infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
47,923 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

47923 Commits (c24ceb948390511908bf866906ed16c506f0c079)

Author SHA1 Message Date
James Barnett 2ef639f99e
opts[:id] could sometimes be an integer, so cast to string 2018-07-31 10:58:01 -05:00
Jacob Robles 6c11d5800f
Register files on same line 2018-07-31 10:03:59 -05:00
Jacob Robles 569ddd9d59
Remove files from application 2018-07-31 09:47:39 -05:00
Dhiraj Mishra 323c814abf
Fixing some tweaks 2018-07-31 19:52:39 +05:30
Dhiraj Mishra 55dce52bea
Fixing some tabbed indent 2018-07-31 18:24:28 +05:30
Dhiraj Mishra 3a7d18a98d
Fixing, Warning of EOL 2018-07-31 18:11:09 +05:30
Dhiraj Mishra bdd2ceba2b
Documentation 2018-07-31 18:07:57 +05:30
Dhiraj Mishra d9e94f94dc
Oracle GlassFish 2018-07-31 17:59:03 +05:30
Alexander Halbarth 80d5d1d4ee
use variable port instead of datastore 2018-07-31 07:38:09 +02:00
Alexander Halbarth b0fa17ccfb
Better output added to joomla_pages 2018-07-31 07:29:56 +02:00
Metasploit d29dd4c535
automatic module_metadata_base.json update 2018-07-30 19:16:41 -07:00
Wei Chen bcfb3d099b
Land #10255, Adding Micro Focus Secure Messaging Gateway RCE 2018-07-30 21:07:02 -05:00
Wei Chen 7d08c71722 Update documentation about how to make it vulnerable again 2018-07-30 21:05:46 -05:00
Mehmet İnce 48a903f0b3 Fixing r and sql variables use same object issue 2018-07-31 00:57:32 +03:00
Shelby Pace ca8a01d27c
getting filenames in http responses 2018-07-30 16:25:45 -05:00
James Barnett 7dc14f59f4
We're using named parametes now 2018-07-30 15:38:48 -05:00
James Barnett 0843e6789d
Fix private data not displaying for creds 
Also fix issue where delete and update cred were not using the data format
 2018-07-30 15:31:38 -05:00
Shelby Pace 7cf2c840a3
metadata set up 2018-07-30 14:25:58 -05:00
Metasploit 585a6df2c2
automatic module_metadata_base.json update 2018-07-30 12:24:25 -07:00
William Vu 129fd44350
Land #10305, SonicWall XML-RPC RCE 2018-07-30 14:14:26 -05:00
Metasploit ba93404bb9
automatic module_metadata_base.json update 2018-07-30 12:13:44 -07:00
William Vu 51ffe7abba Add header to doc 2018-07-30 14:07:54 -05:00
William Vu 38f6b8aada Clean up module 2018-07-30 14:06:33 -05:00
James Barnett d1f09ca81c
Add path selection for GET requests 
Also remove instances where workspace is passed for
single object lookups since it is no longer required
 2018-07-30 13:56:34 -05:00
William Vu ce9f447a29
Land #10384, upload_exec fixes 2018-07-30 13:55:40 -05:00
William Vu 3b2f614653
Land #10398, unused option cleanup in enum_juniper 2018-07-30 13:52:52 -05:00
h00die 7c8190573c remove unused juniper options 2018-07-30 14:20:01 -04:00
Metasploit 6752582bc0
automatic module_metadata_base.json update 2018-07-30 11:18:01 -07:00
Jacob Robles 4ed2cc8189
Land #10397, Added line in psexec_psh to support SMB2 2018-07-30 13:06:00 -05:00
Metasploit d62a960359
automatic module_metadata_base.json update 2018-07-30 10:42:41 -07:00
bwatters-r7 cdefb88770
Added line to support SMB2 2018-07-30 12:37:06 -05:00
Jacob Robles 952ab801e8
Land #10060, vTiger CRM v6.3.0 Upload RCE 2018-07-30 12:32:24 -05:00
Jacob Robles 62f663207b
Change option type 2018-07-30 12:15:59 -05:00
Jacob Robles fe9315dc89
Update module, Add documentation 2018-07-30 12:11:08 -05:00
James Barnett 4c92de0b55
Refactor logic for determining single object output. 
Also add restrictions on passing id as a query string param
 2018-07-30 11:42:45 -05:00
Metasploit 7596366df0
automatic module_metadata_base.json update 2018-07-30 07:16:54 -07:00
Shelby Pace d58785f959
Land #10247, add WordPress Arbitrary File Deletion 2018-07-30 09:05:23 -05:00
reka193 ece9a72d13
Removed tabs 2018-07-30 15:07:55 +02:00
reka193 5962fa752e
Fixes in aws_ec2_instance_metadata 
@@ -36,7 +36,7 @@ def initialize(info = {})

    - unless resp =~ /^instance-id.$/m
    + unless resp =~ /^instance-id$/m
The original regex requires one character after 'instance-id' which is not present in the instance.

@@ -50,15 +50,16 @@ def check_curl

    - base_resp.split(/\r\n/).each do |l|
    -    new_uri = base_uri.merge("./#{l}")
    + base_resp.split(/\r?\n/).each do |l|
    +   new_uri = "#{base_uri}#{l}"

    - key_uri = new_uri.merge("./#{key_id}/")
    - key_resp = simple_get(key_uri)
    + new_uri = new_uri.slice(0..(new_uri.index(%r{/public-keys/})+'/public-keys'.length))
    + key_uri = "#{new_uri}#{key_id}/"
    + key_resp = simple_get(key_uri)

1. merge function was causing 'rescue in merge' errors
2. the split function could not succeed, there were no '\r\n' between the lines but '\n' only
3. the special case was not handled correctly 
was trying to curl http://169.254.169.254/latest/meta-data/public-keys/0=Key0/ instead of http://169.254.169.254/latest/meta-data/public-keys/0/

@@ -94,6 +95,6 @@ def setup

    - cmd_exec("curl #{url}")
    + cmd_exec("curl -s #{url}")
Curl was causing issues when not in silent mode.
 2018-07-30 14:02:15 +02:00
reka193 6790ac1998
Reset to original 2018-07-30 10:48:32 +02:00
h00die c440eeaa31 rogue end 2018-07-29 10:35:33 -04:00
h00die 53cca07442 bcoles suggestions 2018-07-29 10:31:01 -04:00
James Barnett 9cd99cbc17
Fix error when id param is present in GET request 2018-07-28 22:55:03 -05:00
James Barnett 9e08bf6ec2
Fix logic issue when processing HTTP requests 2018-07-28 15:23:56 -05:00
James Barnett 37706e094d
Dont wrap object in array when using ID parameter 2018-07-27 16:41:11 -05:00
James Barnett 829b43f743
Address minor code review comments 2018-07-27 16:19:17 -05:00
Erin Bleiweiss d4b5e27edc remove whitespace 2018-07-27 16:03:16 -05:00
Erin Bleiweiss 57c9a3544a delete unnecessary proxy files 2018-07-27 16:01:45 -05:00
Erin Bleiweiss 3e41db6994 refactor for more dry, more compartmentalized code 2018-07-27 16:00:19 -05:00
Erin Bleiweiss 4ac11d4e70 parameter validation 2018-07-27 15:15:49 -05:00