infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
44,108 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

44108 Commits (2be3433bdbc50ccbd854eb6ec7865a9a1b319e82)

Author SHA1 Message Date
WhiteWinterWolf 2be3433bdb Update references URLs 2017-11-17 13:27:35 +01:00
WhiteWinterWolf a636380e4b Merge the new method into drupal_drupageddon.rb 2017-11-17 13:00:15 +01:00
WhiteWinterWolf 704514a420
New exploit method for Drupageddon (CVE-2014-3704) 
This new script exploits the same vulnerability as
 *exploits/multi/http/drupal_drupageddon.rb*, but in a more efficient way.
 2017-11-16 20:47:44 +01:00
Metasploit 5cdd364590
Bump version of framework to 4.16.18 2017-11-15 19:46:12 -08:00
Adam Cammack c740f4369c
Land #9197, Cleanup Mako Server exploit 2017-11-15 15:01:31 -06:00
Adam Cammack 4219959c6d
Bump ranking to Excellent 2017-11-15 15:00:47 -06:00
Adam Cammack f357efd97c
Land #9208, add AArch64 ELF to Msf::Util::Exe 2017-11-15 14:22:27 -06:00
Tim 4ec0faf35d fix aarch64 cmdstager 2017-11-15 16:47:17 +08:00
Jeffrey Martin 80b381cde9
Merge released '4.x' into master 2017-11-13 14:11:23 -06:00
William Vu f3e2f4d500
Land #9167, D-Link DIR-850L exploit 2017-11-10 18:15:39 -06:00
William Vu 3936d3baa1 Clean up module 2017-11-10 18:15:22 -06:00
Steven Patterson df2b62dc27
Add Mako Server CMD injection Linux support, update docs, move to multi 2017-11-10 16:28:39 -05:00
Metasploit 4f660d7dd7
Bump version of framework to 4.16.17 2017-11-10 10:05:05 -08:00
William Vu 7b5ec9d0ec
Land #9193, makoserver_cmd_exec cleanup 2017-11-10 10:36:16 -06:00
Jeffrey Martin 7595c7c627
Land #9194, Add a check for .rb in cmd_edit 2017-11-09 21:56:50 -06:00
William Vu 97859ebf8c Clarify XXX comment no user will ever see anyway 2017-11-09 15:23:37 -06:00
William Vu 577baf6070 Add a check for .rb in cmd_edit 2017-11-09 15:17:53 -06:00
William Vu ea260e87b7 Remove headers, since we didn't send them before 
http was an invalid key for setting headers, and we still got a shell.
These headers also don't seem relevant to the PUT request.
 2017-11-09 11:06:50 -06:00
William Vu 7213e6cc49 Fix #9133, makoserver_cmd_exec cleanup 2017-11-09 10:52:03 -06:00
h00die 52888871e3
Land #8747 RCE for Geutebrueck GCore on Windows 2017-11-08 20:22:54 -05:00
h00die 7ad151e68b gcore formatting update 2017-11-08 20:21:40 -05:00
Adam Cammack 39916ef61a
Land #9133, Command injection in Mako Server examples 2017-11-08 15:11:01 -06:00
William Vu b7c604f941
Land #9189, s/patrick/aushack/g 2017-11-08 10:27:03 -06:00
bwatters-r7 5a07be9b96
Land #9041, Add LPE on Windows using CVE-2017-8464 2017-11-08 10:09:03 -06:00
Patrick Webster 2f6da89674 Change author name to nick. 2017-11-09 03:00:24 +11:00
bwatters-r7 19e3e181c1 Fix compiling instructions 2017-11-08 09:36:32 -06:00
bwatters-r7 4abe8ff0d9
recompile binaries 2017-11-08 09:33:48 -06:00
bwatters-r7 9b24ed8406 Removed binaries for recompile 2017-11-08 09:26:40 -06:00
Spencer McIntyre fa8d017579 Change documentation from a first person context 2017-11-08 09:29:46 -05:00
bwatters-r7 11093b8393 Added documentation 2017-11-08 08:07:06 -06:00
Brent Cook 1927e8b95c
Land #9187, avoid endless loop in packet recv in windows meterpreter 2017-11-07 20:59:40 -06:00
OJ 6f9671ff11
Updated Payloads version to 1.3.14 2017-11-08 12:36:50 +10:00
Spencer McIntyre c2578c1487 Refactor GetProcessSid to remove do while FALSE 2017-11-07 19:11:24 -05:00
Austin 0a4ce1e87b
cmdstager build 
Removes the need for HTTP Server, utilizes helper CmdStager, reduces module size.
 2017-11-07 19:00:59 -05:00
Brent Cook 1f5dcfb610
Land #9185, Don't fail if mssql server does not support encryption 2017-11-07 14:36:02 -06:00
William Vu fbbc8da8fb Fix raise(s) in MSSQL client aborting mssql_login 2017-11-07 14:30:47 -06:00
Maurice Popp 6683ba501f added one missing change 2017-11-07 20:05:43 +01:00
Maurice Popp 8963d77bca multiple changes as requested by h00die 2017-11-07 20:00:56 +01:00
Pearce Barry fc87ee08d9
Land #9060, IBM Lotus Notes DoS (CVE-2017-1130). 2017-11-07 11:20:12 -06:00
RootUp 85b8b4116a
Create ibm_lotus_notes2.md 2017-11-07 12:08:08 +05:30
William Vu 92c5b271c5
Land #9178, multi/handler enhancements rollback 2017-11-06 12:03:53 -06:00
RootUp 88db98c381
Update ibm_lotus_notes2.rb 2017-11-06 20:45:50 +05:30
Brent Cook cfeb0b7bda prefer threadsafe sleep here 2017-11-06 01:37:09 -06:00
Brent Cook 897b5b5dd1 revert passive handler stance 2017-11-06 01:37:09 -06:00
Brent Cook 6fb8928523
Land #9177, fix docker builds 2017-11-06 01:35:54 -06:00
Christian Mehlmauer 9206dee5bb
disable gem update for now as version 2.7.1 is broken 2017-11-06 07:49:10 +01:00
Pearce Barry 77c13286e0
Ensure closing script tag has necessary escape. 2017-11-05 13:41:29 -06:00
Spencer McIntyre 7d1de9bc48 Fix removing the dropped files after exploitation 2017-11-04 18:50:20 -04:00
Austin 1758ed93d4
Update dlink_850l_unauth_exec.rb 2017-11-04 11:42:49 -04:00
Austin 724c5fb963
finish 2017-11-04 11:41:07 -04:00