infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
44,128 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

10788 Commits (52f56527d80b1435c85d832f559d967417c6d007)

Author SHA1 Message Date
Austin 6f37bbb1d6 fix EDB 2017-10-22 16:11:19 -04:00
Austin c7e35f885b add disc date 2017-10-21 20:13:25 -04:00
Austin e0831c1053 hopefully fix header..? 2017-10-21 18:38:32 -04:00
Austin 8239d28323 fix header 2017-10-21 09:07:18 -04:00
h00die cfd7761818 wp_mobile_detector rce 2017-10-20 23:19:58 -04:00
Austin 40e508f2ad correct mistake 2017-10-20 22:26:54 -04:00
Austin ac21567743 Fix requested changes 2017-10-20 22:17:04 -04:00
mumbai b255ddf8d6 New NETGEAR module 2017-10-20 20:25:11 -04:00
mumbai 2f371c9784 Netgear MODULE UNAUTH 2017-10-20 20:15:36 -04:00
mumbai 2e376a1b6a Merge remote-tracking branch 'upstream/master' into netgear_dgn1000_unauth_setup_exec 2017-10-20 20:13:29 -04:00
h00die f250e15b6e
Land #9105 rename psh to polycom for name collision 2017-10-20 20:10:57 -04:00
h00die fd028338e1 move psh to polycom so no more powershell name collision 2017-10-20 20:08:11 -04:00
h00die 5a6da487ab
Land #9043 two exploit modules for unitrends backup 2017-10-20 20:00:35 -04:00
h00die 5abdfe3e59 ueb9 style cleanup 2017-10-20 19:59:24 -04:00
caleBot c26779ef54 fixed msftidy issues 2017-10-20 14:39:39 -06:00
caleBot 8f622a5003 Update ueb9_bpserverd.rb 2017-10-20 14:35:03 -06:00
caleBot cce7bf3e19 Update ueb9_bpserverd.rb 2017-10-20 14:33:46 -06:00
caleBot 85152b5f1e added check function 2017-10-20 14:28:52 -06:00
caleBot e9ad5a7dca Update ueb9_api_storage.rb 2017-10-20 14:05:15 -06:00
caleBot 16b6248943 Update ueb9_bpserverd.rb 2017-10-20 13:58:12 -06:00
caleBot 5c0bcd8f0a Update ueb9_bpserverd.rb 2017-10-20 13:56:25 -06:00
caleBot abc749e1e8 Update ueb9_api_storage.rb 2017-10-20 13:48:29 -06:00
caleBot 8febde8291 Update ueb9_api_storage.rb 2017-10-20 12:23:53 -06:00
Kent Gruber 7cd532c384 Change targetr to target to fix small typo bug on one failure 
The target object seems to have a typo where it is referred to as
“targetr” which I’d guess isn’t exactly what we’d like to do in this
case. So, I’ve changed that to “target” in order to work.

So, I’ve simply fixed that small typo.
 2017-10-19 19:55:58 -04:00
mumbai 04a24e531b New module 2017-10-18 21:37:26 -04:00
Wei Chen c67a5872cd
Land #9055, Add exploit for Sync Breeze HTTP Server 
Land #9055
 2017-10-13 17:34:03 -05:00
Wei Chen 3a2c6128be Support automatic targeting 2017-10-13 16:53:22 -05:00
bwatters-r7 294230c455
Land #8509, add Winsxs bypass for UAC 2017-10-11 16:24:52 -05:00
Jeffrey Martin cfaa34d2a4
more style cleanup for tomcat_jsp_upload_bypass 2017-10-11 15:53:35 -05:00
Jeffrey Martin 9885dc07f7
updates for style 2017-10-11 15:29:47 -05:00
Jeffrey Martin 1786634906
Land #9059, Tomcat JSP Upload via PUT Bypass 2017-10-11 15:05:00 -05:00
root 03e7797d6c fixed msftidy errors and added documentation 2017-10-11 07:57:01 -04:00
h00die e976a91b15
land #9053 RCE for rend micro imsva 2017-10-10 19:27:06 -04:00
Wei Chen a4bc3ea3c2 Merge branch 'pr9032' into upstream-master 
Land #9032, Improve CVE-2017-8464 LNK exploit

Land #9032
 2017-10-10 17:11:51 -05:00
Mehmet Ince fb16f1fbda
Disabling bind type payloads 2017-10-10 09:37:24 +03:00
peewpw facc38cde1 set timeout for DELETE request 2017-10-09 21:53:31 -04:00
Mehmet Ince a2d32b460c
Fixing grammer issue 2017-10-09 22:31:13 +03:00
Mehmet Ince c14c93d450
Integrate OfficeScan 11 exploitation and fix grammer issues 2017-10-09 22:11:42 +03:00
jakxx ef282ea154 Sync Breeze HTTP Server v10.0.28 BOF 
Added support for v10.0.28 to Sync Breeze BOF module
 2017-10-09 13:50:24 -04:00
bwatters-r7 fc5ab96ad6 Merging to prep for testing 
Merge branch 'master' of github.com:rapid7/metasploit-framework into upstream-master
 2017-10-09 10:31:30 -05:00
bwatters-r7 7df18e378d Fix conflicts in PR 8509 by mergeing to master 2017-10-09 10:30:21 -05:00
peewpw be8680ba3d Create tomcat_jsp_upload_bypass.rb 
Created a module for CVE-2017-12617 which uploads a jsp payload and executes it.
