infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
41,984 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

21897 Commits (a69aba0eaba813bc4c2d230816b32250e219cd1b)

Author SHA1 Message Date
Carter 581d523d5b Fix things from review 2017-03-24 21:22:23 -04:00
Pearce Barry 9db2e9fbcd
Land #8146, Add Default Secret & Deserialization Exploit for Github Enterprise 2017-03-24 14:38:47 -05:00
dmohanty-r7 92c0748447
Land #8102, Add a plugin to notify new sessions via SMS 2017-03-24 11:17:59 -05:00
William Webb e04f01ed6b
Land #7778, RCE on Netgear WNR2000v5 2017-03-23 15:34:16 -05:00
wchen-r7 3b062eb8d4 Update version info 2017-03-23 13:46:09 -05:00
wchen-r7 fdb52a6823 Avoid checking res.code to determine RCE success 
Because it's not accurate
 2017-03-23 13:39:45 -05:00
wchen-r7 39682d6385 Fix grammar 2017-03-23 13:23:30 -05:00
wchen-r7 ee21377d23 Credit Brent & Adam 2017-03-23 11:22:49 -05:00
wchen-r7 196a0b6ac4 Add Default Secret & Deserialization Exploit for Github Enterprise 2017-03-23 10:40:31 -05:00
Mehmet Ince d37966f1bb
Remove old file 2017-03-23 12:53:08 +03:00
Mehmet Ince 8a43a05c25
Change name of the module 2017-03-23 12:49:31 +03:00
Carter 8dd0f953b0 remove unnecessary require 2017-03-22 19:48:24 -04:00
Carter 420df11c44 Change up the way shodan is reached 2017-03-22 19:39:45 -04:00
bwatters-r7 a93aef8b7a
Land #8086, Add Module Logsign Remote Code Execution 2017-03-22 11:33:49 -05:00
Patrick DeSantis 2200c9faee Create moxa_discover.rb 2017-03-22 10:49:26 -04:00
Carter fa61d67761 Fix score comparison 2017-03-21 19:17:20 -04:00
Brent Cook 3af0f814c3
Land #8138, fix mettle UAF and add initial http/https transport support 2017-03-21 16:51:09 -05:00
William Vu 1a8e8402ae
Land #8113, SysGauge SMTP server validation sploit 2017-03-21 16:45:42 -05:00
Brent Cook 9542087642 bump mettle to 0.1.8 2017-03-21 16:45:25 -05:00
wchen-r7 d10b3da6ec
Land #8132, Support Python 2 & 3 for web_delivery 2017-03-21 13:48:27 -05:00
wchen-r7 6b3cfe0a98 Support both Python 2 and Python 3 in one line 
Tested on:

* Python 2.7.13 on Windows
* Python 3.5.3 on Windows
 2017-03-21 13:47:07 -05:00
Carter fef8ec10bc Fix author formatting 2017-03-21 13:23:41 -04:00
Carter d7640713df Add more checks and formatting 2017-03-21 13:23:06 -04:00
Carter 1f68a3bda6 Rename honeypot.rb to shodan_honeyscore.rb 2017-03-21 13:10:31 -04:00
James Lee 2e096be869
Remove debugging output 2017-03-21 11:26:02 -05:00
Carter 79c7b84f08 Create honeypot.rb 2017-03-21 11:15:12 -04:00
bwatters-r7 be41df6de0
Land #8036, Fix run_as_psh with domain accounts 2017-03-21 09:05:50 -05:00
Pearce Barry f397624a69
Land #7935, HWBridge RF transceiver extension 2017-03-21 06:12:32 -05:00
Brent Cook aa5e9cd702
Land #8058, Allow the http_payload stager to sleep before retry 2017-03-21 00:07:10 -05:00
Pearce Barry c4279a837a Minor formatting/spelling/verbiage changes. 2017-03-20 17:37:12 -05:00
Craig Smith 2fde287424 Initial patch for rftransceiver (RfCat / YardstickOne) 2017-03-20 17:36:16 -05:00
Pearce Barry 2acd941b16 Merge branch 'master' into dtc_fix 2017-03-20 14:10:01 -05:00
Craig Smith 0be6b8c905 Fixes #8022 
Adds detection for ELM327 chips reporting CAN ERROR when vehicle is off.
