infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
43,943 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

22879 Commits (402e926151367fbc71512c29f89d88aef5583812)

Author SHA1 Message Date
Jeffrey Martin b76c1f3647
remove invalid 'client' object reference in nodejs 
fix #9063 by removing invalid object reference introduced in PR #8825
 2017-10-11 11:09:28 -05:00
root 03e7797d6c fixed msftidy errors and added documentation 2017-10-11 07:57:01 -04:00
h00die e976a91b15
land #9053 RCE for rend micro imsva 2017-10-10 19:27:06 -04:00
Wei Chen a4bc3ea3c2 Merge branch 'pr9032' into upstream-master 
Land #9032, Improve CVE-2017-8464 LNK exploit

Land #9032
 2017-10-10 17:11:51 -05:00
William Vu ab63caef7b
Land #9009, Apache Optionsbleed module 2017-10-10 12:13:40 -05:00
Jeffrey Martin 57afc3b939
Land #9044, Address generation issues with pure PSH payloads 2017-10-10 10:40:33 -05:00
Mehmet Ince fb16f1fbda
Disabling bind type payloads 2017-10-10 09:37:24 +03:00
peewpw facc38cde1 set timeout for DELETE request 2017-10-09 21:53:31 -04:00
h00die 850aeda097
land #9052 RCE of Trend Micro OfficeScan 2017-10-09 20:46:30 -04:00
Pearce Barry a3d47ea838
Land #8989, IBM Lotus Notes DoS (CVE-2017-1129) 2017-10-09 19:37:59 -05:00
Pearce Barry fd8b72ca66
Minor tweaks. 2017-10-09 17:02:24 -05:00
Hanno Heinrichs 15adb82b96 Make smb_login scanner proxy-aware again 2017-10-09 23:01:25 +02:00
Mehmet Ince a2d32b460c
Fixing grammer issue 2017-10-09 22:31:13 +03:00
Mehmet Ince c14c93d450
Integrate OfficeScan 11 exploitation and fix grammer issues 2017-10-09 22:11:42 +03:00
jakxx ef282ea154 Sync Breeze HTTP Server v10.0.28 BOF 
Added support for v10.0.28 to Sync Breeze BOF module
 2017-10-09 13:50:24 -04:00
bwatters-r7 fc5ab96ad6 Merging to prep for testing 
Merge branch 'master' of github.com:rapid7/metasploit-framework into upstream-master
 2017-10-09 10:31:30 -05:00
bwatters-r7 7df18e378d Fix conflicts in PR 8509 by mergeing to master 2017-10-09 10:30:21 -05:00
peewpw be8680ba3d Create tomcat_jsp_upload_bypass.rb 
Created a module for CVE-2017-12617 which uploads a jsp payload and executes it.
 2017-10-08 21:48:47 -04:00
Mehmet Ince 395c82050b
Adding Trend Micro IMSVA Widget RCE 2017-10-08 18:15:32 +03:00
Mehmet Ince 79c9123261
Adding Trend Micro OfficeScan widget rce module 2017-10-08 17:54:18 +03:00
h00die 7a87e11767
land #8781 Utilize Rancher Server to exploit hosts 2017-10-07 13:04:34 -04:00
Martin Pizala 34d119be04
Payload space, error handling and style" 2017-10-07 01:12:24 +02:00
William Webb d9e0d891a1
Land #9010, Remove checks for hardcoded SYSTEM account name 2017-10-06 13:42:18 -05:00
h00die 7535fe255f
land #8736 RCE for orientdb 2017-10-06 14:35:42 -04:00
bwatters-r7 f996597bcf update cached payload sizes 2017-10-06 13:19:00 -05:00
caleBot 752d21e11c forgot a comma 2017-10-06 10:47:42 -06:00
caleBot 63e3892392 fixed issues identified by msftidy 2017-10-06 10:16:01 -06:00
caleBot 78e262eabd fixed issues identified by msftidy 2017-10-06 10:15:30 -06:00
caleBot 36610b185b initial commit for UEB9 exploits - CVE-2017-12477, CVE-2017-12478 2017-10-06 09:38:33 -06:00
Brent Cook c701a53def
Land #9018, Add Bind Shell JCL Payload for z/OS 2017-10-05 17:24:50 -05:00
Brent Cook 7292ee24a2
Land #9027, Cleanup revshell for zos 2017-10-05 17:20:01 -05:00
Brent Cook 4a745bd2cc
Land #8991, post/windows/manage/persistence_exe: fix service creation 2017-10-05 17:04:58 -05:00
Brent Cook 9d2e8b1e4d
Land #8003, Evasions for delivering nops/shellcode into memory 2017-10-05 16:44:36 -05:00
Brent Cook b7e209a5f3
Land #9033, Geolocate API update 2017-10-05 16:39:09 -05:00
Spencer McIntyre 482ce005fd Update the advanced option names and a typo 2017-10-05 10:11:00 -04:00
Pearce Barry 7400082fdb
Land #9040, Add CVE and Vendor article URL to the denyall_waf_exec module 2017-10-04 09:12:48 -05:00
Mehmet Ince 110f3c9b4a
Add cve and vendor article to the denyall_waf_exec module 2017-10-04 12:11:58 +03:00
William Vu 10dafdcb12
Fix #9036, broken refs in bypassuac_comhijack 
Each ref needs to be an individual array.