 2017-10-08 21:48:47 -04:00
Mehmet Ince 395c82050b
Adding Trend Micro IMSVA Widget RCE 2017-10-08 18:15:32 +03:00
Mehmet Ince 79c9123261
Adding Trend Micro OfficeScan widget rce module 2017-10-08 17:54:18 +03:00
h00die 7a87e11767
land #8781 Utilize Rancher Server to exploit hosts 2017-10-07 13:04:34 -04:00
Maurice Popp b7184e87c0 fixing a type 2017-10-07 14:16:01 +02:00
Maurice Popp 8d50c34e4b codefixing 2017-10-07 14:06:58 +02:00
Martin Pizala 34d119be04
Payload space, error handling and style" 2017-10-07 01:12:24 +02:00
William Webb d9e0d891a1
Land #9010, Remove checks for hardcoded SYSTEM account name 2017-10-06 13:42:18 -05:00
h00die 7535fe255f
land #8736 RCE for orientdb 2017-10-06 14:35:42 -04:00
caleBot 752d21e11c forgot a comma 2017-10-06 10:47:42 -06:00
caleBot 63e3892392 fixed issues identified by msftidy 2017-10-06 10:16:01 -06:00
caleBot 78e262eabd fixed issues identified by msftidy 2017-10-06 10:15:30 -06:00
caleBot 36610b185b initial commit for UEB9 exploits - CVE-2017-12477, CVE-2017-12478 2017-10-06 09:38:33 -06:00
Maurice Popp 770547269b added documentation, and fixed 4 to 2 indentation 2017-10-06 15:39:25 +02:00
Brent Cook 9d2e8b1e4d
Land #8003, Evasions for delivering nops/shellcode into memory 2017-10-05 16:44:36 -05:00
Spencer McIntyre e4d99a14b6 Fix EXITFUNC back to process for the RCE too 2017-10-05 11:38:08 -04:00
Spencer McIntyre 4729c885f1 Cleanup the CVE-2017-8464 LPE module 2017-10-05 11:10:37 -04:00
Spencer McIntyre d0ebfa1950 Change the template technicque to work as an LPE 2017-10-05 10:30:28 -04:00
Spencer McIntyre 825ad940e6 Update the advanced option names and a typo 2017-10-05 10:16:31 -04:00
Spencer McIntyre 482ce005fd Update the advanced option names and a typo 2017-10-05 10:11:00 -04:00
Pearce Barry 7400082fdb
Land #9040, Add CVE and Vendor article URL to the denyall_waf_exec module 2017-10-04 09:12:48 -05:00
Mehmet Ince 110f3c9b4a
Add cve and vendor article to the denyall_waf_exec module 2017-10-04 12:11:58 +03:00
William Vu 10dafdcb12
Fix #9036, broken refs in bypassuac_comhijack 
Each ref needs to be an individual array.
