32k NULL Pointer Dereference 2018-10-18 21:02:13 -07:00
Wei Chen 7d04ebcf5f
Land #9642, support version 5 for GetGo Download Manager bof exploit 2018-10-15 13:49:36 -07:00
Brendan Coles 52a919c361
Land #10800, Add docs for auxiliary/scanner/snmp/ Cisco modules 2018-10-15 00:06:43 -07:00
Brendan Coles c57a9dde08
Land #10797, Add docs for auxiliary/scanner/sip/options_tcp module 2018-10-15 00:02:53 -07:00
h00die fcc59c3600
Land #10668 rsh stack clash solaris priv esc 2018-10-14 07:36:58 -07:00
William Vu 34a1c48d7c
Land #10671, struts2_namespace_ognl updates 
There are still some outstanding concerns, but I want to unblock this.
 2018-10-12 09:16:44 -07:00
Jacob Robles 2f202583be
Land #10335, Add vlc_mkv exploit module 2018-10-10 11:49:11 -07:00
Shelby Pace ec5530ece1
Land #10672, Add COMMGR Buffer Overflow module 2018-10-08 08:07:41 -07:00
Brent Cook 2be1b87d0d
Land #9745, Add ifwatchd QNX privilege escalation exploit module 2018-10-06 02:06:28 -07:00
Brent Cook 1ff5d8f6bd
Land #10616, update Unitrends UEB module to support vulnerabilities in version 10 2018-10-05 14:23:01 -07:00
Brent Cook 5f43c7f3e9
Land #10745, Update lastore_daemon_dbus_priv_esc tested versions 2018-10-05 08:37:12 -07:00
bwatters-r7 0f4ef19555
Land #10418, Add DCOM/RPC NTLM Reflection (MS16-075) Via Reflective DLL 
Merge branch 'land-10418' into upstream-master
 2018-10-04 14:57:20 -07:00
Jacob Robles 9762f921b8
Land #10738, Add Zahir Enterprise 6 build 10b BOF 2018-10-04 09:03:40 -07:00
Jacob Robles ff06f81f89
Land #10704, Navigate CMS Unauthenticated RCE 2018-10-04 04:48:35 -07:00
Brent Cook 3ad5bd429a
Land #10732, add api key for android wlan_geolocate 2018-10-02 11:46:30 -07:00
Tim W d340eeecf9
Land #10427, add OSX VNC password gather module 2018-10-02 11:46:30 -07:00
Tim W c2d9677504
Land #10723, fix another typo in windows reverse_tcp docs 2018-10-02 11:46:30 -07:00
Tim W 5ea9507604
Land #10722, fix typo in windows reverse_tcp docs 2018-10-02 11:46:29 -07:00
Brent Cook bff3047e93
Land #10428, Update Windows MySQL UDF files, add docs 2018-09-24 19:13:53 -07:00
Adam Cammack d904fcb866
Land #10695, Add docs for Apple iOS WebKit DoS 2018-09-24 10:48:42 -07:00
h00die c3f335ebb7
Land #10663 extremeparr solaris LPE 2018-09-24 10:48:42 -07:00
bwatters-r7 2b194e2b47
Land #10643, CVE-2018-8440 ALPC Scheduler 
Merge branch 'land-10643' into upstream-master
 2018-09-24 10:48:41 -07:00
Brendan Coles 53c1adcb41
Land #10628, Add Solaris srsexec Arbitrary File Reader module 2018-09-24 10:48:41 -07:00
William Vu 785cf9e5aa
Land #10670, Pimcore SQLi module 2018-09-19 18:52:40 -07:00
William Vu 4ca0566e10
Land #10673, dolibarr_list_creds{,_sqli} rename 2018-09-19 16:57:51 -07:00
h00die fd59cbb61f
Land #10620 Solaris 10 LPE for libnspr 2018-09-17 15:12:51 -07:00
Jacob Robles 5861087061
Land #10598, Store Credentials Found with PhpMyAdmin Password Extractor 2018-09-10 09:51:51 -07:00
