infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
44,305 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

23035 Commits (59940feacc033b55aaa25b39121f537de77a7361)

Author SHA1 Message Date
Brent Cook 4050985649
update payloads 2017-11-21 13:53:33 -06:00
Brent Cook 1fd7f7c8bc prefix MeterpreterUserAgent and PayloadProxy* with Http for consistency, 
this also adds aliases where needed
 2017-11-21 13:47:19 -06:00
Austin 39a4d193a1
Create office_ms17_11882.rb 2017-11-21 14:47:02 -05:00
h00die dd8238d146 rubocop got a donut 2017-11-20 20:08:28 -05:00
Adam Cammack dd57138423
Make external module read loop more robust 
Changes from a "hope we get at most one message at a time" model to
something beginning to resemble a state machine. Also logs error output
and fails the MSF module when the external module fails.
 2017-11-20 16:52:05 -06:00
h00die 579d012fa2 spelling 2017-11-19 08:36:27 -05:00
h00die b7f7afb3be version detect, 2.2.6 handling 2017-11-19 08:28:07 -05:00
h00die f8891952c6 pfsense group member exec module 2017-11-15 21:00:58 -05:00
Adam Cammack c740f4369c
Land #9197, Cleanup Mako Server exploit 2017-11-15 15:01:31 -06:00
Adam Cammack 4219959c6d
Bump ranking to Excellent 2017-11-15 15:00:47 -06:00
bwatters-r7 83c228f3b8
Make rubocop less mad 2017-11-15 14:06:36 -06:00
bwatters-r7 33a07beb30
Fix whitespace issues 2017-11-15 12:26:49 -06:00
Austin 829a7a53db
verbose response. 2017-11-15 12:27:40 -05:00
bwatters-r7 53a068d13f Add error handling for failed hashdumps 2017-11-15 11:08:35 -06:00
David Maloney 8b9e091e70 remove humorous typo 2017-11-15 11:08:25 -06:00
David Maloney 7162765b57 load extapi in domain_hashdump 
domain hashdump always needs to load extapi to work
 2017-11-15 11:08:17 -06:00
David Maloney ad98c9c156 fix Windows server 2016 support for domain_hashdump 
The domain hashdump psot module should now work
against Server 2016 DCs.
 2017-11-15 11:08:06 -06:00
Austin 4918e5856d
Update polycom_hdx_traceroute_exec.rb 2017-11-15 10:41:51 -05:00
Austin d93120e2ac
Create polycom_hdx_traceroute_exec.rb 2017-11-15 10:40:57 -05:00
Martin Pizala 33e5508bcb
bypass user namespaces 2017-11-15 15:14:58 +01:00
William Vu f3e2f4d500
Land #9167, D-Link DIR-850L exploit 2017-11-10 18:15:39 -06:00
William Vu 3936d3baa1 Clean up module 2017-11-10 18:15:22 -06:00
Martin Pizala 971ec80fc1
Keep the python target 2017-11-10 23:11:27 +01:00
Steven Patterson df2b62dc27
Add Mako Server CMD injection Linux support, update docs, move to multi 2017-11-10 16:28:39 -05:00
William Vu ea260e87b7 Remove headers, since we didn't send them before 
http was an invalid key for setting headers, and we still got a shell.
These headers also don't seem relevant to the PUT request.
 2017-11-09 11:06:50 -06:00
William Vu 7213e6cc49 Fix #9133, makoserver_cmd_exec cleanup 2017-11-09 10:52:03 -06:00
h00die 52888871e3
Land #8747 RCE for Geutebrueck GCore on Windows 2017-11-08 20:22:54 -05:00
h00die 7ad151e68b gcore formatting update 2017-11-08 20:21:40 -05:00
Adam Cammack 39916ef61a
Land #9133, Command injection in Mako Server examples 2017-11-08 15:11:01 -06:00
William Vu b7c604f941
Land #9189, s/patrick/aushack/g 2017-11-08 10:27:03 -06:00
bwatters-r7 5a07be9b96
Land #9041, Add LPE on Windows using CVE-2017-8464 2017-11-08 10:09:03 -06:00
Patrick Webster 2f6da89674 Change author name to nick. 2017-11-09 03:00:24 +11:00
Austin 0a4ce1e87b
cmdstager build 
Removes the need for HTTP Server, utilizes helper CmdStager, reduces module size.
