infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
31,312 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

686 Commits (ad28f9767f27eb8ca24f04f0479a650b6b24a2f8)

Author SHA1 Message Date
rastating 82e6183136 Add Msf::Exploit::FileDropper mixin 2015-01-08 21:07:00 +00:00
rastating 93dc90d9d3 Tidied up some code with existing mixins 2015-01-08 20:53:56 +00:00
rastating 7b92c6c2df Add WP Symposium Shell Upload module 2015-01-07 22:02:39 +00:00
sinn3r 44dfa746eb Resolve #4513 - Change #inspect to #to_s 
Resolve #4513
 2015-01-05 11:50:51 -06:00
jvazquez-r7 b5b0be9001 Do minor cleanup 2014-12-26 11:24:02 -06:00
Brendan Coles 5c82b8a827 Add ProjectSend Arbitrary File Upload module 2014-12-23 10:53:03 +00:00
Jon Hart 025c0771f8
Have exploit call check. Have check report_vuln 2014-12-15 09:53:11 -08:00
Jon Hart f521e7d234
Use newer Ruby hash syntax 2014-12-15 09:17:32 -08:00
Jon Hart c93dc04a52
Resolve address before storing the working cred 2014-12-15 09:11:12 -08:00
Jon Hart 5ca8f187b3 Merge remote-tracking branch 'upstream/pr/4328' into temp 2014-12-15 08:15:51 -08:00
Brendan Coles 4530066187 return nil 2014-12-15 01:04:39 +11:00
Brendan Coles 55d9e9cff6 Use list of potential analytics hosts 2014-12-14 23:15:41 +11:00
jvazquez-r7 008c33ff51 Fix description 2014-12-12 13:36:28 -06:00
jvazquez-r7 b334e7e0c6
Land #4322, @FireFart's wordpress exploit for download-manager plugin 2014-12-12 12:41:59 -06:00
jvazquez-r7 aaed7fe957 Make the timeout for the calling payload request lower 2014-12-12 12:41:06 -06:00
Jon Hart 00f66b6050
Correct named captures 2014-12-12 10:22:14 -08:00
jvazquez-r7 98dca6161c Delete unused variable 2014-12-12 12:03:32 -06:00
jvazquez-r7 810bf598b1 Use fail_with 2014-12-12 12:03:12 -06:00
Jon Hart 1e6bbc5be8
Use blank? 2014-12-12 09:51:08 -08:00
jvazquez-r7 4f3ac430aa
Land #4341, @EgiX's module for tuleap PHP Unserialize CVE-2014-8791 2014-12-12 11:48:25 -06:00
jvazquez-r7 64f529dcb0 Modify default timeout for the exploiting request 2014-12-12 11:47:49 -06:00
Jon Hart 24f1b916e0 Minor ruby style cleanup 2014-12-12 09:47:35 -08:00
Jon Hart 1d1aa5838f Use Gem::Version to compare versions in check 2014-12-12 09:47:01 -08:00
jvazquez-r7 d01a07b1c7 Add requirement to description 2014-12-12 11:42:45 -06:00
jvazquez-r7 fd09b5c2f6 Fix title 2014-12-12 10:52:18 -06:00
jvazquez-r7 4871228816 Do minor cleanup 2014-12-12 10:52:06 -06:00
Christian Mehlmauer 544f75e7be
fix invalid URI scheme, closes #4362 2014-12-11 23:34:10 +01:00
EgiX 700ccc71e7 Create tuleap_unserialize_exec.rb 2014-12-09 10:15:46 +01:00
Brendan Coles 42744e5650 Add actualanalyzer_ant_cookie_exec exploit 2014-12-06 19:09:20 +00:00
Christian Mehlmauer 5ea062bb9c
fix bug 2014-12-05 11:30:45 +01:00
Christian Mehlmauer 55b8d6720d
add wordpress download-manager exploit 2014-12-05 11:17:54 +01:00
jvazquez-r7 c77a0984bd
Land #3989, @us3r777's exploit for CVE-2014-7228, Joomla Update unserialize 
the commit.