Wei Chen 3e801c22fb
Land #10546, Add Apache Struts exploit: CVE-2018-11776 2018-09-07 12:56:02 -07:00
Adam Cammack 9e3f4744f7
Land #10602, Fix windows/shell/reverse_ord_tcp doc 2018-09-07 10:08:28 -07:00
Wei Chen eb39f6da51
Land #10564, Add Ghostscript exploit from taviso 2018-09-05 19:09:11 -07:00
Brent Cook a2eb43ab83
Land #10474, add documention for windows/shell/reverse_ord_tcp 2018-09-05 07:08:02 -07:00
Wei Chen 8897a5d7c6
Land #10568, Update weblogic module docs 2018-08-31 12:07:12 -07:00
Wei Chen d1d308e542
Land #10565, Add Dolibarr ERP/CRM Auxiliary Module 2018-08-31 11:49:23 -07:00
Shelby Pace 2ecff39be4
Land #10484, Add PhpMyAdmin password extractor 2018-08-30 10:18:38 -07:00
Shelby Pace bc87643ea3
Land #10482, Add Network Manager VPNC Privesc 2018-08-30 08:49:38 -07:00
Jacob Robles d7728afe42
Land #10540, weblogic_deserialize, add check method and linux target 2018-08-30 04:13:58 -07:00
Jacob Robles 7a99fc7066
Land #10545, foxit fix generated strings, update doc 2018-08-30 03:58:19 -07:00
bwatters-r7 631e8bf110
Land #8983, Add peinjector post module 
Merge branch 'land-8983' into upstream-master
 2018-08-28 16:55:01 -07:00
William Vu 415379e7ee
Land #9364, HP PJL/SNMP CVE-2017-2741 exploit 
Finally!
 2018-08-23 20:50:23 -07:00
h00die 179b874763
Land #10467 documentation for postgresql hashdump 2018-08-23 18:37:01 -07:00
h00die e444aa0489
Land #10466 docs for postgres_version 2018-08-23 18:12:41 -07:00
h00die 93f68e817a
Land #10517 updated docs for CloudMe Sync 2018-08-23 17:57:30 -07:00
Wei Chen 7b7c5a73c4
Land #10504, add Foxit Reader UAF Module and Docs 2018-08-23 16:57:43 -07:00
William Vu 0739892cc8
Land #10498, module doc for ssh_enumusers 2018-08-21 09:05:07 -07:00
Tim W f295b22290
Land #10313, add linux autostart persistence module 2018-08-20 03:19:57 -07:00
Tim W e5ef254155
Land #10320, add module for persistence in /etc/rc.local 2018-08-19 00:33:19 -07:00
William Vu c91eff48fb
Land #10472, marked_redos module doc fixes 2018-08-16 13:43:26 -07:00
William Vu e1097f7e38
Land #10120, npm "marked" ReDoS module 2018-08-16 13:43:26 -07:00
h00die 76e08b9c4a
Land #10457 docs for elasticsearch indices_enum 2018-08-15 11:40:29 -07:00
h00die 91c61bb692
Land #10454 updates to cgit exploit docs 2018-08-15 11:40:29 -07:00
Jacob Robles 9617c79f44
Land #10420, cgit < 1.2.1 Directory Traversal 2018-08-13 14:28:21 -07:00
Shelby Pace 1a86d57bce
Land #10404, Add Path Traversal Oracle GlassFish 2018-08-13 09:18:05 -07:00
Wei Chen 8b75c7d9ab
Land #10436, Add WebLogic exploit (CVE-2018-2628) 2018-08-09 12:54:19 -07:00
Brent Cook b42cf88276
Land #10386, Add IEC104 client module 2018-08-04 05:44:48 -07:00
Brent Cook 3fd0119d27
Land #9692, Add DoS module for Siemens Siprotec 4 2018-08-04 05:23:03 -07:00
Brendan Coles 9ac0d0cf6e
Land #10358, Add Dicoogle PACS Directory Traversal scanner module 2018-08-03 22:30:03 -07:00
