infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
39,417 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

422 Commits (23e5556a4c0c9318c101f6123a602bb253ccf24b)

Author SHA1 Message Date
William Webb 202969fae9
Land #7081, Add module documentation for linux/x86/meterpreter/reverse_tcp 2016-07-08 15:51:27 -05:00
wchen-r7 d0e1c67c18
Land #7026, Add Action Pack render exploit CVE-2016-2098 2016-07-07 16:16:37 -05:00
wchen-r7 201750a31b Add documentation for rails_actionpack_inline_exec 2016-07-07 16:15:51 -05:00
wchen-r7 deecb24967 Update doc 2016-07-07 11:43:03 -05:00
wchen-r7 54fa43030d Add module documentation for linux/x86/meterpreter/reverse_tcp 2016-07-07 11:39:28 -05:00
h00die 47cf6d5edf better docs, extract more data 2016-07-06 21:28:57 -04:00
wchen-r7 fee361dae0
Land #7075, Add ms16-016 local privilege escalation 2016-07-06 12:01:01 -05:00
Spencer McIntyre bd566da5ca
Minor grammar changes and versions note 2016-07-06 11:10:05 -04:00
wchen-r7 4ec69236d2 Add module documentation for python/meterpreter/reverse_tcp 2016-07-05 23:56:11 -05:00
William Webb d923a5d42d typos in mod docs 2016-07-05 22:52:35 -05:00
William Webb 899ea558e3 added module doc for ms16_016_webdav 2016-07-05 22:12:35 -05:00
Brent Cook 54dfcee665
Land #7055, add netgear_soap_password_extractor docs 2016-07-04 23:59:10 -05:00
h00die 844c13dc17 added new vuln device to netgear list, plus docs 2016-07-01 18:32:30 -04:00
Brendan 70a79bb0e8
Land #7014, Nagios remote root shell exploit 2016-07-01 08:17:38 -07:00
William Vu d42d9f8557 Add module docs to appease the Thao god 2016-07-01 01:17:27 -05:00
Tod Beardsley afbeb2b668
Land #7023, fixes for swagger exploit 
Thanks @sdavis-r7!