Addes some enhanced UDS Error codes.
Cleaned up reporting from getvinfo if the vehicle is off or not connected.
 2017-03-20 13:49:39 -05:00
Pearce Barry 06ebb22a8f
Land #8065, Zigbee Hardware Bridge Extension 2017-03-20 10:44:15 -05:00
Swiftb0y ffe77c484e fixed spacing 2017-03-20 16:37:35 +01:00
Swiftb0y e51063aa56 added the python3 syntax to the web_delivery script 2017-03-20 16:08:08 +01:00
h00die 7bcd53d87d
Land #8079, exploit and aux for dnaLims 2017-03-20 11:08:05 -04:00
h00die fd5345a869 updates per pr 2017-03-20 10:40:43 -04:00
h00die fe5167bf26 changes to file per pr 2017-03-20 10:16:42 -04:00
William Vu f9ecefe465
Land #8031, nil fixes for HWBridge 2017-03-19 22:37:28 -05:00
Brent Cook aa1e76f28e
Land #8128, ensure there is a response before deferencing 2017-03-19 22:17:31 -05:00
Brent Cook e2c6f959f4
Land #8129, s/colom/colon/g 2017-03-19 22:14:38 -05:00
Javier Godinez 534ca8c5cb fix: URL encoding userdata 2017-03-18 21:52:49 -07:00
Javier Godinez 26d344a0ef Initial checkin of launch instances module 2017-03-18 21:52:49 -07:00
Carter ae883d7f02 Update multi_meterpreter_inject.rb 2017-03-19 00:27:28 -04:00
Carter 661bf6e492 Update multi_meterpreter_inject.rb 2017-03-19 00:27:03 -04:00
Carter 93a6614ab3 Update multi_meterpreter_inject.rb 2017-03-19 00:25:46 -04:00
h00die f88a522bf5 fix #8121 2017-03-18 14:50:24 -04:00
h00die 06e6a973ce
land #7944 a scanner for Carlo Gavazzi energy meters 2017-03-18 10:35:43 -04:00
h00die 84e4b8d596
land #8115 which adds a CVE reference to IMSVA 2017-03-18 09:51:52 -04:00
alpiste 1d0024ee3c tools/modules/update_payload_cached_sizes.rb update 2017-03-17 20:58:41 -03:00
Pearce Barry d55b680394
Land #8088, Add some binaries to enum_protections 2017-03-17 17:14:59 -05:00
Mehmet Ince 6aa42dcf08
Add solarwinds default ssh user rce 2017-03-17 21:54:35 +03:00
William Webb 1180bd6ed7
Land #8037, priv_migrate improvements 2017-03-17 13:19:51 -05:00
Brent Cook 52cea93ea2 Merge remote-tracking branch 'upstream/master' into land-8118- 2017-03-17 12:39:30 -05:00
Brent Cook e67c83e92c
Land #8119, Updated rails_secret_deserialization to add '.' cookie regex 2017-03-17 12:34:25 -05:00
Brent Cook ea4ca7ecc5
Land #8116, Handle ::Errno::ECONNRESET in telnet_version 2017-03-17 12:32:02 -05:00
Pearce Barry 095a110e65
Code and doc tweaks (minor). 
Only one behavior change in the scan loop of zstumbler.rb to, when doing a scan across all the channels, keep it from retrying channel 11 again one last time just before it exits.
 2017-03-16 21:43:36 -05:00
William Vu db6bc6c784
Land #8100, msfcrawler improvements 
Does anyone use this anymore??