Wei Chen 937174d321
Land #10412, Add Cisco directory traversal auxiliary module 2018-08-02 14:47:24 -07:00
Tim W 65fcdcfd2f
Land #9884, add linux ufo priv esc module 2018-08-02 02:56:27 -07:00
Wei Chen 580f4cf509
Land #10255, Adding Micro Focus Secure Messaging Gateway RCE 2018-07-30 19:08:43 -07:00
William Vu 0bc84bb6c6
Land #10305, SonicWall XML-RPC RCE 2018-07-30 12:15:59 -07:00
Jacob Robles 7e180a390c
Land #10060, vTiger CRM v6.3.0 Upload RCE 2018-07-30 10:34:17 -07:00
Shelby Pace ea2a9081a6
Land #10247, add WordPress Arbitrary File Deletion 2018-07-30 07:09:04 -07:00
Wei Chen b42545a153
Land #10387, Update mov_ss and add mov_ss_dll 2018-07-27 12:55:43 -07:00
Wei Chen 3a67d89711
Land #10383, Add WP Responsive Thumbnail Slider Plugin Exploit Module 2018-07-26 21:56:35 -07:00
Brent Cook e74ef65aa5
Land #9964, android post module to extract subscriber info 2018-07-26 15:00:23 -07:00
Wei Chen 5fce9d8222
Land #10300, Add root exploit for Axis network cameras 2018-07-25 12:47:50 -07:00
William Vu 68272c410e
Land #10357, CouchDB improvements and docs 2018-07-24 22:59:52 -07:00
Wei Chen 3fbd4f8f2f
Land #10368, PhpMyAdmin Login Scanner Module 2018-07-24 21:27:32 -07:00
Brent Cook e9b04b9750
Land #10362, Fix reporting in backup_file, add more docs 2018-07-23 16:27:45 -07:00
Wei Chen e075836ad5
Land #10346, update check method and doc for CMS Made Simple 2018-07-20 15:49:07 -07:00
Wei Chen fdc24fe453
Land #10327, Add CMS Made Simple Upload/Rename Authenticated RCE 2018-07-19 10:20:10 -07:00
Tim W 691d8f2c41
Land #9753, Linux BPF sign extension local privesc 2018-07-18 11:05:32 -07:00
William Vu 88518ec4ae
Land #10064, Claymore Dual Miner API RCE 2018-07-16 16:04:38 -07:00
Jacob Robles d138ddba8d
Land #10295, Add QNAP Q'Center change_passwd Command Execution exploit 2018-07-14 08:20:32 -07:00
Wei Chen 06e8cc49f5
Land #10297, Add priv escalation mod for CVE-2018-8897 2018-07-13 08:57:19 -07:00
William Vu 942befab73
Land #10302, module doc fixes 2018-07-12 21:53:05 -07:00
William Vu 3ffcc658e6
Land #10296, a few aux module docs 2018-07-12 20:22:03 -07:00
William Vu f6a7f19e2b
Land #10027, Hadoop unauthed command execution 2018-07-12 20:00:57 -07:00
William Vu f18fd4aca1
Land #9780, CouchDB auth bypass and RCE 2018-07-12 11:24:05 -05:00
William Vu 81ef17aa62
Land #10286, Docker server version scanner 2018-07-12 11:24:04 -05:00
Shelby Pace 8586e6fc8f
Land #10260, Add phpMyAdmin v4.8.1/4.8.0 LFI RCE 2018-07-12 11:24:03 -05:00
Shelby Pace 45f354e55d
Land #10231, Monstra Fileupload Exec 2018-07-12 11:24:02 -05:00
Brent Cook 3a92908e9b
Land #10108, add IBM QRadar SIEM exploit 2018-07-12 11:24:02 -05:00
Jacob Robles 9dc3e35f23
Land #10107, Add the scanner/smb/impacket/secretsdump module 2018-07-06 13:02:46 -07:00
Shelby Pace a4f0dc5ea2
Land #10133, Add HID discoveryd RCE exploit 2018-07-06 12:35:38 -07:00