 2017-10-03 13:36:29 -05:00
ashish gahlot 9ff6efd3a3 Remove broken link 2017-10-02 20:43:55 +05:30
h00die fc66683502 fixes #8928 2017-10-01 19:49:32 -04:00
Martin Pizala e3326e1649
Use send_request_cgi instead of raw 2017-10-01 02:15:43 +02:00
Martin Pizala 701d628a1b
Features for selecting the target 2017-10-01 02:04:10 +02:00
Spencer McIntyre f2f48cbc8f Update the CVE-2017-8464 module 2017-09-30 18:25:16 -04:00
h00die a676f600d6 fixes to more modules 2017-09-30 15:45:52 -04:00
h00die 8a49a639a0 check file exists before reading 2017-09-29 22:34:38 -04:00
h00die 7fc9be846a bcoles suggestions 2017-09-29 20:29:30 -04:00
bigendiansmalls 8af2e5a7ee
Cleanup revshell for zos 
remove unused code, extra comments
align code, etc. no functionality changes
 2017-09-29 18:27:29 -05:00
bigendiansmalls 9ae8bdda1c
Added Bind Shell JCL Payload for mainframe 
The bind shell is the companion payload to the reverse_shell_jcl
payload for the mainframe platform.
 2017-09-29 16:52:36 -05:00
William Vu 9b75ef7c36
Land #8343, qmail Shellshock module 2017-09-29 00:28:30 -05:00
William Vu daedf0d904 Clean up module 2017-09-29 00:27:22 -05:00
h00die 6cc5324e5b oe is all umlaut 2017-09-28 19:52:02 -04:00
Martin Pizala 3a1a437ac7
Rubocop Stlye 2017-09-28 23:53:45 +02:00
Martin Pizala 40c58e3017 Function for selecting the target host 2017-09-28 23:43:59 +02:00
Martin Pizala cc98e80002
Change arch to ARCH_X64 2017-09-28 20:50:18 +02:00
h00die 2295146dcd working optionsbleed module 2017-09-27 22:07:57 -04:00
h00die 997b831b52 implement regexes 2017-09-27 19:33:50 -04:00
Christian Mehlmauer 41e3895424
remove checks for hardcoded name 2017-09-27 07:41:06 +02:00
h00die 0649d0d356 wip optionsbleed 2017-09-26 22:09:07 -04:00
bwatters-r7 579342c4f6
Land #8955, Fix error messages on telnet_encrypt_overflow.rb 2017-09-26 16:08:58 -05:00
bwatters-r7 66d6ac418a
Land #8978, Add smb1 scanner 2017-09-26 16:06:41 -05:00
Brent Cook cad36ee14e
Land #8952, suhosin compatibility added to staged payload 2017-09-26 15:22:36 -05:00
William Vu b10d6b8b63
Land #9001, SSLVersion consolidation for modules 2017-09-25 15:53:18 -05:00
William Vu 98ae054b06
Land #8931, Node.js debugger exploit 2017-09-25 14:00:13 -05:00
Brent Cook 7924667e51 appease alignists 2017-09-25 09:10:10 -05:00
Brent Cook 62ee4ed708 update modules to use inherited SSLVersion option 2017-09-25 09:03:22 -05:00
h00die 273d49bffd
Land #8891 login scanner for Inedo BuildMaster 2017-09-24 13:30:17 -04:00
h00die 4d1e51a0ff
Land #8906 RCE for supervisor 2017-09-24 08:03:30 -04:00
Jannis Pohl 48188e999e post/windows/manage/persistence_exe: fix service creation 
Fixes service creation when in post/windows/manage/persistence_exe
 2017-09-23 23:48:50 +02:00
h00die 9528f279a5 cleaned up version, and docs 2017-09-23 10:51:52 -04:00