 2017-10-03 13:36:29 -05:00
ashish gahlot 9ff6efd3a3 Remove broken link 2017-10-02 20:43:55 +05:30
Martin Pizala e3326e1649
Use send_request_cgi instead of raw 2017-10-01 02:15:43 +02:00
Martin Pizala 701d628a1b
Features for selecting the target 2017-10-01 02:04:10 +02:00
Spencer McIntyre f2f48cbc8f Update the CVE-2017-8464 module 2017-09-30 18:25:16 -04:00
William Vu 9b75ef7c36
Land #8343, qmail Shellshock module 2017-09-29 00:28:30 -05:00
William Vu daedf0d904 Clean up module 2017-09-29 00:27:22 -05:00
Martin Pizala 3a1a437ac7
Rubocop Stlye 2017-09-28 23:53:45 +02:00
Martin Pizala 40c58e3017 Function for selecting the target host 2017-09-28 23:43:59 +02:00
Martin Pizala cc98e80002
Change arch to ARCH_X64 2017-09-28 20:50:18 +02:00
Christian Mehlmauer 41e3895424
remove checks for hardcoded name 2017-09-27 07:41:06 +02:00
William Vu 98ae054b06
Land #8931, Node.js debugger exploit 2017-09-25 14:00:13 -05:00
g0tmi1k 1ee590ac07 Move over to rex-powershell and version bump 
Version bump for:
- https://github.com/rapid7/rex-powershell/pull/10
- https://github.com/rapid7/rex-powershell/pull/11
 2017-09-25 13:45:06 +01:00
h00die 4d1e51a0ff
Land #8906 RCE for supervisor 2017-09-24 08:03:30 -04:00
h00die 9528f279a5 cleaned up version, and docs 2017-09-23 10:51:52 -04:00
Pearce Barry e8eeb784e4
Land #8960, spelling/grammar fixes part 3 2017-09-22 18:51:31 -05:00
Pearce Barry 8de6fa79c1
Tweakz, yo. 2017-09-22 18:49:09 -05:00
Pearce Barry d56fffcadf
Land #8974, spelling/grammar fixes part 4. Finished. 2017-09-22 14:59:28 -05:00
Mehmet Ince 3d543b75f5
Fixing typos and replacing double quotes with single 2017-09-21 23:48:12 +03:00
Mehmet Ince 1031d7960a
Moving token extraction to the seperated function 2017-09-20 10:23:32 +03:00
Mehmet Ince ee969ae8e5
Adding DenyAll RCE module 2017-09-19 14:53:37 +03:00
h00die c90f885938 Finished spelling issues 2017-09-17 16:00:04 -04:00
William Webb d5362333e2
Land #8958, Add Disk Pulse Enterprise web server buffer overflow 2017-09-15 13:34:22 -05:00
h00die 30f833f684 80 pages left 2017-09-13 22:03:34 -04:00
loftwing 52385f4d9e fix formatting to fit rubocop 2017-09-13 11:46:57 -05:00
loftwing b8c40a9d95 Clean up formatting 2017-09-13 11:13:33 -05:00
loftwing 3c204f91ef Correct module title 2017-09-13 11:02:13 -05:00
loftwing 65f2ee9109 added generate_seh_record 2017-09-13 10:56:32 -05:00
loftwing 7db506887b Add exploit code 2017-09-13 10:36:36 -05:00
loftwing eb0d174987 Add disk_pulse_enterprise_get module 2017-09-13 10:19:24 -05:00
Pearce Barry 7b87915e1f
Land #8923, Add additional error checking to mssql_clr_payload module 2017-09-11 17:39:33 -05:00
Tod Beardsley 5f66b7eb1a
Land #8940, @h00die's second round of desc fixes 
One ninja edit along the way as well.
 2017-09-11 13:05:13 -05:00
Tod Beardsley cfbd3c1615
Fix spelling of Honeywell 2017-09-11 13:02:18 -05:00
james ba880d1a85 Changes to mssql_clr_payload error handling based on code review 2017-09-10 14:15:39 -05:00
Patrick Thomas 2966fb7c8c Accept @shawizard suggestion for formatting msg_body 2017-09-10 11:23:52 -07:00
h00die 7339658ba9 224 pages of spelling issues left 2017-09-09 09:52:08 -04:00
h00die 6289cc0b70 Merge branch 'spellin' of https://github.com/h00die/metasploit-framework into spellin 2017-09-08 22:20:39 -04:00