infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
50,777 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

25827 Commits (c76714ccc6744962b0a315d33975804ab1fef7cf)

Author SHA1 Message Date
h00die 95ae4996eb spelling and spacing 2019-01-29 16:24:35 -05:00
h00die 4c14815343 c2s dvr password disclosure 2019-01-29 16:18:30 -05:00
William Vu b7bc52d20b Fix HTTP/SMB mixin order to restore SSL option 
Mixin order matters. Mixins kinda suck.
 2019-01-29 11:09:34 -06:00
bwatters 6c9a5b3fea
Update Cache Sizes 2019-01-28 15:53:19 -06:00
h00die 9930edf704 jtr modernizations 2019-01-25 14:07:24 -05:00
William Vu c8bf8781f5 Strip e-mail 2019-01-24 13:49:22 -06:00
William Vu 156851009b Remove incorrect documentation 
The comment is a lie.
 2019-01-24 13:48:45 -06:00
William Vu 0e6fbb439f Prefer Msf::Util::EXE.to_zip over system() 2019-01-24 13:47:47 -06:00
William Vu f0aa002009
Land #10119, Linux post-exploitation metashell 2019-01-24 11:24:12 -06:00
William Vu 8cdcba81fe Fix SessionTypes 2019-01-24 11:22:19 -06:00
William Vu 006faa3d17 Fix prompt 2019-01-24 11:21:45 -06:00
Pedro Ribeiro bb9f50c771
Reverted FILE changes 2019-01-24 22:04:01 +07:00
Pedro Ribeiro f5afe98111
Add github and full disc URL 2019-01-24 22:01:02 +07:00
Pedro Ribeiro 7e592bb8a9
Add github and full disc URL 2019-01-24 22:00:41 +07:00
Pedro Ribeiro e0eb802c16
Add github and full disc urls 2019-01-24 22:00:12 +07:00
Pedro Ribeiro 2bf663cf7d
Add full disclosure URL 2019-01-24 21:59:45 +07:00
Carter Brainerd 2d1cecd4d5
Fix request pattern matching 2019-01-23 13:39:52 -05:00
Tod Beardsley daa3076d42
Add CVE-2018-1000999 to MailCleaner module 
See PR #11148

This adds the new CVE assigned by DWF for this vulnerability.

Note that [CVE-2018-10933](https://www.cvedetails.com/cve/CVE-2018-10933/)
describes a vulnerability in libssh, but this one describes the issue as
it pertains to MailCleaner specifically.
 2019-01-23 09:27:12 -06:00
Carter Brainerd 47fd066a29
Msftidy 2019-01-22 21:06:11 -05:00
Carter Brainerd 1f56bccf31
Small improvements from review 2019-01-22 20:46:28 -05:00
Shelby Pace 2ae6142de7
Land #11243, Add ASan SUID Privesc 2019-01-22 15:50:53 -06:00
sinn3r fae1b52115
Land #11297, Fix a typo in auxiliary/dos/scada/allen_bradley_pccc 
typo fixed
 2019-01-22 11:41:29 -06:00
jdiog0 23e0389bf0 typo fixed 2019-01-22 13:33:24 +00:00
Pedro Ribeiro f4aaf6c816
Add https to msf link 2019-01-22 19:14:52 +07:00
Pedro Ribeiro e767af4533
add https to msf link 2019-01-22 19:14:24 +07:00
Pedro Ribeiro a099418bb8
Update nuuo_cms_file_download.rb 2019-01-22 19:00:26 +07:00
Pedro Ribeiro fbde697e3f
Update nuuo_cms_fu.rb 2019-01-22 18:57:02 +07:00
bcoles f6fc8a750d
Update modules/auxiliary/gather/nuuo_cms_file_download.rb 
Co-Authored-By: pedrib <pedrib@gmail.com>