 2017-03-16 21:31:23 -05:00
Chris Higgins 7a12e446a0 Updated documentation and fixed module header. Whoops, copy/paste fail. 2017-03-16 21:28:24 -05:00
bwatters-r7 ab75794cd4
Land #8071, Add API to send an MMS message to mobile devices 2017-03-16 11:57:34 -05:00
Craig Smith 78586f0dc9 Fixed an extra space at the EOL 2017-03-16 09:22:01 -07:00
Dallas Kaman 80c33fc27f
adding '-' to rails deserialization regex for cookie matching 2017-03-16 10:54:32 -05:00
Thomas Reburn 59c7de671e
Updated rails_secret_deserialization to add '.' regex for cookie matching. 2017-03-16 10:45:43 -05:00
Chris Higgins f4bb1d6a37 Updated based on @wvu's comments 2017-03-15 19:15:12 -05:00
bwatters-r7 91a4657c36 Bumped the metasploit-payloads version and cache sizes with PR#8043 2017-03-15 19:02:21 -05:00
bwatters-r7 b2a7d18584 Update cached payload sizes 2017-03-15 18:43:48 -05:00
Mehmet Ince f706c4d7f6
Removing prefix 2017-03-16 00:49:55 +03:00
wchen-r7 a1d7748d82 Fix #8061, Handle ::Errno::ECONNRESET in telnet_version 
Fix #8061
 2017-03-15 16:33:37 -05:00
Mehmet Ince 60186f6046
Adding CVE number 2017-03-16 00:31:21 +03:00
wchen-r7 d4ee254057
Land #8076, Add Easy File Sharing FTP Server Version 3.6 traversal 2017-03-15 16:17:13 -05:00
wchen-r7 8afe6a9061 Update easy_file_sharing_ftp and add documentation 2017-03-15 16:14:41 -05:00
William Vu a0ba3f17e7
Land #8110, process migration by name fix 2017-03-15 15:52:54 -05:00
William Vu 456ddcebc0 Remove nil values that are default already 
There are four lights!
 2017-03-15 15:51:22 -05:00
Brent Cook 8995629037
Land #7061, allow chaining the service stub with other encoders 2017-03-15 13:56:09 -05:00
Brent Cook b65919e7b1
Land #7956, Add QNAP NAS/NVR administrator hash disclosure 2017-03-15 11:12:59 -05:00
William Vu 0a71e4a903 Update check with Exploit::CheckCode::Appears 2017-03-15 05:13:30 -05:00
William Vu 86d2217f4d Fix whitespace and clarify options 2017-03-15 04:27:30 -05:00
William Vu a0bff5c8c3 Bump RETRIES to 10 
3 was a bit too low. I was using 10 and had more success with it.
 2017-03-15 03:18:09 -05:00
Chris Higgins b3fbbbee34 Spelling is hard 2017-03-14 23:34:00 -05:00
Chris Higgins cc4f18e6c5 Add sysgauge_client_bof module and documentation 2017-03-14 23:29:19 -05:00
William Webb e96013cd0f
Land #7781, IBM Websphere Java Deserialization RCE 2017-03-14 17:21:18 -05:00
wchen-r7 cf8b4a78fa
Bring branch up to date with upstream-master 2017-03-14 16:48:33 -05:00
Rich Whitcroft 04f11b0bf7 fix migrate by process name 2017-03-14 17:27:46 -04:00
wchen-r7 1736332638
Land #8103, Add CVE-2017-5638, Struts2 Content-Type OGNL injection 2017-03-14 16:10:49 -05:00
wchen-r7 9201f5039d Use vprint for check because of rules 2017-03-14 15:02:54 -05:00
James Lee f429b80c4e
Forgot to rm this when i combined 2017-03-14 12:18:11 -05:00
William Vu 01ea5262b8
Land #8070, msftidy vars_get fixes 2017-03-14 12:05:24 -05:00
William Vu 5c436f2867 Appease msftidy in tr064_ntpserver_cmdinject 
Also s/"/'/g.
 2017-03-14 11:52:21 -05:00
William Vu 5d6a159ba9 Use query instead of uri in mvpower_dvr_shell_exec 
I should have caught this in #7987, @bcoles, but I forgot. Apologies.