RootUp e4f79879ba Update and rename modules/auxiliary/dos/ibm_lotus_notes.rb to modules/auxiliary/dos/http/ibm_lotus_notes.rb 2017-09-23 18:27:50 +05:30
Pearce Barry e8eeb784e4
Land #8960, spelling/grammar fixes part 3 2017-09-22 18:51:31 -05:00
Pearce Barry 8de6fa79c1
Tweakz, yo. 2017-09-22 18:49:09 -05:00
Pearce Barry d56fffcadf
Land #8974, spelling/grammar fixes part 4. Finished. 2017-09-22 14:59:28 -05:00
Pearce Barry f1be6b720b
Tweaky bits. 2017-09-22 13:38:06 -05:00
RootUp 669b6771e3 Update ibm_lotus_notes.rb 2017-09-22 17:16:42 +05:30
RootUp a71edb33be Create ibm_lotus_notes.rb 2017-09-22 17:08:05 +05:30
h00die ddbff6ba3c
Land #8980 unauth RCE for denyAll WAF 2017-09-21 21:41:33 -04:00
Mehmet Ince 3d543b75f5
Fixing typos and replacing double quotes with single 2017-09-21 23:48:12 +03:00
Mehmet Ince 1031d7960a
Moving token extraction to the seperated function 2017-09-20 10:23:32 +03:00
bwatters-r7 5a62e779aa
Land #8954, fix internal usage of bindata objects when generating NTP messages 2017-09-19 09:01:49 -05:00
Mehmet Ince ee969ae8e5
Adding DenyAll RCE module 2017-09-19 14:53:37 +03:00
loftwing c953842c96 Added docs and additional dialects 2017-09-18 15:02:38 -05:00
loftwing 7d07f7054d Merge remote-tracking branch 'origin/master' into add_smb1_scanner 2017-09-18 13:16:06 -05:00
loftwing d07fe2f1e7 Added reporting back, removed wfw dialect 2017-09-18 13:15:19 -05:00
h00die 08dea910e1 pbarry-r7 comments 2017-09-17 19:38:43 -04:00
h00die c90f885938 Finished spelling issues 2017-09-17 16:00:04 -04:00
William Webb d5362333e2
Land #8958, Add Disk Pulse Enterprise web server buffer overflow 2017-09-15 13:34:22 -05:00
loftwing 6f5eb5a18f update 2017-09-15 12:07:28 -05:00
Pearce Barry e651bc1205
Land #8951, Hwbridge auto padding fix and flowcontrol 2017-09-15 08:33:17 -05:00
james 4e81a68108 Simplify saving valid credentials by calling store_valid_credential 2017-09-15 00:18:33 -05:00
loftwing e88b766276 Merge branch 'master' of https://github.com/rapid7/metasploit-framework into add_smb1_scanner 2017-09-14 17:00:45 -05:00
loftwing 646dda7958 Add initial smbv1 scanner code 2017-09-14 16:59:39 -05:00
Christian Mehlmauer c77cb51d64
add newline 2017-09-14 18:26:11 +02:00
Jeffrey Martin a992a3c427
Land #8774, Post module for gather Docker credentials 2017-09-14 10:15:03 -05:00
Pearce Barry 200a1b400a
Remove spaces to appease msftidy. 2017-09-14 09:28:38 -05:00
h00die 30f833f684 80 pages left 2017-09-13 22:03:34 -04:00
loftwing 52385f4d9e fix formatting to fit rubocop 2017-09-13 11:46:57 -05:00
loftwing b8c40a9d95 Clean up formatting 2017-09-13 11:13:33 -05:00
loftwing 3c204f91ef Correct module title 2017-09-13 11:02:13 -05:00
loftwing 65f2ee9109 added generate_seh_record 2017-09-13 10:56:32 -05:00