infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
42,112 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

10214 Commits (494711ee6517b2125c889b354d851f067822b2c1)

Author SHA1 Message Date
Adam Cammack 494711ee65
Land #8307, Add lib for writing Python modules 2017-05-02 15:53:13 -05:00
William Vu 03e4ee91c2
Correct Ghostscript 9.2.1 to 9.21 as per advisory 2017-05-01 16:23:14 -05:00
HD Moore afc804fa03 Quick Ghostscript module based on the public PoC 2017-04-28 09:56:52 -05:00
Brent Cook 037fdf854e move common json-rpc bits to a library 2017-04-26 18:08:08 -05:00
Brent Cook a60e5789ed update mettle->meterpreter references in modules 2017-04-26 17:55:10 -05:00
William Vu bbee7f86b5
Land #8263, Mercurial SSH exec module 2017-04-26 01:38:01 -05:00
William Vu f60807113b Clean up module 2017-04-26 01:37:49 -05:00
wchen-r7 320898697a
Land #8266, Add Buffer Overflow Exploit on Disk Sorter Enterprise 2017-04-24 17:17:30 -05:00
wchen-r7 e333cb65e5 Restore require 'msf/core' 2017-04-24 17:09:02 -05:00
Matthias Brun d3aba846b9 Make minor changes 2017-04-24 23:35:36 +02:00
wchen-r7 5bbb4d755a
Land #8254, Add CVE-2017-0199 - Office Word HTA Module 2017-04-24 16:05:00 -05:00
wchen-r7 6029a9ee2b Use a built-in HTA server and update doc 2017-04-24 16:04:27 -05:00
Daniel Teixeira 47898717c9 Minor documentation improvements 
Space after ,
 2017-04-24 14:47:25 +01:00
h00die 8e4c093a22 added version numbers 2017-04-22 09:45:55 -04:00
Matthias Brun 714ada2b66 Inline execute_cmd function 2017-04-21 15:32:15 +02:00
Matthias Brun 8218f024e0 Add WiPG-1000 Command Injection module 2017-04-20 16:32:23 +02:00
DanielRTeixeira f1c51447c1 Add files via upload 
Buffer Overflow on Disk Sorter Enterprise
 2017-04-19 10:57:41 +01:00
Jonathan Claudius f5430e5c47
Revert Msf::Exploit::Remote::Tcp 2017-04-18 19:27:35 -04:00
Jonathan Claudius 9a870a623d
Make use of Msf::Exploit::Remote::Tcp 2017-04-18 19:17:48 -04:00
Jonathan Claudius 03e3065706
Fix MSF tidy issues 2017-04-18 18:56:42 -04:00
Jonathan Claudius 32f0b57091
Fix new line issues 2017-04-18 18:52:53 -04:00
William Vu 3b38d0d900
Land #8262, PR ref for huawei_hg532n_cmdinject 2017-04-18 16:29:13 -05:00
Jonathan Claudius bfca4da9b0
Add mercurial ssh exec 2017-04-18 16:33:23 -04:00
Tod Beardsley 1fcc1f7417
Trailing comma. Why isn't this Lua? 2017-04-18 14:27:44 -05:00
wchen-r7 0428e12b10
Land #8216, Add CVE-2016-7552/CVE-2016-7547 exploit 2017-04-18 14:26:55 -05:00
Tod Beardsley 4ec71f9272
Add a reference to the original PR 
This was the source of first public disclosure, so may as well include
it.
 2017-04-18 14:20:25 -05:00
Nate Caroe 92e7183a74 Small typo fix 
Running msfconsole would generate an Ubuntu crash report (?). This seems to be the culprit.
 2017-04-17 11:14:51 -06:00
Ahmed S. Darwish e21504b22d huawei_hg532n_cmdinject: Use send_request_cgi() 'vars_get' key 
Instead of rolling our own GET parameters implementation.

Thanks @wvu-r7!
 2017-04-17 09:11:50 +02:00
nixawk 3d082814cb Fix default options 2017-04-17 01:09:48 -05:00
Ahmed S. Darwish 7daec53106 huawei_hg532n_cmdinject: Improve overall documentation 
- Add section on compiling custom binaries for the device
- Add documentation for Huawei's wget flavor (thanks @h00die)
- Abridge the module's info hash contents (thanks @wwebb-r7)
- Abridge the module's comments; reference documentation (@h00die)
 2017-04-17 08:00:51 +02:00
Ahmed S. Darwish 8a302463ab huawei_hg532n_cmdinject: Use minimum permissions for staged binary 
Use u+rwx permissions only, instead of full 777, while staging the
wget binary to target. As suggested by @wvu-r7 and @busterb.
 2017-04-17 03:27:57 +02:00
Ahmed S. Darwish 7ca7528cba huawei_hg532n_cmdinject: Spelling fixes suggested by @wvu-r7 2017-04-17 03:23:20 +02:00
Ahmed S. Darwish 7b8e5e5016 Add Huawei HG532n command injection exploit 2017-04-15 21:01:47 +02:00
nixawk fb001180c4 Fix generate_uri 2017-04-14 21:52:31 -05:00
nixawk 590816156f rename exp module 2017-04-14 21:32:48 -05:00
nixawk 1952529a87 Format Code 2017-04-14 21:30:26 -05:00
nixawk 8ab0b448fd CVE-2017-0199 exploit module 2017-04-14 13:22:59 -05:00
mr_me 3c2dc68e9c improved description, no point repeating the same thing\! 2017-04-11 09:55:11 -05:00
mr_me c359e15de6 updated the print statement 2017-04-11 09:31:17 -05:00
mr_me 84ac9d905c improved the description of the module 2017-04-11 09:24:43 -05:00
mr_me b1d127e689 satisfied travis 2017-04-10 14:11:18 -05:00
mr_me 0f07875a2d added CVE-2016-7552/CVE-2016-7547 exploit 2017-04-10 13:32:58 -05:00
William Vu 06ca406d18 Fix weird whitespace 2017-04-09 22:23:58 -05:00
Christian Mehlmauer 74dc7e478f
update piwik module 2017-04-05 20:19:07 +02:00
bwatters-r7 64c06a512e
Land #8020, ntfs-3g local privilege escalation 2017-04-04 09:48:15 -05:00
Brent Cook 4c0539d129
Land #8178, Add support for non-Ruby modules 2017-04-02 21:02:37 -05:00
h00die 0092818893
Land #8169 add exploit rank where missing 2017-04-02 20:59:25 -04:00
Bryan Chu 151ed16c02 Re-ranking files 
../exec_shellcode.rb
Rank Great -> Excellent

../cfme_manageiq_evm_upload_exec.rb
Rank Great -> Excellent

../hp_smhstart.rb
Rank Average -> Normal
 2017-04-02 18:33:46 -04:00
h00die e80b8cb373 move sploit.c out to data folder 2017-03-31 20:51:33 -04:00
Adam Cammack 6910cb04dd
Add first exploit written in Python 2017-03-31 17:07:55 -05:00