infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
43,943 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

1145 Commits (402e926151367fbc71512c29f89d88aef5583812)

Author SHA1 Message Date
h00die fd028338e1 move psh to polycom so no more powershell name collision 2017-10-20 20:08:11 -04:00
William Vu 9b75ef7c36
Land #8343, qmail Shellshock module 2017-09-29 00:28:30 -05:00
William Vu daedf0d904 Clean up module 2017-09-29 00:27:22 -05:00
h00die 6289cc0b70 Merge branch 'spellin' of https://github.com/h00die/metasploit-framework into spellin 2017-09-08 22:20:39 -04:00
h00die 0910c482a9 35 pages of spelling done 2017-09-08 22:19:55 -04:00
Pearce Barry 2ebf53b647
Minor tweaks... 2017-09-08 10:04:47 -05:00
h00die 00c593e0a2 55 pages of spelling done 2017-09-07 21:18:50 -04:00
Brent Cook b8f56d14e0
Land #8698, Add HEADERS to php_eval module 2017-08-14 09:54:22 -04:00
Brent Cook 6300758c46 use https for metaploit.com links 2017-07-24 06:26:21 -07:00
Brent Cook 838b066abe Merge branch 'master' into land-8716 2017-07-24 05:51:44 -07:00
Pearce Barry 6bb745744b
Land #8471, Add VICIdial user_authorization Unauthenticated Command Execution module 2017-07-21 15:57:08 -05:00
g0tmi1k 3f6925196b OCD - store_loot & print_good 2017-07-19 13:02:49 +01:00
g0tmi1k ef826b3f2c OCD - print_good & print_error 2017-07-19 12:48:52 +01:00
g0tmi1k b8d80d87f1 Remove last newline after class - Make @wvu-r7 happy 2017-07-19 11:19:49 +01:00
g0tmi1k 3d4feffc62 OCD - Spaces & headings 2017-07-19 11:04:15 +01:00
g0tmi1k 4720d1a31e OCD fixes - Spaces 2017-07-14 08:46:59 +01:00
g0tmi1k fd843f364b Removed extra lines 2017-07-14 08:17:16 +01:00
Matt Robinson 55cbd9b6a9
Add headers to php_eval 2017-07-10 21:25:27 -04:00
Brent Cook f4820d24fb add a few more AKA references 2017-07-06 22:43:46 -05:00
Brent Cook d20036e0fb revise spelling, add heartbleed and tidy checks 2017-06-28 18:50:20 -04:00
Brent Cook 461ab4501d add 'Also known as', AKA 'AKA', to module references 2017-06-28 15:53:00 -04:00
Jin Qian b51fc0a34e
Land #8489, more httpClient modules use store_valid_credential 2017-06-21 17:18:34 -05:00
Jeffrey Martin 1558db375d
update CVE reference in where modules report_vuln 2017-06-05 16:36:44 -05:00
Jeffrey Martin 0e145573fc
more httpClient modules use store_valid_credential 2017-05-30 14:56:05 -05:00
Brendan Coles 018e544295 Add VICIdial user_authorization Unauthenticated Command Execution module 2017-05-27 05:09:38 +00:00
nks 1a8961b5e3 fied typo 2017-05-25 19:14:59 +02:00
Jeffrey Martin b7b1995238
Land #8274, Wordpress admin upload `check` 2017-05-22 22:08:32 -05:00
Jeffrey Martin d69bfd509f
store the credential using the new store_valid_credential 2017-05-22 15:08:03 -05:00
James Lee 4def7ce6cc
Land #8327, Simplify storing credentials 2017-05-18 16:49:01 -05:00
William Vu 1f4ff30adb
Improve 200 fail_with in wp_phpmailer_host_header 
One. last. commit. Noticed this in the response body.
 2017-05-16 22:38:36 -05:00
William Vu 29b7aa5b9b Update fail_with for 200 (bad user?) 2017-05-16 15:03:42 -05:00
William Vu 7c1dea2f02 Refactor prestager to work with newer Exim 
Apparently it doesn't like reduce with extract.
 2017-05-16 14:22:43 -05:00
William Vu 7c2fb9acc1 Fix nil bug in Server header check 2017-05-16 10:43:04 -05:00
William Vu 5fd6cb0890 Remove nil case, since response might be nil 
It doesn't always return something. Forgot that.
 2017-05-15 21:23:49 -05:00
William Vu b41427412b Improve fail_with granularity for 400 error 
Also corrects BadConfig to NoTarget in another one of my modules. Oops.
 2017-05-15 21:15:43 -05:00
William Vu 1a644cadc4 Add print_good to on_request_uri override 
Maybe the ability to send prestagers will be a part of CmdStager in the
future, or maybe CmdStager will actually be able to encode for badchars.
 2017-05-15 19:17:58 -05:00
William Vu c4c55be444 Clarify why we're getting 400 and add fail_with 2017-05-15 18:53:36 -05:00
William Vu 489d9a6032 Drop module to AverageRanking and note 400 error 2017-05-15 17:35:40 -05:00
William Vu 2055bf8f65 Add note about PHPMailer being bundled 2017-05-15 14:29:11 -05:00
William Vu 35670713ff Remove budding anti-patterns to avoid copypasta 
While it offers a better OOBE, don't set a default LHOST. Force the user
to think about what they're setting it to. Also, RequiredCmd is largely
unnecessary and difficult to determine ahead of time unless the target
is a virtual appliance or something else "shipped."
 2017-05-15 12:56:14 -05:00
William Vu c622e3fc22 Deregister URIPATH because it's overridden by Path 2017-05-12 11:56:38 -05:00
William Vu 84af5d071d Deregister VHOST because it's overridden by Host 2017-05-12 11:44:10 -05:00
William Vu 2ae943d981 Use payload common case instead of general case 
Both x86 and x64 work on x64, but we really expect x64, and there's no
migration to move us from x86 to x64.
 2017-05-11 15:43:49 -05:00
William Vu 09f6c21f94 Add note about Host header limitations 2017-05-10 15:17:20 -05:00
William Vu b446cbcfce Add reference to Exim string expansions 2017-05-10 15:17:20 -05:00
William Vu 8842764d95 Add some comments about badchars 2017-05-10 15:17:20 -05:00
William Vu ecb79f2f85 Use reduce instead of extracting twice 2017-05-10 15:17:20 -05:00
William Vu b5f25ab7ca Use extract instead of doubling /bin/echo 2017-05-10 15:17:20 -05:00
William Vu 9a64ecc9b0 Create a pure-Exim, one-shot HTTP client 2017-05-10 15:17:20 -05:00
William Vu 0ce475dea3 Add WordPress 4.6 PHPMailer exploit 2017-05-10 15:17:20 -05:00