 empty message aborts
 2014-10-20 13:39:08 -05:00
jvazquez-r7 4e6f61766d Change module filename 2014-10-20 13:31:22 -05:00
jvazquez-r7 e202bc10f0 Fix title 2014-10-20 13:30:44 -05:00
jvazquez-r7 f07c5de711 Do code cleanup 2014-10-20 13:27:48 -05:00
jvazquez-r7 052a9fec86 Delete return 2014-10-20 10:52:33 -05:00
jvazquez-r7 199f6eba76 Fix check method 2014-10-20 10:46:40 -05:00
us3r777 16101612a4 Some changes to use primer 
Follow wiki How-to-write-a-module-using-HttpServer-and-HttpClient
 2014-10-20 17:26:16 +02:00
us3r777 1e143fa300 Removed unused variables 2014-10-20 16:58:41 +02:00
URI Assassin 35d3bbf74d
Fix up comment splats with the correct URI 
See the complaint on #4039. This doesn't fix that particular
issue (it's somewhat unrelated), but does solve around
a file parsing problem reported by @void-in
 2014-10-17 11:47:33 -05:00
Tod Beardsley b1223165d4
Trivial grammar fixes 2014-10-14 12:00:50 -05:00
us3r777 444b01c4b0 Typo + shorten php serialized object 2014-10-12 21:29:04 +02:00
us3r777 2428688565 CVE-2014-7228 Joomla/Akeeba Kickstart RCE 
Exploit via serialiazed PHP object injection. The Joomla! must be
updating more precisely, the file $JOOMLA_WEBROOT/administrator/
components/com_joomlaupdate/restoration.php must be present
 2014-10-09 18:51:24 +02:00
Christian Mehlmauer 1584c4781c Add reference 2014-10-09 06:58:15 +02:00
jvazquez-r7 4f96d88a2f
Land #3949, @us3r777's exploit for CVE-2014-6446, wordpress infusionsoft plugin php upload 2014-10-08 16:35:49 -05:00
jvazquez-r7 66a8e7481b Fix description 2014-10-08 16:35:14 -05:00
jvazquez-r7 8ba8402be3 Update timeout 2014-10-08 16:32:05 -05:00
jvazquez-r7 bbf180997a Do minor cleanup 2014-10-08 16:29:11 -05:00
us3r777 03888bc97b Change the check function 
Use regex based detection
 2014-10-06 18:56:01 +02:00
us3r777 29111c516c Wordpress Infusionsoft Gravity Forms CVE-2014-6446 
The Infusionsoft Gravity Forms plugin 1.5.3 through 1.5.10 for
WordPress does not properly restrict access, which allows remote
attackers to upload arbitrary files and execute arbitrary PHP
code via a request to utilities/code_generator.php.
 2014-10-06 14:10:01 +02:00
Christian Mehlmauer f45b89503d change WPVULNDBID to WPVDB 2014-10-03 17:13:18 +02:00
Christian Mehlmauer 33b37727c7 Added wpvulndb links 2014-10-02 23:03:31 +02:00
jvazquez-r7 9acccfe9ba Fix description 2014-09-19 17:18:59 -05:00
jvazquez-r7 d826132f87 Delete CVE, add EDB 2014-09-19 17:16:03 -05:00
jvazquez-r7 7afbec9d6c
Land #2890, @Ahmed-Elhady-Mohamed module for OSVDB 93034 2014-09-19 17:12:49 -05:00
jvazquez-r7 1fa5c8c00c Add check method 2014-09-19 17:11:16 -05:00
jvazquez-r7 ce0b00bb0b Change module location and filename 2014-09-19 16:59:35 -05:00
Brendan Coles 564431fd41 Use arrays in refs for consistency 2014-08-18 18:54:54 +00:00
Brendan Coles b8b2e3edff Add HybridAuth install.php PHP Code Execution module 2014-08-16 23:31:46 +00:00
jvazquez-r7 a79eec84ac
Land #3584, @FireFart's update for wp_asset_manager_upload_exec 2014-07-30 10:28:51 -05:00
jvazquez-r7 9de8297848 Use [] for References 2014-07-30 10:28:00 -05:00
jvazquez-r7 58fbb0b421 Use [] for References 2014-07-30 10:24:14 -05:00
Christian Mehlmauer 75057b5df3
Fixed variable 2014-07-29 21:02:15 +02:00
Christian Mehlmauer cc3285fa57
Updated checkcode 2014-07-29 20:53:54 +02:00
Christian Mehlmauer 61ab88b2c5
Updated wp_asset_manager_upload_exec module 2014-07-29 20:53:18 +02:00
Christian Mehlmauer e438c140ab
Updated wp_property_upload_exec module 2014-07-29 20:34:34 +02:00
Christian Mehlmauer 621e85a32d
Correct version 2014-07-28 22:45:04 +02:00
Christian Mehlmauer d334797116
Updated foxpress module 2014-07-28 22:23:22 +02:00
jvazquez-r7 79fe342688
Land #3558, @FireFart's improvements to wordpress mixin 2014-07-28 09:52:20 -05:00
Christian Mehlmauer a6479a77d6
Implented feedback from @jhart-r7 2014-07-22 19:49:58 +02:00
Christian Mehlmauer baff003ecc
extracted check version to module 
also added some wordpress specs and applied
rubocop
 2014-07-22 17:02:35 +02:00
sinn3r 6048f21875
Land #3552 - Correct DbVisualizer title name 2014-07-21 13:07:33 -05:00
Tod Beardsley a41768fd7d
Correct DbVisualizer title name 
I think "DbVis Software" is the name of the company and the product
itself is called DbVisualizer.