 2019-01-22 18:55:09 +07:00
bcoles d45f38c88f
Update modules/auxiliary/gather/nuuo_cms_file_download.rb 
Co-Authored-By: pedrib <pedrib@gmail.com>
 2019-01-22 18:55:02 +07:00
Tim W 5fc0c66109 add version to check to safari exploit 2019-01-22 16:10:51 +08:00
Pedro Ribeiro f336f41182
Update nuuo_cms_sqli.rb 2019-01-22 12:50:02 +07:00
Pedro Ribeiro fa4c6896d2
Update nuuo_cms_file_download.rb 2019-01-22 12:49:20 +07:00
Pedro Ribeiro 49beac7010
Update nuuo_cms_bruteforce.rb 2019-01-22 12:47:09 +07:00
Pedro Ribeiro 4e1d79ac4b
Update nuuo_cms_fu.rb 2019-01-22 12:45:47 +07:00
Pedro Ribeiro da4bd2e9b8
Remove peer 2019-01-22 12:10:45 +07:00
Pedro Ribeiro 636461c363
remove peer 2019-01-22 12:10:08 +07:00
Pedro Ribeiro 4c9d5ad9a7
Remove peer 2019-01-22 12:09:39 +07:00
Pedro Ribeiro 0685ebed76
Remove peer as that is not needed 2019-01-22 12:08:41 +07:00
Pedro Ribeiro 9a068e9221
Repair CMS installation and use getsystem 2019-01-22 11:57:54 +07:00
Pedro Ribeiro 688ee3d579
Remove tested versions since that is already on the docs 2019-01-22 11:43:33 +07:00
Pedro Ribeiro 27cac0a9fe
Update nuuo_cms_file_download.rb 2019-01-21 18:10:19 +07:00
Pedro Ribeiro dc0f388b26
Update nuuo_cms_bruteforce.rb 2019-01-21 18:01:25 +07:00
Pedro Ribeiro 100fd7b80a
Make description shorter 2019-01-21 17:40:50 +07:00
Pedro Ribeiro 15d4ca9070
Add CMS link and manual ranking 2019-01-21 17:33:58 +07:00
bcoles f8de99422d
Add correct rand call 
Co-Authored-By: pedrib <pedrib@gmail.com>
 2019-01-21 17:31:23 +07:00
bcoles 5b699768fb
Add correct rand call 
Co-Authored-By: pedrib <pedrib@gmail.com>
 2019-01-21 17:31:08 +07:00
bcoles 88c74fcd40
add https for link 
Co-Authored-By: pedrib <pedrib@gmail.com>
 2019-01-21 17:30:54 +07:00
bcoles 01e510b48f
add failure tag 
Co-Authored-By: pedrib <pedrib@gmail.com>
 2019-01-21 17:30:35 +07:00
Pedro Ribeiro d0861811c2
Add files via upload 2019-01-21 17:17:36 +07:00
Pedro Ribeiro bd3d6ee6bf
Create nuuo_cms_sqli.rb 2019-01-21 17:14:41 +07:00
Pedro Ribeiro 3a3d163474
Add nuuo CMS bruteforce module 2019-01-21 17:11:27 +07:00
Pedro Ribeiro 9ffff16e95
Add Nuuo CMS file upload exploit 2019-01-21 17:06:10 +07:00
Brendan Coles 060d20694d Attribution 2019-01-20 09:18:43 +00:00
spinfoo 4ec5e7d23a msftidy cleanup 2019-01-19 18:16:26 +01:00
spinfoo 2bcdc550c6 Support to retrieve data from ListConfigFiles SAP webmethod 2019-01-19 17:36:47 +01:00
spinfoo 8dffa35f04 Support to retrieve data from ListConfigFiles webmethod 2019-01-19 14:45:34 +01:00
h00die f47060870a horde imp h3 imap_open 2019-01-18 19:43:45 -05:00
h00die 2585e4b708 horde imp h3 imap_open 2019-01-18 19:38:30 -05:00
William Vu f8af9a9e4d Merge remote-tracking branch 'upstream/master' into pr/10119 2019-01-18 10:43:34 -06:00
Carter Brainerd 1121ce1127
Change default filename to random 2019-01-17 20:12:53 -05:00
