Commit Graph

48377 Commits (5b6938e9423e662446c52c8700ef54e9c52cbba5)

Author SHA1 Message Date
Ben Schmeckpeper c4d697a629
Remove trailing space from CVE identifier
ASUS Net4Switch ipswcom exploit mistakenly included a trailing space at the end of its CVE reference.
2018-08-29 14:12:49 -05:00
Shelby Pace 7915c4ac6c
getting user credentials in response 2018-08-29 13:59:06 -05:00
James Barnett d6d9f9c675
Handle case for no connection for save and disconnect 2018-08-29 13:54:20 -05:00
bwatters-r7 0885bc478c
fix gemfile 2018-08-29 13:04:07 -05:00
James Barnett 133892629e
Dont allow invalid config file characters
Also only save cert when it is present
2018-08-29 12:49:03 -05:00
Dhiraj Mishra 25145004b2
Removing arch 2018-08-29 22:05:57 +05:30
James Barnett f7ecd4436d
Even more messaging changes 2018-08-29 11:32:01 -05:00
Metasploit b5b06f0fb0
automatic module_metadata_base.json update 2018-08-29 09:24:52 -07:00
James Barnett 65f38d6051
More messaging changes 2018-08-29 11:19:37 -05:00
William Vu 468613f688
Land #10536, https:// reference check for msftidy 2018-08-29 11:14:42 -05:00
Jacob Robles d5ad683ba6
More doc updates 2018-08-29 10:59:36 -05:00
Adam Cammack 7414b18f20
Move prompt_char space to correct place 2018-08-29 10:38:28 -05:00
Shelby Pace bb4a4b8839
initial module setup 2018-08-29 10:28:10 -05:00
Jacob Robles 88c908665d
Update documentation 2018-08-29 06:24:30 -05:00
Jacob Robles 086ec5bdfb
Fix generated strings in pdf 2018-08-29 06:24:20 -05:00
Dhiraj Mishra c486dab574
Updating
Thank you bcoles :)
2018-08-29 11:45:08 +05:30
Metasploit 9b05f76576
automatic module_metadata_base.json update 2018-08-28 22:50:41 -07:00
William Vu 326f006146
Land #10542, CVE ref for office_ms17_11882 exploit 2018-08-29 00:42:53 -05:00
Christian Mehlmauer 69d321000e
check double quotes 2018-08-29 06:49:37 +02:00
Christian Mehlmauer 31d4d4f5ff
expand check 2018-08-29 06:42:01 +02:00
Christian Mehlmauer 14fa41a376
merge changes 2018-08-29 06:09:40 +02:00
Josh Hale 09926bd184 Better help description and comments 2018-08-28 22:11:32 -05:00
James Barnett 28954dbc1d
More messaging improvements 2018-08-28 17:14:59 -05:00
bwatters-r7 239ea3a3bb
Land #10544, Update payloads to 1.3.45
Merge branch 'land-10544' into upstream-master
2018-08-28 17:05:23 -05:00
James Barnett cc5d96a441
Update messaging 2018-08-28 17:00:58 -05:00
Metasploit b28ee033f1
automatic module_metadata_base.json update 2018-08-28 14:58:49 -07:00
asoto-r7 b373dcc5d4
First draft of module and documentation for struts_namespace_rce against CVE-2018-11776 2018-08-28 16:53:26 -05:00
William Vu ba76292c40
Land #10543, struts2_rest_xstream targeting fixes 2018-08-28 16:50:26 -05:00
James Barnett 161fb52ae3
Dont build connect string manually during loadup 2018-08-28 16:37:14 -05:00
William Vu f6b868bac2 Prefer regex for target check in exploit method
This is how I initially wrote it out, and I think I like it better.
Obviously we'll still check individual symbols in execute_command, since
some of the matching is disjoint.
2018-08-28 15:56:45 -05:00
James Barnett 52cc140cd2
Handle case where no default db is set 2018-08-28 15:52:26 -05:00
Metasploit 78d906a731
automatic module_metadata_base.json update 2018-08-28 13:42:46 -07:00
Adam Cammack 2958f9a83f
Land #10541, Correct claymore_dos.py's CVE ref 2018-08-28 15:35:16 -05:00
Metasploit ddee640442
automatic module_metadata_base.json update 2018-08-28 13:33:26 -07:00
bwatters-r7 cc5f1df9ce
Update payloads 2018-08-28 15:31:35 -05:00
bwatters-r7 1be7f55cae
Land #8983, Add peinjector post module
Merge branch 'land-8983' into upstream-master
2018-08-28 15:25:56 -05:00
William Vu 3dec79da23 Add Windows ARCH_CMD target and refactor again
Must have been an oversight that I didn't add the target.
2018-08-28 15:03:41 -05:00
bwatters-r7 f6b0e720e4
Add documentation for peinjector 2018-08-28 14:02:34 -05:00
Ben Schmeckpeper 6335d867ec
Add CVE reference to office_ms17_11882 exploit
The CVE identifier appears in a  GitHub URI but is not referenced separately.
2018-08-28 13:44:01 -05:00
Ben Schmeckpeper ed60b767a7
Correct claymore_dos.py's CVE reference
The CVE reference shouldn't include the `CVE-` prefix
2018-08-28 13:34:02 -05:00
Jacob Robles 94e8cdac37
Move files to correct location 2018-08-28 12:38:54 -05:00
Jacob Robles 2986a9538d
Whitespace fix 2018-08-28 11:53:08 -05:00
Jacob Robles 49c5a91fa7
Add linux target to weblogic_deserialize module 2018-08-28 11:51:04 -05:00
William Vu 4803c889f9
Land #10507, GPP creds for db_import 2018-08-28 11:45:51 -05:00
James Barnett 5e45e2f1e9
Add help text for -l and -n options 2018-08-28 11:42:10 -05:00
bwatters-r7 20daba6e2d
fix line endings 2018-08-28 11:33:17 -05:00
James Barnett 3c1086741b
Use correct variable name for api_token 2018-08-28 10:49:50 -05:00
alpiste 562fc09d5d add new line to the end of the file 2018-08-28 09:02:21 -05:00
alpiste 3a6d72b8b6 some executable files need stack preserve and stack restore, functionality restored 2018-08-28 09:02:21 -05:00
alpiste ff7baaca13 remove stack preserve and stack restore in x86 shellcode and delete duplicated stack preserve variable in x64 shellcode 2018-08-28 09:02:21 -05:00