This commit finishes what @itsmeroy2012 attempted to do in #8070.
 2017-03-14 11:51:55 -05:00
itsmeroy2012 79331191be msftidy error updated 2.5 2017-03-14 22:02:59 +05:30
itsmeroy2012 67fc43a0a1 msftidy error updated 2.4 2017-03-14 21:33:53 +05:30
James Lee 53c9caa013
Allow native payloads 2017-03-13 20:10:02 -05:00
James Lee 2053b77b01
ARCH_CMD works 2017-03-13 18:37:50 -05:00
wchen-r7 bb4d6e17c8 Resolve #8026, Add a plugin to notify new sessions via SMS 
This plugin will notify you of a new session via SMS.

It also changes the SMS text format to MIME.

Resolve #8026
 2017-03-13 16:13:59 -05:00
itsmeroy2012 fe4e2306b4 Reverting one step 2017-03-13 22:22:24 +05:30
Jon P 665adec298 Patching storedb function (adding host/port/ssl for correct report_web_page) 2017-03-13 17:37:47 +01:00
wizard32 78ff7a8865 Module renamed 
Renamed from websphere_java_deserialize.rb to ibm_websphere_java_deserialize.rb
 2017-03-13 08:22:24 +02:00
William Vu 9f76b4d99c Change default RPORT to 443 with SSL 
I never really tested port 80, so I wonder why I didn't change this.
Turns out 80 isn't even the vuln service. Welp. Hat tip @bcoles.
 2017-03-12 21:03:31 -05:00
William Vu e7c920db44 Remove DEBEUG/print_debeug :( 2017-03-12 21:01:48 -05:00
William Vu d57b772ac9 Bump default RETRIES to 3 2017-03-12 21:00:38 -05:00
William Vu 8638f9ec7e Update freesshd_authbypass to use CmdStager fully 2017-03-11 19:59:39 -06:00
Pearce Barry 4e32c80e8e
Use the Msf::Exploit::CmdStager mixin. Fixes #8092. 2017-03-11 17:44:05 -06:00
William Vu fe4f20c0cc
Land #7968, NETGEAR R7000 exploit 2017-03-10 16:02:30 -06:00
dmohanty-r7 25bfa88c46
Land #7877, Add mDNS query spoofing service 2017-03-10 15:44:57 -06:00
itsmeroy2012 1c54e0ba94 msftidy error updated 2.2 2017-03-10 23:59:38 +05:30
itsmeroy2012 6d8789a56e Updated msftidy error 2.1 2017-03-10 23:03:37 +05:30
itsmeroy2012 c0f17cf6b8 msftidy error updated 2.0 2017-03-10 22:16:27 +05:30
jvoisin 84b9449137 Add some binaries to enum_protections 
- gradm2 for grsec
- aa-status for apparmor
- getenforce for setlinux
 2017-03-10 14:16:58 +01:00
Mehmet Ince f6bac3ae31
Add iso link to md file and change CheckCode code 2017-03-10 13:00:49 +03:00
James Lee e7b65587b4
Move to a more descriptive name 2017-03-09 14:19:06 -06:00
James Lee e07d5332de Don't step on the payload accessor 2017-03-09 13:54:00 -06:00
James Lee d92ffe2d51 Grab the os.name when checking 2017-03-09 13:52:58 -06:00
James Lee 83f5f98bb0
Merge remote-tracking branch 'upstream/pr/8074' into land-8072 2017-03-09 11:08:29 -06:00
flakey-biscuits 0ab3ad86ee change dnalims_file_retrieve module type 2017-03-09 10:06:31 -05:00
flakey-biscuits 95a01b9f5e add dnaLIMS exploits 2017-03-09 09:46:18 -05:00
William Vu 081ca17ebf Specify default resource in start_service 
This eliminates the need to override resource_uri. Depends on #8078.
