William Vu
|
1a402ed1d8
|
Add arch to smb_ms17_010 DOUBLEPULSAR detection
|
2017-04-26 20:59:13 -05:00 |
Brent Cook
|
480a0b4273
|
update payload sizes
|
2017-04-26 18:02:14 -05:00 |
Brent Cook
|
a60e5789ed
|
update mettle->meterpreter references in modules
|
2017-04-26 17:55:10 -05:00 |
Brent Cook
|
078ba66e5f
|
remove unneeded msf/core requires
|
2017-04-26 17:17:20 -05:00 |
Brent Cook
|
353191992f
|
move mettle payloads to meterpreter, add reverse_http/s stageless
|
2017-04-26 17:06:34 -05:00 |
Brent Cook
|
f8792956ee
|
fix one module for testing
|
2017-04-26 16:21:13 -05:00 |
William Vu
|
bbee7f86b5
|
Land #8263, Mercurial SSH exec module
|
2017-04-26 01:38:01 -05:00 |
William Vu
|
f60807113b
|
Clean up module
|
2017-04-26 01:37:49 -05:00 |
William Vu
|
5476f6066c
|
Land #8271, DOUBLEPULSAR detection for MS17-010
|
2017-04-25 16:31:39 -05:00 |
wchen-r7
|
320898697a
|
Land #8266, Add Buffer Overflow Exploit on Disk Sorter Enterprise
|
2017-04-24 17:17:30 -05:00 |
wchen-r7
|
1d86905fca
|
Land #8288, Minor changes to WiPG-1000 module
|
2017-04-24 17:09:25 -05:00 |
wchen-r7
|
e333cb65e5
|
Restore require 'msf/core'
|
2017-04-24 17:09:02 -05:00 |
wchen-r7
|
c573628e10
|
Fix header
|
2017-04-24 17:01:35 -05:00 |
wchen-r7
|
e775f9ccbd
|
Land #8259, Add post module to upload and execute a file
|
2017-04-24 17:00:55 -05:00 |
Matthias Brun
|
d3aba846b9
|
Make minor changes
|
2017-04-24 23:35:36 +02:00 |
wchen-r7
|
5bbb4d755a
|
Land #8254, Add CVE-2017-0199 - Office Word HTA Module
|
2017-04-24 16:05:00 -05:00 |
wchen-r7
|
6029a9ee2b
|
Use a built-in HTA server and update doc
|
2017-04-24 16:04:27 -05:00 |
zerosum0x0
|
55f01d3fc7
|
made the plugin less spammy with more vprintf
|
2017-04-24 13:33:05 -06:00 |
zerosum0x0
|
453ca6e3bf
|
added OS printing on vulnerable systems
|
2017-04-24 13:20:44 -06:00 |
Daniel Teixeira
|
47898717c9
|
Minor documentation improvements
Space after ,
|
2017-04-24 14:47:25 +01:00 |
zerosum0x0
|
a69aba0eab
|
added XOR Key calculation
|
2017-04-22 23:54:30 -06:00 |
h00die
|
8e4c093a22
|
added version numbers
|
2017-04-22 09:45:55 -04:00 |
zerosum0x0
|
8a77bf7b60
|
removed wrong comments
|
2017-04-21 08:27:13 -06:00 |
Matthias Brun
|
714ada2b66
|
Inline execute_cmd function
|
2017-04-21 15:32:15 +02:00 |
zerosum0x0
|
9fab64c60e
|
added references
|
2017-04-20 15:22:37 -06:00 |
zerosum0x0
|
dd12afd717
|
added DoublePulsar detection
|
2017-04-20 15:03:29 -06:00 |
Matthias Brun
|
8218f024e0
|
Add WiPG-1000 Command Injection module
|
2017-04-20 16:32:23 +02:00 |
DanielRTeixeira
|
f1c51447c1
|
Add files via upload
Buffer Overflow on Disk Sorter Enterprise
|
2017-04-19 10:57:41 +01:00 |
Jonathan Claudius
|
f5430e5c47
|
Revert Msf::Exploit::Remote::Tcp
|
2017-04-18 19:27:35 -04:00 |
Jonathan Claudius
|
9a870a623d
|
Make use of Msf::Exploit::Remote::Tcp
|
2017-04-18 19:17:48 -04:00 |
Jonathan Claudius
|
03e3065706
|
Fix MSF tidy issues
|
2017-04-18 18:56:42 -04:00 |
Jonathan Claudius
|
32f0b57091
|
Fix new line issues
|
2017-04-18 18:52:53 -04:00 |
William Vu
|
3b38d0d900
|
Land #8262, PR ref for huawei_hg532n_cmdinject
|
2017-04-18 16:29:13 -05:00 |
Jonathan Claudius
|
bfca4da9b0
|
Add mercurial ssh exec
|
2017-04-18 16:33:23 -04:00 |
Tod Beardsley
|
1fcc1f7417
|
Trailing comma. Why isn't this Lua?