 2017-11-07 19:00:59 -05:00
Maurice Popp 6683ba501f added one missing change 2017-11-07 20:05:43 +01:00
Maurice Popp 8963d77bca multiple changes as requested by h00die 2017-11-07 20:00:56 +01:00
Pearce Barry fc87ee08d9
Land #9060, IBM Lotus Notes DoS (CVE-2017-1130). 2017-11-07 11:20:12 -06:00
RootUp 88db98c381
Update ibm_lotus_notes2.rb 2017-11-06 20:45:50 +05:30
Brent Cook cfeb0b7bda prefer threadsafe sleep here 2017-11-06 01:37:09 -06:00
Brent Cook 897b5b5dd1 revert passive handler stance 2017-11-06 01:37:09 -06:00
Pearce Barry 77c13286e0
Ensure closing script tag has necessary escape. 2017-11-05 13:41:29 -06:00
Spencer McIntyre 7d1de9bc48 Fix removing the dropped files after exploitation 2017-11-04 18:50:20 -04:00
Austin 1758ed93d4
Update dlink_850l_unauth_exec.rb 2017-11-04 11:42:49 -04:00
Austin 724c5fb963
finish 2017-11-04 11:41:07 -04:00
Austin e783cb59ea
add "check" & msftidy 2017-11-04 08:53:50 -04:00
Austin 84599ed3fc
Update dlink_850l_unauth_exec.rb 2017-11-04 07:58:13 -04:00
Austin cddec8ca6c
download creds, stores in loot. 2017-11-03 14:24:45 -04:00
Austin 32a75e9782
Update dlink_850l_unauth_exec.rb 2017-11-03 09:02:48 -04:00
Austin 705c1cc6a7
Redo Functions 2017-11-03 08:33:42 -04:00
Austin 8c0da8ea90
Update dlink_850l_unauth_exec.rb 2017-11-03 06:24:07 -04:00
Austin af583e843c
Update dlink_850l_unauth_exec.rb 2017-11-03 06:21:59 -04:00
Austin 5b7d803f85
Update dlink_850l_unauth_exec.rb 2017-11-02 15:57:03 -04:00
Austin 429ac71a63
header 2017-11-02 15:53:45 -04:00
Austin 61a67efb82
annnd....it sucks 2017-11-02 15:53:09 -04:00
Spencer McIntyre 70033e2b94 Enable the payload handler by default 2017-11-02 12:31:54 -04:00
William Vu a15b61a218
Fix #9160, exploit method from TcpServer 
It already starts the server and waits for us. This is what was called
when the module was still auxiliary.
 2017-11-01 19:26:00 -05:00
William Vu 87934b8194 Convert tnftp_savefile from auxiliary to exploit 
This has been a long time coming. Fixes #4109.
 2017-11-01 17:37:41 -05:00
William Vu 972f9c08eb
Land #9135, peer print for jenkins_enum 2017-11-01 15:33:13 -05:00
William Vu 77181bcc9c Prefer peer over rhost/rport 2017-11-01 15:32:32 -05:00
William Vu 0e66ca1dc0
Fix #3444/#4774, get_json_document over JSON.parse 
Forgot to update these when I wrote new modules.
 2017-11-01 15:05:49 -05:00
William Vu 7a09dcb408
Fix #9109, HttpServer (TcpServer) backgrounding 2017-11-01 13:35:04 -05:00
William Vu e3ac6b8dc2
Land #9109, wp-mobile-detector upload and execute 2017-11-01 13:25:16 -05:00
William Vu 3847a68494 Clean up module 2017-11-01 13:23:32 -05:00
Jeffrey Martin 7a21cfdfa6
add cached sizes for ppce500v2 2017-11-01 13:08:15 -05:00
lvarela-r7 c36184697c
Merge pull request #9150 from bcook-r7/runtimeerror 
Fix several broken raise RuntimeError calls in error paths
 2017-10-31 14:47:42 -05:00
Brent Cook f1e6e7eed5
Land #9107, add MinRID to complement MaxRID 2017-10-31 12:18:28 -05:00
Brent Cook aa0ac57238 use implicit RuntimeError 2017-10-31 04:53:14 -05:00
Brent Cook 9389052f61 fix more broken RuntimeError calls 2017-10-31 04:45:19 -05:00
Brent Cook 56eb828cc5 add e500v2 payloads 2017-10-30 14:04:10 -05:00
Brent Cook 22f9626186
update sizes 2017-10-30 05:26:29 -05:00
RootUp 9c16da9c98
Update ibm_lotus_notes2.rb 2017-10-28 18:53:15 +05:30
Steven Patterson b96fa690a9
Add brackets to print functions 2017-10-27 15:23:22 -04:00
sho-luv 587c9673c6
Added host and port to output 
I added the host and port number to reporting when instances are found.