h00die 5d49f04948 not working horde imp imap_open 2019-01-17 19:55:42 -05:00
Clément Notin 31a7b13c19
ms17_010_psexec: fix RHOST in "authenticating..." message 2019-01-16 11:23:21 +01:00
Brent Cook 1947bae45b
Land #11230, add JuicyPotato local privilege escalation 2019-01-15 21:20:25 -06:00
William Vu 06de16a36f Merge remote-tracking branch 'upstream/master' into pr/10119 2019-01-15 18:33:48 -06:00
Luis Rosa ffe5db4010 new pcom client mode that allows to read and write 
several types of operands
 2019-01-16 00:16:38 +00:00
Wei Chen 27d6fffdad
Land #11125, Import/generate `ysoserial` Java serialization objects 2019-01-15 17:09:56 -06:00
h00die a73fe9433b
land #11169 blueman priv esc on linux 2019-01-15 10:32:46 -05:00
Jacob Robles 923a4ba098
Land #11263, uppercase KoreLogic in JTR modules 2019-01-15 08:50:11 -06:00
Jacob Robles 9616a9f79d
Land #11245, doc update for chrome_cookies 2019-01-15 07:27:35 -06:00
Jacob Robles 04363b7b7e
Doc update 
post:chrome_cookies
 2019-01-15 07:19:46 -06:00
h00die 93f66a1f22 uppercase 2019-01-15 08:04:11 -05:00
bcoles 8c636f27d5
Update check method to confirm vulnerability 2019-01-15 11:31:31 +11:00
Wei Chen 47f8738f74 Add Imran Rashid to CVE-2018-11770 credit 2019-01-14 15:28:08 -06:00
Wei Chen 52ff0a8b75 Update exploits/linux/http/spark_unauth_rce as CVE-2018-11770 2019-01-14 15:10:29 -06:00
Carter Brainerd 8cd26b74d7
Please msftidy gods 2019-01-13 19:22:51 -05:00
Carter Brainerd 171d46db9b
Add disclosure date, more references, and authors 2019-01-13 19:11:05 -05:00
Carter Brainerd 89e8ff9c80
Update office_excel_slk.rb 2019-01-13 18:08:51 -05:00
Carter Brainerd d88d1d0f1d
Create office_excel_slk.rb 2019-01-13 17:31:34 -05:00
Brendan Coles c6f4eda7f9 Add ASan SUID Executable Privilege Escalation module 2019-01-12 09:14:20 +00:00
phra e69d509bdf
chore: update description and ranking 2019-01-12 04:32:21 +01:00
phra 3a865a0c05
feat: spawn as NT AUTHORITY\SYSTEM 2019-01-12 04:03:26 +01:00
William Vu e9a8d5708a
Land #11234, @bcoles revisionism 2019-01-11 20:15:34 -06:00
Brendan Coles fe6956d7f7 Use mixins 2019-01-11 22:46:58 +00:00
Brendan Coles 20fd6b6134 Add check for writable and nosuid WritableDir 2019-01-11 22:41:14 +00:00
phra 149f895329
feat: add LOGFILE support for debug 2019-01-11 18:21:54 +01:00
phra dca99552e6
feat: pass payload length to the dll 2019-01-11 16:28:49 +01:00
phra 7653d64c4a
fix: improve exploit check 2019-01-11 15:38:57 +01:00
Brendan Coles 24f807490f revisionism 2019-01-10 19:19:14 +00:00
Brent Cook 9f8bac59f7
Land #11215, success 2019-01-10 12:57:46 -06:00
Brent Cook 86850e7062
Land #11217, fix syntax and logic errors in badpdf module 2019-01-10 12:52:08 -06:00
sinn3r 74330f87dc
Land #11223 - ueb priv esc suggestion 
ueb priv esc suggestion.