See #7015 as well.
 2016-06-30 10:54:34 -04:00
wchen-r7 70a7415185 Change description 2016-06-28 11:24:38 -05:00
Scott Lee Davis c2b4e22b46 updated with discovered changes from k kali & documentation update changes requested. 2016-06-27 01:53:20 -04:00
wchen-r7 1e7202cf9b Add module documentation for auxiliary/admin/netbios/netbios_spoof 2016-06-25 12:20:08 -05:00
h00die 1c20122648 fedora compatibility, added naming options 2016-06-25 08:43:55 -04:00
Scott Davis 5e1b7d8c0f even more clean up. 2016-06-23 14:59:11 -07:00
Scott Davis 63d8787101 added back (new) usage examples for nodejs,java,ruby,php. 2016-06-23 14:56:46 -07:00
Tod Beardsley ff741fbc35
Rename for docs 2016-06-23 14:53:49 -05:00
Tod Beardsley 92522138c5
Remove the RC files 2016-06-23 14:52:23 -05:00
Scott Lee Davis fbd0bc4308 updated as per @egypt & @todb-r7 recommendations. 2016-06-23 11:41:54 -04:00
Scott Davis 47e4321424 CVE-2016-5641 2016-06-23 06:09:37 -07:00
h00die a3b08418b9 fixed markdown 2016-06-22 20:32:51 -04:00
h00die f3b0fc320d fix up markdown 2016-06-22 20:27:52 -04:00
h00die 35e3fb3e2f fixed markdown 2016-06-22 20:15:29 -04:00
h00die bc293e2a8b fixed bad markup 2016-06-22 20:10:25 -04:00
h00die 18a3bf5f62 service persistence 2016-06-22 19:22:18 -04:00
wchen-r7 048741660c
Land #6980, Add ClamAV Remote Command Transmitter 2016-06-22 15:50:45 -05:00
wchen-r7 a1b1b31f98 Update clamav_control.md 2016-06-22 15:49:23 -05:00
wchen-r7 f5e6eccce2 Add clamav_control.md doc 2016-06-22 15:43:31 -05:00
wchen-r7 de5152401a
Land #6992, Add tiki calendar exec exploit 2016-06-22 11:18:14 -05:00
wchen-r7 8697d3d6fb Update tiki_calendar_exec module and documentation 2016-06-22 11:17:45 -05:00
h00die 9cb57d78d7 updated check and docs that 14.2 may not be vuln 2016-06-21 16:48:09 -04:00
h00die 4b8f572976 cron persistence 2016-06-20 21:45:04 -04:00
h00die c4a58fbc6c doc variable name change 2016-06-19 22:47:17 -04:00
h00die 6905a29b10 sshkey persistence 2016-06-19 22:40:03 -04:00
h00die 6fe7698b13 follow redirect automatically 2016-06-19 20:24:54 -04:00
h00die ddfd015310 functionalized calendar call, updated docs 2016-06-19 08:53:22 -04:00
h00die 1db10eec39 slight documentation update 2016-06-18 13:27:46 -04:00
h00die 3feff7533b tiki calendar 2016-06-18 13:11:11 -04:00
Brendan Watters 9ea0b8f944
Land #6934, Adds exploit for op5 configuration command execution 2016-06-16 14:36:10 -05:00
h00die cfb034fa95 fixes all previously identified issues 2016-06-15 20:58:04 -04:00
wchen-r7 1d27538545 Missing a word 2016-06-14 14:15:28 -05:00
wchen-r7 a7c778b852 Update magento_unserialize.md 2016-06-14 11:15:25 -05:00
h00die bd6eecf7b0 centreon useralias first add 2016-06-11 20:57:18 -04:00
wchen-r7 7143095b4b
Land #6947, add auxiliary/scanner/jenkins/jenkins_udp_broadcast_enum 2016-06-09 14:21:55 -05:00
wchen-r7 312342b0fd Add module documentation for jenkins_udp_broadcast_enum 2016-06-09 14:20:48 -05:00
wchen-r7 7cdadca79b
Land #6945, Add struts_dmi_rest_exec exploit 2016-06-08 23:16:46 -05:00
wchen-r7 dff60d96c8 Add mod doc for struts_dmi_rest_exec and update struts_dmi_exec.md 2016-06-08 23:15:44 -05:00
wchen-r7 036ba8057a Add module doc for symantec_brightmail_ldapcreds 2016-06-07 19:39:55 -05:00
Brendan Watters c4aa99fdac
Land #6925, ipfire proxy exec 2016-06-07 10:24:59 -05:00
Brendan Watters 7e84c808b2 Merge remote-tracking branch 'upstream/pr/6924' into dev 2016-06-07 09:24:25 -05:00
wchen-r7 b59d10d9c4
Land #6929, Add HP Data Protector Encrypted Comms exploit 2016-06-06 22:45:53 -05:00
wchen-r7 d8d6ab3ae8 Add hp_dataprotector_encrypted_comms.md 2016-06-06 22:45:17 -05:00
Brent Cook 09e721c4eb
See #6885, merge tiny whitespace fix 2016-06-03 08:00:24 -05:00
Brent Cook d5c2a8e3c8 whitespace 2016-06-03 07:59:48 -05:00
Brent Cook d371fd0798
Land #6885, add aux control module for PhoenixContact PLCs 2016-06-03 07:50:39 -05:00
Brent Cook ba9a693435 condense a little more 2016-06-03 07:50:13 -05:00
Brent Cook 064d6b3f51 wording and formatting updates 2016-06-03 07:42:54 -05:00
wchen-r7 1dad9bf7fa Correct module doc path for magento_unserialize.md 2016-06-02 17:12:39 -05:00
wchen-r7 184802d7d1 Add documentation for magento_unserialize 2016-06-02 17:10:26 -05:00
h00die 68d647edf1 Merge branch 'master' of https://github.com/rapid7/metasploit-framework into op5 2016-06-01 18:05:18 -04:00
h00die 52d5028548 op5 config exec 2016-06-01 15:07:31 -04:00
h00die 3163af603d md fix 2016-05-30 10:25:49 -04:00
h00die 057947d7e8 ipfire proxy exec 2016-05-30 10:24:17 -04:00
h00die 9b5e3010ef doc/module cleanup 2016-05-30 06:33:48 -04:00
h00die df55f9a57c first add of ipfire shellshock 2016-05-29 20:40:12 -04:00
Tijl Deneut 2c4b387eb2 Update phoenix_command.md 2016-05-28 15:35:00 +02:00
Tijl Deneut 2afcda9d49 Did some more rubocopy work and 
added module documentation
 2016-05-28 15:32:18 +02:00
Brent Cook 928a706135
Land #6890, Allwinner CPU kernel module local privilege escalation 2016-05-23 22:00:52 -05:00
Brent Cook 2f8562fba4 added documentation and minor style tweaks 2016-05-23 21:59:44 -05:00
Brent Cook cf0176e68b
Land #6867, Add Dell SonicWALL Scrutinizer 11.0.1 MethodDetail SQL Injection 2016-05-16 19:00:10 -05:00
Brent Cook 21d74a64fe
Land #6874, Improve exploit for CVE-2016-0854 2016-05-14 11:08:17 -05:00
Brent Cook 2e3e4f0069
Land #6296, Added a multi-platform post module to generate TCP & UDP egress traffic 2016-05-14 00:03:00 -05:00
Brent Cook 3542d907f7 simplify description, move the bulk of documentation to documentation/ 2016-05-14 00:01:51 -05:00
wchen-r7 9114e01ed9 update doc 2016-05-13 23:31:38 -05:00
Brent Cook d398419971
Land #6832, Check LHOST value before running shell_to_meterpreter, add docs 2016-05-13 22:50:22 -05:00
Brent Cook a940481f62
Land #6834, Authorized FTP JCL exploit for z/OS 2016-05-13 21:29:45 -05:00
wchen-r7 3b5db26ff5 Fix #6872, change upload action for CVE-2016-0854 exploit 
This patch includes the following changes:

* Instead of the uploadFile action, this patch uses uploadImageCommon
  to be able to support both Advantech WebAccess builds: 2014 and
  2015.
* It uses an explicit check instead of the passive version check.
* It cleans up the malicious file after getting a session.
* Added module documentation to explain the differences between
  different builds of Advantech WebAccess 8.0s, and 8.1.

Fix #6872
 2016-05-13 19:47:18 -05:00
Bigendian Smalls 2d5cf6cfe4 Authorized FTP JCL exploit for z/OS 
This exploit module allows a user with credentials to execute JCL on a
vulnerable mainframe system running z/OS and an appropriately configured
FTP server.
 2016-05-12 14:46:31 -05:00
wchen-r7 756673fcd7 Fix another typo 2016-05-12 00:13:53 -05:00
wchen-r7 9d128cfd9f Add Dell SonicWALL Scrutinizer 11.0.1 MethodDetail SQL Injection 2016-05-11 22:27:18 -05:00
thao doan 08416c600f Grammatical and style fixes for priv_migrate 2016-05-04 11:14:29 -07:00
thao doan d617ca59f3 Land #6844, Add documentation for struts_dmi_exec 2016-05-02 14:31:34 -07:00
wchen-r7 027855def4 Add module documentation for struts_dmi_exec 2016-05-02 15:43:34 -05:00
Josh Hale 3aca699d09 Add priv_migrate.md 2016-04-30 19:02:45 -05:00
wchen-r7 2f66442f1d Fix #5191, bad LHOST format causes shell_to_meterpreter to backtrace 
When using shell_to_meterpreter via a pivot, the LHOST input's format
might be invalid. This is kind of a design limitation, so first we
check the input, and there is a module doc to go with it to explain
a workaround.

Fix #5191
 2016-04-28 23:03:54 -05:00
Josh Hale ffdd3b1c92 Finish up autoroute.md 2016-04-17 18:23:30 -05:00
Josh Hale fb7194c125 Work on autoroute.md 2016-04-17 00:04:42 -05:00
wchen-r7 880697d00a Add documentation for make_csv_orgchart 2016-04-07 17:17:57 -05:00
wchen-r7 c072028f0e Add documentation for post/windows/gather/ad_to_sqlite 2016-04-07 16:43:55 -05:00
wchen-r7 76c6f8c19d Move module_doc_template 2016-03-24 17:07:19 -05:00
tdoan-r7 925cc3b56f Adding docs for Lester https://issues.corp.rapid7.com/browse/MS-1193 2016-03-24 16:51:02 -05:00
tdoan-r7 0852973b18 Minor edits for the following: 
https://issues.corp.rapid7.com/browse/MS-1197
https://issues.corp.rapid7.com/browse/MS-1198
https://issues.corp.rapid7.com/browse/MS-1199
https://issues.corp.rapid7.com/browse/MS-1200
https://issues.corp.rapid7.com/browse/MS-1201
 2016-03-24 12:13:03 -05:00
tdoan-r7 7e5fced46b MS-1196 Minor edits to the kb for the web_delivery module 2016-03-22 12:26:55 -05:00
tdoan-r7 4c42a74d48 MS-1195 minor grammatical edits to psexec kb 2016-03-21 14:18:16 -05:00