 2017-10-27 09:34:49 -07:00
h00die 037c58d1f6 wp-mobile-detector udpates 2017-10-27 10:10:04 -04:00
Steven Patterson 8613852ee8
Add Mako Server v2.5 command injection module/docs 2017-10-26 23:29:11 -04:00
Jeffrey Martin cd755b05d5
update powershell specs for rex-powershell 0.1.77 2017-10-26 15:03:10 -05:00
Jeffrey Martin 43b67fe80b
remove errant bracket, formatting update 2017-10-26 15:01:53 -05:00
Jeffrey Martin f2cba8d920
Land #8933, Web_Delivery - Merge regsvr32_applocker_bypass_server & Add PSH(Binary) 
This restores the original PR
 2017-10-25 16:29:11 -05:00
Jeffrey Martin ca28abf2a2 Revert "Land #8933, Web_Delivery - Merge regsvr32_applocker_bypass_server & Add PSH(Binary)" 
This reverts commit 4999606b61, reversing
changes made to 4274b76473.
 2017-10-25 16:19:14 -05:00
Jeffrey Martin 0a858cdaa9
Revert "fix my comments from #8933" 
This reverts commit 02a2839577.
 2017-10-25 16:13:00 -05:00
Jeffrey Martin 02a2839577 fix my comments from #8933 2017-10-25 14:46:41 -05:00
Jeffrey Martin 4999606b61 Land #8933, Web_Delivery - Merge regsvr32_applocker_bypass_server & Add PSH(Binary) 2017-10-25 12:44:04 -05:00
Jeffrey Martin 4274b76473
Land #9119, Fix #8436, allow session upgrading on meterpreter sessions 2017-10-25 10:26:27 -05:00
RootUp 80aba7264c Update ibm_lotus_notes2.rb 2017-10-25 10:33:25 +05:30
Brent Cook 50c533a452 update cached sizes 2017-10-23 23:04:02 -05:00
mumbai 19859f834d re-add payload 2017-10-23 10:20:19 -04:00
Maurice Popp df14dc4452 autodetection fixing 2017-10-23 09:07:46 +02:00
h00die cd35ae4661
Land #9106 negear dgn1000 unauth rce module 2017-10-22 22:18:53 -04:00
h00die 210f6f80b7 netgear1000dng cleanup 2017-10-22 22:17:40 -04:00
Austin eff94be951 Update netgear_dgn1000_setup_unauth_exec.rb 2017-10-22 16:55:40 -04:00
Austin 6f37bbb1d6 fix EDB 2017-10-22 16:11:19 -04:00
Tim ca4feb5136 fix session upgrading 2017-10-23 01:26:45 +08:00
Austin c7e35f885b add disc date 2017-10-21 20:13:25 -04:00
Austin e0831c1053 hopefully fix header..? 2017-10-21 18:38:32 -04:00
Austin 8239d28323 fix header 2017-10-21 09:07:18 -04:00
h00die cfd7761818 wp_mobile_detector rce 2017-10-20 23:19:58 -04:00
Austin 40e508f2ad correct mistake 2017-10-20 22:26:54 -04:00
Austin ac21567743 Fix requested changes 2017-10-20 22:17:04 -04:00
mumbai 8b8bebd782 remove payload 2017-10-20 20:27:15 -04:00
mumbai b255ddf8d6 New NETGEAR module 2017-10-20 20:25:11 -04:00
Jon Hart 9658776adf
Land #9079, adding @h00die's gopher scanner 2017-10-20 17:16:08 -07:00