 2019-01-10 10:35:28 -06:00
phra dc2d3c5774
feat: add juicy potato post module, fixes #11229 2019-01-10 17:20:43 +01:00
Jacob Robles 2f939481e7
Land #11206, add coldfusion ckeditor file upload 2019-01-10 07:27:38 -06:00
Jacob Robles b81f59e7b1
Fix targets and syntax changes 2019-01-10 06:39:45 -06:00
h00die 799a79b715 ueb priv esc suggestion 2019-01-09 20:28:53 -05:00
Luis Rosa 4bfb90ce06 new PCOM module to send admin commands 2019-01-09 20:27:15 +00:00
William Vu 913c80c352
Land #11106, Allen-Bradley legacy protocol DoS 2019-01-09 12:12:02 -06:00
William Vu 0f156140fe Clean up module 2019-01-09 12:11:50 -06:00
Jacob Robles 307cc8c107
fix comment 2019-01-09 11:12:51 -06:00
Clément Notin cf1b4b43cb
auxiliary/fileformat/badpdf: fix syntax and logic error in options handling 2019-01-09 14:30:24 +01:00
Jacob Robles 0c984fa232
Fix messages /successfuly/successfully 2019-01-09 06:32:22 -06:00
Jacob Robles 16b8cf7059
Land #11148, Adding Module MailCleaner RCE 2019-01-08 14:10:31 -06:00
Jacob Robles a0acfa79d7
Target payloads 2019-01-08 13:27:26 -06:00
Jacob Robles c2da3dbbd3
Land #11052, Add gather chrome cookies post module 2019-01-08 07:32:16 -06:00
Jacob Robles a95384e288
Additional support and code cleanup 2019-01-08 06:57:56 -06:00
William Vu f96514528b
Land #10648, auth bypass for couchdb_enum 2019-01-07 12:53:11 -06:00
William Vu 3a726554e9 Fix review comments 2019-01-07 12:51:52 -06:00
Qazeer a63c057c3a Integrate bcoles' comments (filename generation, conditional block improvement, etc.) 2019-01-06 22:50:46 +01:00
Qazeer c03466d2f2 Fixed date format issue and added Bugtraq ID 2019-01-06 14:34:40 +01:00
Qazeer 4644ad8966 Add CVE-2018-15961 Adobe ColdFusion CKEditor unrestricted file upload 2019-01-06 04:55:20 +01:00
Brent Cook e990bb31df
Land #11182, bump mettle, change debug and background options 2019-01-03 02:57:19 -06:00
Alex 811605a9b8 Cleanup headless Chrome process for meterpreter sessions 2018-12-30 18:05:41 +11:00
Brendan Coles 5957315167
Land #11141, Ensure Byte XORi Encoder uses cacheflush() 2018-12-29 10:20:07 +00:00
Brendan Coles 005b2664b8
Land #11140, Ensure MIPS Long XOR Encoder uses cacheflush() 2018-12-29 10:14:47 +00:00
bwatters 9e109c7e7c
Update cache size 2018-12-28 16:08:15 -06:00
Shelby Pace 29e7c49332
Land #10444, add Consul rexec RCE module 2018-12-28 09:14:28 -06:00
Shelby Pace fb8f06b2f5
Land #10443, add Consul service RCE module 2018-12-28 08:33:56 -06:00
Mehmet İnce 4e8ad22a7a Adding CVE number 2018-12-26 13:15:36 +03:00
Green-m 69e7956adf
Land #11174, Fix platform bug when upgrade shell. 
The platform on windows powershell should be 'win', rather than
'windows', this bug leads to failure when upgrade powershell session
to meterpreter.
