infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
49,582 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

25282 Commits (392ad18dba7f099c8129efa82464883f9a0fc3a5)

Author SHA1 Message Date
epi 392ad18dba Implement reverse_ipv6 shellcode via metasm in lib. 
Per the linked request
    https://github.com/rapid7/metasploit-framework/pull/11039#issuecomment-443915955
Rewrote previous version of payload module to make use of metasm for
more reusable shellcode.
 2018-12-06 20:10:07 -06:00
epi f728b46a80 WIP on add-linux-x64-ipv6-bind-shell: 87fa3af6b9 Implement shellcode via metasm in lib. 2018-12-06 16:23:20 -06:00
epi 87fa3af6b9 Implement shellcode via metasm in lib. 
Per the linked request
    https://github.com/rapid7/metasploit-framework/pull/11039#issuecomment-443915955
Rewrote previous payload module to make use of metasm for more reusable
shellcode.
 2018-12-05 06:14:31 -06:00
epi 8cece2cf54 Add Linux x86_64 IPv6 Inline Bind Shell 
Implements inline x86_64 Linux bourne bind shell over IPv6.
 2018-12-01 07:39:38 -06:00
epi 5058afb615 Fixed lport and scopeid offsets. 
Offsets for scopeid and lport were incorrect in the previous commit.
Updated offsets to the correct values.  Confirmed by viewing the connect
syscall values with strace.
 2018-11-29 05:42:54 -06:00
epi 947f5ffbf3 Add Linux x86_64 IPv6 Inline Reverse Shell 
Implements inline x86_64 Linux reverse bourne shell over IPv6.
 2018-11-28 21:58:12 -06:00
Wei Chen d6db5ebdfe
Land #10716, Create PureVPN Credential Collector Post Explotation Module 2018-11-27 17:42:23 -06:00
Brendan Coles 180876d8fc Add check for SMAP 2018-11-27 23:24:02 +00:00
Brent Cook b05bb616bf
Land #10987, add exploit for PHP imap_open function against various web apps 2018-11-27 16:44:51 -06:00
Wei Chen 830a80e598 Check -1 user/pass condition and improved exception handling 2018-11-27 16:23:09 -06:00
Brent Cook 66cae6240f
Land #10994, Added exploit for CVE-2018-18955 2018-11-27 16:12:05 -06:00
Shelby Pace 6712363bb5
Land #10737, add TeamCity XML-RPC exploit module 2018-11-27 14:59:37 -06:00
Shelby Pace 56f14733a9
changed cmd_stager flavor to printf 2018-11-27 14:23:56 -06:00
Wei Chen d523124faf
Land #10965, Add the macOS LPE from pwn2own2018 (CVE-2018-4237) 2018-11-27 14:00:35 -06:00
Brendan Coles 398987e94a ::File.binread 2018-11-27 18:58:05 +00:00
Brendan Coles 45ca248568 chmod 2018-11-27 18:39:03 +00:00
Brendan Coles aae86241ef Update version check 2018-11-27 18:13:29 +00:00
William Vu befca0f2fe
Land #10949, ForceExploit for Linux local exploits 2018-11-27 11:23:03 -06:00
Wei Chen 1f2827c3d0
Land #10975, More Capture Docs 2018-11-26 13:51:57 -06:00
Brent Cook 0fddb8e31c
Land #10768, Exploit for Netgear CVE-2016-1555 2018-11-26 11:45:10 -06:00
Brent Cook 0b6c73a7d4
Land #11019, Replace WsfDelay with WfsDelay 2018-11-26 10:59:04 -06:00
Brent Cook 7b4b573942
Land #9915, Cleanup and improvements to influxdb_enum 2018-11-26 10:25:07 -06:00
h00die e2d58afe13 cleaned up code, added custom 2018-11-25 10:59:53 -05:00
Brendan Coles 5c06cdca73 Replace WsfDelay with WfsDelay - Fixes #11018 2018-11-25 05:09:16 +00:00
Brendan Coles be6cfde921
Land #11015, Fix payload and console check for Xorg_privesc Linux targets 2018-11-25 04:51:27 +00:00
Aaron Ringo 93db7b399f Using Wfsdelay instead of sleep loop, users get shells ASAP 2018-11-24 22:26:04 -06:00
Brendan Coles debf79416b Replace WsfDelay with WfsDelay - Fixes #11018 2018-11-25 04:22:11 +00:00
Brendan Coles 01ed57cbb3 Remove check for nosuid 2018-11-25 01:53:07 +00:00
Brendan Coles ff23a006b7 cleanup 2018-11-25 00:16:39 +00:00
Aaron Ringo 1783617770 consolelock check updated to use id, payload upload changed, documentation updated, misc formatting 2018-11-24 15:10:21 -06:00
h00die 945755b058 add custom php_imap target 2018-11-24 14:18:13 -05:00
h00die 45f2c5beb2 update php_imap_open docs 2018-11-24 07:26:42 -05:00
h00die e36cef3b96 e107 exploitable now 2018-11-23 20:16:53 -05:00
L f4cbdc8e3e No Threads in datastore 2018-11-23 17:15:33 +08:00
William Vu 8a402da056 Explain "junk" in buffer for morris_fingerd_bof 
And unrelated whitespace changes because I suck.
 2018-11-22 23:15:12 -06:00
Brent Cook a59913434d
Land #10916, Xorg SUID privesc 2018-11-21 19:46:11 -06:00
Brent Cook 5d9195fe72
Land #10981, start printjob docs and bug fixes 2018-11-21 16:35:02 -06:00
Brent Cook 5fed559264
Land #10997, Remove harmful default command to execute 2018-11-21 16:19:40 -06:00
asoto-r7 96ede80dc4
Land #10876, ibm_mq_enum: IBM WebSphere MQ Name and Version Enumeration 2018-11-21 16:10:59 -06:00
asoto-r7 a3131f15de
ibm_mq_enum: Code cleanup, server channel and general exception handling improvements 2018-11-21 16:09:18 -06:00
Adam Cammack 188d94027c
Land #10996, Check `check` code for ms15-034 2018-11-21 14:45:56 -06:00
David Yates e706e2b58d
Remove harmful default command to execute 2018-11-21 11:09:13 +02:00
L ae3538952a Fix ms15-034 module 2018-11-21 12:31:56 +08:00
h00die acf421ffb0 remove eol spaces 2018-11-20 19:45:17 -05:00
h00die 31ad58fb91 edb and author 2018-11-20 19:30:43 -05:00
h00die 4111a61e1a fix module description 2018-11-20 18:35:20 -05:00
h00die 4c59a271e2 added suitecrm to imap_open exploit 2018-11-20 18:33:42 -05:00
asoto-r7 7084538b8c
ibm_mq_channel_brute: Exception handling when channel.length > 20 chars 2018-11-20 16:24:17 -06:00
asoto-r7 d2a5b966f3
Land #10875, IBM WebSphere MQ Channel Name Bruteforce auxiliary module 2018-11-20 16:23:23 -06:00
Shelby Pace 288d78d372
Land #10352, Add check/response for CVE-2017-12149 2018-11-20 13:11:05 -06:00