Also fixed the description on the WPTouch module.
 2014-07-21 12:35:01 -05:00
Christian Mehlmauer a809c9e0b5
Changed to vprint and added comment 2014-07-18 22:15:56 +02:00
Christian Mehlmauer c6e129c622
Fix rubocop warnings 2014-07-18 21:58:33 +02:00
Christian Mehlmauer c1f612b82a
Use vprint_ instead of print_ 2014-07-15 06:58:33 +02:00
Christian Mehlmauer 144c6aecba
Added WPTouch fileupload exploit 2014-07-14 21:35:18 +02:00
jvazquez-r7 8937fbb2f5 Fix email format 2014-07-11 12:45:23 -05:00
Tod Beardsley 9fef2ca0f3
Description/whitespace changes (minor) 
Four modules updated for the weekly release with minor cosmetic fixes.

- [ ] See all affected modules still load.
- [ ] See all affected modules have expected `info`
 2014-07-07 12:39:05 -05:00
Christian Mehlmauer d5843f8eaf
Updated Mailpoet exploit to work with another version 2014-07-06 10:53:40 +02:00
William Vu cf5d29c53b
Add EOF newline to satisfy msftidy 2014-07-05 13:51:12 -05:00
HD Moore 6d9bf83ded Small fixes for the recent WP MailPoet module 
Correct casing in the title
Anchor the use of ::File
Force body.to_s since it can be nil in corner cases
 2014-07-05 13:17:23 -05:00
jvazquez-r7 2efa3d6bc0
Land #3487, @FireFart's exploit for WordPress MailPoet file upload 2014-07-03 14:34:58 -05:00
jvazquez-r7 97a6b298a8 Use print_warning 2014-07-03 13:38:20 -05:00
Christian Mehlmauer dcba357ec3
implement feedback 2014-07-03 20:27:08 +02:00
Christian Mehlmauer aeb4fff796
Added FileDropper 2014-07-03 19:25:31 +02:00
Christian Mehlmauer 071f236946
Changed check method 2014-07-02 22:31:02 +02:00
Christian Mehlmauer a58ff816c5
Changed check method 2014-07-02 22:29:00 +02:00
Christian Mehlmauer 40175d3526
added check method 2014-07-02 11:07:58 +02:00
Christian Mehlmauer 54a28a103c
Updated description 2014-07-02 10:49:28 +02:00
Christian Mehlmauer 1ff549f9c1
Replaced Tab 2014-07-02 10:35:30 +02:00
Christian Mehlmauer 09131fec28
Added wysija file upload exploit 2014-07-02 10:24:27 +02:00
Spencer McIntyre bd49d3b17b Explicitly use the echo stager and deregister options 
Certain modules will only work with the echo cmd stager so
specify that one as a parameter to execute_cmdstager and
remove the datastore options to change it.
 2014-06-28 16:21:08 -04:00
jvazquez-r7 870fa96bd4 Allow quotes in CmdStagerFlavor metadata 2014-06-27 08:34:56 -04:00
jvazquez-r7 91e2e63f42 Add CmdStagerFlavor to metadata 2014-06-27 08:34:55 -04:00
jvazquez-r7 7ced5927d8 Use One CMDStagermixin 2014-06-27 08:34:55 -04:00
Spencer McIntyre ae25c300e5 Initial attempt to unify the command stagers. 2014-06-27 08:34:55 -04:00
Christian Mehlmauer 8e1949f3c8
Added newline at EOF 2014-06-17 21:03:18 +02:00
Christian Mehlmauer 8d4d40b8ba
Resolved some Set-Cookie warnings 2014-05-24 00:34:46 +02:00
jvazquez-r7 69369c04b3
Land #3126, @xistence's exploit for SePortal 2014-03-28 13:52:59 -05:00