 2017-03-09 03:00:51 -06:00
wchen-r7 ed22902fd4 Support the subject field 2017-03-08 11:40:08 -06:00
Craig Smith f60dae0917 Lots of syntax fixups from rubocop 2017-03-08 09:21:33 -08:00
Ahmed Elhady Mohamed 183be81ba8 Easy File Sharing FTP Server Directory Traversal 2017-03-08 17:59:27 +02:00
= c52b0cba5e msftidy error on master updated 2017-03-08 20:58:01 +05:30
William Vu 0f899fdb0b Convert ARCH_CMD to CmdStager 2017-03-08 07:35:37 -06:00
Brent Cook e18eb98e49
Land #8019, fix issues from #7817 with post/multi/gather/firefox_creds 2017-03-08 05:46:21 -05:00
Koen Riepe c8215e609a
pushing fixes again, something failed. 2017-03-08 10:16:06 +01:00
Koen Riepe 2546263d50
Improved error handling and general fixes 2017-03-08 10:11:05 +01:00
root c5fb69bd89 Struts2 S2-045 Exploit 2017/03/08 2017-03-08 14:26:33 +08:00
root b73a884c05 struts2_s2045_rce.rb 2017-03-08 13:38:18 +08:00
nixawk 75a1d979dc Fix: Incorrect disclosure month forma 2017-03-07 20:28:29 -06:00
nixawk fc0f63e774 exploit Apache Struts2 S2-045 2017-03-07 20:10:59 -06:00
wchen-r7 e327f9b330 Update other module descriptions 2017-03-07 16:55:06 -06:00
wchen-r7 dc13b84189 Bring mms branch up to date w/ master 2017-03-07 16:13:39 -06:00
Jin Qian 7e19486a97
Merge branch 'wchen-r7-sms' into upstream-master 
Merged #8047
 2017-03-07 15:56:00 -06:00
= 7976966ce9 Issue 7923 - msftidy errors on master 2017-03-08 03:12:41 +05:30
wchen-r7 fbde0d18f2 Add auxiliary/client/mms/send_mms 2017-03-07 12:53:17 -06:00
Craig Smith 4e9b8946d8 Fixed some small msftidy issues 2017-03-06 22:47:37 -08:00
Craig Smith 60cd04bc7b Added module for zstumbler 2017-03-06 16:10:14 -08:00
juushya 0b5da60564 Added nil check + formatting edits 2017-03-07 02:17:21 +05:30
juushya d99d81992f Added nil check + formatting edits 2017-03-07 02:16:01 +05:30
juushya 05efb61d3b Added nil check + formatting edits 2017-03-07 02:14:18 +05:30
juushya 62b0efd99d Added nil check + formatting edits 2017-03-07 01:44:23 +05:30
juushya 9a5ab604e5 Added nil check + formatting edits 2017-03-07 01:21:07 +05:30
juushya 2d8e3c73f5 Minor edits 2017-03-07 00:20:05 +05:30
juushya 3ab214e758 Minor edits 2017-03-07 00:03:24 +05:30
wchen-r7 a466dc44c6 Do exception handling for sms client 2017-03-06 10:54:08 -06:00
Pearce Barry b5afac6627
Per PR #8054, we don't need the OUTPUTPATH option here. 2017-03-03 16:20:01 -06:00
Pearce Barry 4362c891b6
Land #8054, Fix #8052, remove forgotten OUTPUTPATH option 2017-03-03 15:36:30 -06:00
Brent Cook bb140b9581
fix deprecated target ARCH 2017-03-03 13:38:16 -06:00
William Webb d76e80bc44
Land #7424, Ektron Webservices XSLT Remote Code Execution 2017-03-03 12:12:21 -06:00
wchen-r7 48e06e27b0 Fix #8052, remove forgotten OUTPUTPATH option 
Fix #8052
 2017-03-03 12:00:07 -06:00
wchen-r7 6ad8afb8b3 Add API to send a text message (SMS) to mobile devices 2017-03-02 16:47:55 -06:00