Wei Chen e915bb0f66
Land #10262, Add GitList argument injection exploit module 2018-07-06 12:30:10 -07:00
Brent Cook 5d95172a81
Land #10171, Implement desktop shell and screensaver post modules 2018-07-05 15:36:46 -07:00
Brent Cook 1abbd61cee
Land #10246, add documentation for APK injection 2018-07-05 15:28:41 -07:00
Brent Cook b5981caa0b
Land #10219, Add HP VAN SDN Controller exploit 2018-07-05 12:23:50 -07:00
Wei Chen 144923db3a
Land #10237, Add Boxoft WAV to MP3 Converter exploit module 2018-07-02 12:03:05 -07:00
Jacob Robles fa95c0c2a1
Land #9958, Nagios xi 2 electric 2018-06-29 10:18:13 -07:00
Brendan Coles 9bed9f0797
Land #10213, Add FTPShell client 6.70 Stack Buffer Overflow exploit 2018-06-29 07:39:54 -07:00
William Vu 87b50e57cc
Land #9933, auxiliary/scanner/db2/discovery docs 2018-06-27 14:03:34 -07:00
Adam Cammack 165fb9dc79
Land #10109, Teradata login scanner and SQL runner 2018-06-27 13:39:02 -07:00
Shelby Pace f14597bcb2
Land #10199, Kace Systems Management Command Injection 2018-06-26 10:11:07 -07:00
Wei Chen 0a9dca2b5a
Land 10200, Add SickRage Password Leak Auxiliary Module 2018-06-25 15:27:22 -07:00
Brent Cook 679378d025
Land #10156, WebKit, as used in WebKitGTK+ Crash - CVE-2018-11646 2018-06-21 14:33:05 -07:00
Wei Chen cc293b54c4
Land #10193, Updated Documentation for httpdasm module 2018-06-21 11:06:35 -07:00
Wei Chen 17c0bc1fa7
Land #10183, Add auxiliary mod to exploit httpdasm dir traversal vuln 2018-06-19 12:58:49 -07:00
Jacob Robles 95cb9f3654
Land #9825, Add 'phpMyAdmin Authenticated Remote Code Execution' 2018-06-18 06:55:53 -07:00
William Vu 94abd923f3
Land #10021, post/multi/recon/sudo_commands module 2018-06-14 14:35:32 -07:00
bwatters-r7 fff6d2ebb7
Lad #10017, D-Link DSL-2750B Unauthenticated OS Command Injection 
Merge branch 'land-10017' into upstream-master
 2018-06-14 15:09:38 -05:00
bwatters-r7 7e2c1fae2c
Land #10148, Add New Module - Badpdf 
Merge branch 'land-10148' into upstream-master
 2018-06-12 15:21:25 -07:00
bwatters-r7 0a19221af2
Land #10101, Add glibc 'realpath()' Privilege Escalation exploit 2018-06-12 14:43:57 -07:00
William Vu 7f372d178d
Land #10059, CVE-2018-1111 exploit 2018-06-12 13:04:36 -07:00
Aaron Soto aa5c114364
Land #10067, Added `auxiliary/fileformat/odt_badodt` 2018-06-06 09:29:34 -07:00
Aaron Soto f6e0f5bd81
Land #10115, Added module `auxiliary/fileformat/multidrop` 2018-06-05 14:32:25 -07:00
Jacob Robles 1df5b7655f
Land #10106, Add the scanner/smb/impacket/wmiexec module 2018-06-05 06:39:34 -07:00
Brent Cook 31ce48502c
Land #9528, WebKit apple safari trident exploit (CVE-2016-4657) 2018-06-04 15:37:57 -07:00
Brent Cook 650c5c7a93
Land #10121, finish deprecating modules 2018-06-04 15:37:56 -07:00
bwatters-r7 e7ab118aaf
Land #9777, Slui File Handler Hijack LPE 2018-06-01 07:03:22 -07:00
Aaron Soto c8ff6cb5a4
Land #9701, Flexense HTTP Server DoS exploit 2018-06-01 07:03:22 -07:00