 2018-12-26 11:31:39 +08:00
Mehmet İnce fa542b9691 Adding platform and arch to top level 2018-12-25 15:56:25 +03:00
L ee7120d63a fixed post/multi/manage/shell_to_meterpreter 2018-12-25 15:00:39 +08:00
Quentin Kaiser 18c844623a Remove extra spaces. 2018-12-24 13:48:07 +01:00
Quentin Kaiser e10792f4e6 Remove extra space. 2018-12-24 13:30:03 +01:00
Tim W 58aebb6dec fix #11133, sleep to avoid the second stage being read too early 2018-12-24 19:26:10 +08:00
Brendan Coles 98dc59728e Add blueman set_dhcp_handler D-Bus Privilege Escalation 2018-12-24 08:03:55 +00:00
Brent Cook b9742802aa
Land #11137, Clean up linux/local/vmware_alsa_config exploit module 2018-12-21 17:04:11 -06:00
Garvit Dewan 81f4ed6db3
Add references and remove reserved function calls 2018-12-22 00:30:37 +05:30
Garvit Dewan 5838ad87fb
Check if directory and file exist and report accordingly 2018-12-21 19:36:01 +05:30
Jacob Robles 4bc871c499
Add CmdStager to erlang_cookie_rce 2018-12-21 07:33:37 -06:00
Garvit Dewan ba9c7039f7
Add psreadline_history module 2018-12-21 18:18:21 +05:30
Brent Cook c959c98161 add original public research author 2018-12-21 02:54:35 -06:00
Brent Cook a7e8afe760 update references, remove unused metadata, use more straightforward string operations 2018-12-21 02:54:35 -06:00
Brent Cook 0dab74a71f tweak description 2018-12-21 02:54:35 -06:00
Brent Cook 46acd7a206 simplify 2018-12-21 02:54:35 -06:00
Brent Cook 2f35695327 update web link 2018-12-21 02:54:35 -06:00
Brent Cook ac51fbd122 style fixes 2018-12-21 02:54:35 -06:00
Brent Cook dc6ae6f058 initial import, CVE-2016-4117 OSX exploit 2018-12-21 02:54:35 -06:00
Brent Cook b83c6ad496
Land #11149, fix a PTY leak in Python Meterpreter 2018-12-20 17:30:42 -06:00
Quentin Kaiser bf2de42077 Now supports all version of Consul. 2018-12-20 18:56:07 +01:00
Quentin Kaiser 2919b970cd Implement execution checks with a timeout limit so we don't leave zombie checks running in background. 2018-12-20 18:41:35 +01:00
Quentin Kaiser ba5c40db77 No need for CVE field. 2018-12-20 18:18:53 +01:00
Mehmet İnce 9481ad04f2 Adding support for ARCH_CMD and updating docs 2018-12-20 12:12:01 +03:00
William Vu 5af05ad976
Land #11143, nc -j fix for cups_root_file_read 2018-12-19 22:37:00 -06:00
Jeffrey Martin bf4bb0a5b9
bump metasploit-payloads gem 
Update metasploit-payloads gem to 1.3.57 to pick up
fix for Python Meterpreter PTY Leak from rapid7/metasploit-payloads#319
 2018-12-19 18:19:24 -06:00
Mehmet İnce 68ceb08957 Fixing minor issues such as err codes 2018-12-19 22:17:34 +03:00
asoto-r7 d601837e03
Land #10401, java_jmx_server scanner for Java JMX MBean servers 2018-12-19 13:12:03 -06:00
asoto-r7 50b7d93a18
java_jmx_scanner: Incorporate @bcoles suggestions 2018-12-19 12:56:53 -06:00
Wei Chen f7eb3452be
Land #11083, set user agent in Windows reverse_http(s) stagers 2018-12-19 11:38:12 -06:00
Mehmet İnce e5c8c18ded Adding Mailcleaner exec 2018-12-19 17:35:40 +03:00
Jacob Robles 6921b79890
Land #11089, Erlang cookie rce exploit module 2018-12-19 08:02:40 -06:00