|
2017-04-18 14:27:44 -05:00 |
wchen-r7
|
0428e12b10
|
Land #8216, Add CVE-2016-7552/CVE-2016-7547 exploit
|
2017-04-18 14:26:55 -05:00 |
Tod Beardsley
|
4ec71f9272
|
Add a reference to the original PR
This was the source of first public disclosure, so may as well include
it.
|
2017-04-18 14:20:25 -05:00 |
James Lee
|
84dd5cd01a
|
Add a simple upload exec module
|
2017-04-17 19:34:21 -05:00 |
Nate Caroe
|
92e7183a74
|
Small typo fix
Running msfconsole would generate an Ubuntu crash report (?). This seems to be the culprit.
|
2017-04-17 11:14:51 -06:00 |
William Vu
|
942959f7e8
|
Land #8255, fixes for smb_ms17_010
|
2017-04-17 11:38:34 -05:00 |
Brent Cook
|
7b936b0012
|
Land #8184, convert IPMI protocol and modules to bindata
|
2017-04-17 07:40:15 -05:00 |
Brent Cook
|
6f70efcfa1
|
add module documentation
|
2017-04-17 07:39:43 -05:00 |
William Vu
|
b1c7f1302b
|
Fix report_vuln and prefer vprint_error
|
2017-04-17 02:48:56 -05:00 |
Ahmed S. Darwish
|
e21504b22d
|
huawei_hg532n_cmdinject: Use send_request_cgi() 'vars_get' key
Instead of rolling our own GET parameters implementation.
Thanks @wvu-r7!
|
2017-04-17 09:11:50 +02:00 |
nixawk
|
3d082814cb
|
Fix default options
|
2017-04-17 01:09:48 -05:00 |
Ahmed S. Darwish
|
7daec53106
|
huawei_hg532n_cmdinject: Improve overall documentation
- Add section on compiling custom binaries for the device
- Add documentation for Huawei's wget flavor (thanks @h00die)
- Abridge the module's info hash contents (thanks @wwebb-r7)
- Abridge the module's comments; reference documentation (@h00die)
|
2017-04-17 08:00:51 +02:00 |
Ahmed S. Darwish
|
8a302463ab
|
huawei_hg532n_cmdinject: Use minimum permissions for staged binary
Use u+rwx permissions only, instead of full 777, while staging the
wget binary to target. As suggested by @wvu-r7 and @busterb.
|
2017-04-17 03:27:57 +02:00 |
Ahmed S. Darwish
|
7ca7528cba
|
huawei_hg532n_cmdinject: Spelling fixes suggested by @wvu-r7
|
2017-04-17 03:23:20 +02:00 |
Ahmed S. Darwish
|
7b8e5e5016
|
Add Huawei HG532n command injection exploit
|
2017-04-15 21:01:47 +02:00 |
Brent Cook
|
7950087804
|
Merge branch 'upstream-master' into land-8237-
|
2017-04-14 21:53:26 -05:00 |