Tim W 016ee4d460
Land #9987, AF_PACKET chocobo_root exploit 2018-05-21 15:22:51 -07:00
bwatters-r7 81368bef7a
Land #9966, Add Reliable Datagram Sockets (RDS) Privilege Escalation exploit 
Merge branch 'land-9966' into upstream-master
 2018-05-21 17:01:36 -05:00
Tim W d5019be697
Land #10049, fix docs for android/gather/wireless_ap 2018-05-17 08:16:35 -07:00
Tim W a51c1209ab
Land #9956, add module to extract wireless credentials on Android 2018-05-17 08:16:35 -07:00
Tim W bacab0507b
Land #9947, AF_PACKET packet_set_ring exploit 2018-05-17 08:16:34 -07:00
Jacob Robles 6e71f5c5fd
Land #9816, Add the scanner/smb/impacket/dcomexec module 2018-05-17 08:16:34 -07:00
William Vu bbb5ff8ad4
Land #7815, CVE-2016-9299 exploit 2018-05-17 08:16:33 -07:00
Tim W 1de1b04c4f
Land #9919, add libuser roothelper privilege escalation exploit 2018-05-15 11:58:14 -07:00
Jacob Robles b2b97db28b
Land #9878, Add MSF module for EDB 6768, Mantis <= v1.1.3 Post-auth RCE 2018-05-09 17:48:53 -07:00
William Vu 0aaae09e5c
Land #9980, PAN-OS readSessionVarsFromFile exploit 2018-05-09 17:48:53 -07:00
Jacob Robles dcbc871883
Land #9988, playsms_uploadcsv_exec 2018-05-07 09:35:08 -07:00
Jacob Robles 75196b4fc6
Land #9944, playsms_filename_exec.rb 2018-05-07 09:35:08 -07:00
William Vu 935fa6414e
Land #9968, second round of Drupalgeddon 2 updates 2018-05-04 09:38:34 -05:00
bwatters-r7 38465e69a8
Land #8795, Added CVE-2016-0040 Windows Privilege Escalation 
Merge branch 'land-8795' into upstream-master
 2018-05-04 09:38:28 -05:00
Jacob Robles 8739befa70
Land #9821, osCommerce 2.3.4.1 - Remote Code Execution 2018-05-03 09:21:02 -07:00
Aaron Soto c38bca1799
Land #9908, msfd_rce_remote and msfd_rce_browser 2018-04-30 09:49:50 -05:00
Aaron Soto 3b8280c33f
Land #9918, XDebug Unauthenticated OS command execution 2018-04-30 09:42:26 -05:00
Brent Cook 3b7d2c8177
Land #9853, Update Linux sock_sendpage local exploit module 2018-04-26 16:06:10 -07:00
Brent Cook d340ef2632
Land #9876, Drupalgeddon 2 2018-04-26 08:29:59 -07:00
Wei Chen 0949bedf67
Land #9628, Add GitStack v2.3.10 Unauth REST API Aux Module 
Land #9628
 2018-04-23 11:21:11 -07:00
bwatters-r7 a44bcff2d8
Land #9756, Add lastore-daemon D-Bus Privilege Escalation exploit 
Merge branch 'land-9756' into upstream-master
 2018-04-23 11:21:10 -07:00
bwatters-r7 6cbd7ba895
Land #9862, Post-exploitation module for meterpreter (Windows) to send wireless probe requests 
Merge branch 'land-9862' into upstream-master
 2018-04-23 11:21:10 -07:00
bwatters-r7 d2a43d934d
Land # 9247, Add ASUS infosvr Auth Bypass Command Execution exploit 
Merge branch 'land-9247' into upstream-master
 2018-04-23 11:21:10 -07:00
Tim W b958526b6a
Land #9784, add osx high sierra APFS password disclosure post module 2018-04-18 15:31:20 -07:00
Adam Cammack 5b42a81d3a
Land #9823, Private IP leak via WebRTC 2018-04-12 09:27:21 -07:00