infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
44,967 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

1448 Commits (c9d41f215d5018bd37a56fbc2e93e44a998c0520)

Author SHA1 Message Date
William Vu 4b225c30fd
Land #9368, ye olde NIS ypserv map dumper 2018-01-10 22:02:36 -06:00
William Vu f5210ed6d6 Update module doc with missing options 2018-01-10 20:18:50 -06:00
Wei Chen 6510ee53bc
Land #9204, Add exploit for Samsung SRN-1670D (CVE-2017-16524) 
Land #9204
 2018-01-10 20:15:29 -06:00
Wei Chen 18c179a091 Update module and add documentation 
This updates the module to pass:

* msftidy
* Ruby style guidelines
* Proper usage of Metasploit API
* Mostly other cosmetic fixes

A documentation is also added.
 2018-01-10 20:13:42 -06:00
Wei Chen 7e2c7837e5
Land #9325, Add CVE-2017-6090 phpCollab 2.5.1 file upload exploit module 
Land #9325
 2018-01-10 17:39:50 -06:00
Wei Chen b1f3f471f3 Update phpcollab_upload_exec code (also module documentation) 2018-01-10 17:38:52 -06:00
Wei Chen 8d77f35b16
Land #9373, Add LabF nfsAxe FTP Client 3.7 Stack Buffer Overflow 
Land #9373
 2018-01-09 22:40:50 -06:00
Wei Chen 25280e3319 Update labf_nfsaxe and module documentation 2018-01-09 22:39:40 -06:00
Wei Chen 777e383568
Land #9377, Add HPE iMC dbman RestoreDBase Unauthenticated RCE exploit 
Land #9377
 2018-01-09 13:56:53 -06:00
Wei Chen a0c9cdd73d
Land #9376, Add HPE iMC dbman RestartDB Unauthenticated RCE exploit 
Land #9376
 2018-01-09 13:28:03 -06:00
Wei Chen b06db60a56 Fix typos 2018-01-09 11:20:02 -06:00
Wei Chen 7b6a8af387 Update commvault_cmd_exec module documentation 2018-01-08 15:42:01 -06:00
William Vu bbad416a86 Add module doc to appease the @h00die god 2018-01-08 15:02:39 -06:00
Wei Chen d138f1508c
Land #9340, Add exploit for Commvault Remote Command Injection 
Land #9340
 2018-01-07 12:17:26 -06:00
Brendan Coles a1a594d1f8 Add documentation 2018-01-06 05:09:24 +00:00
Brendan Coles 9ec17bdd54 Add documentation 2018-01-06 05:08:33 +00:00
Daniel Teixeira 160f960f78
Add files via upload 2018-01-04 20:25:41 +00:00
h00die 65f444ddcc
land #9362 exploit for pfsense graph injection 2018-01-04 14:35:52 -05:00
Brent Cook 520e890520
Land #8581, VMware Workstation ALSA Config File Local Privilege Escalation 2018-01-03 21:35:57 -06:00
Wei Chen b8dde2e650 Land #9360, Ayukov NFTP FTP client buffer overflow vulnerability 
Land #9360
 2018-01-03 20:56:12 -06:00
Wei Chen 04cf3017c0 Update ayukov_nftp exploit and module documentation 2018-01-03 20:52:57 -06:00
William Vu c3f10c1d57
Land #9336, Linksys WVBR0-25 exploit 2018-01-03 18:13:44 -06:00
headlesszeke 589de0483b Clarification in product linkage and small syntax fixup in repro steps 2018-01-03 17:00:26 -06:00
dmohanty-r7 a5fa63405f
Land #9206, Add Xplico RCE exploit module 2018-01-03 16:02:51 -06:00
headlesszeke 3b0f0aa358 Adding doc file for module linksys_wvbr0_user_agent_exec_noauth 2018-01-02 14:54:18 -06:00
wetw0rk 8f0e41e159 requested changes 2018-01-01 17:30:43 -06:00
wetw0rk bc088cb379 added md 2018-01-01 05:46:04 -06:00
Daniel Teixeira 76d345039d
Create ayukov_nftp.md 2017-12-31 15:42:32 +00:00
HD Moore 54159c29eb Add documentation line from h00die 2017-12-29 16:14:28 -06:00
h00die 3516305517
land #9191 an exploit against HP LoadRunner magentproc 2017-12-29 16:35:43 -05:00
h00die b698095c49 slight updates to magentproc docs 2017-12-29 16:30:32 -05:00
Jeffrey Martin bb97467b31
docs for auxiliary/scanner/http/directadmin_login 2017-12-29 14:43:20 -06:00
h00die 67c2119736 oh brother 2017-12-29 14:16:34 -05:00
HD Moore eb696ee5cf Documentation update 2017-12-28 16:30:04 -06:00
Brent Cook 5e71be7772
add ard_root_pw documentation 2017-12-28 14:37:25 -06:00
HD Moore b86fd551a3 Add a WIP of the module documentation 2017-12-28 14:00:03 -06:00
Brent Cook ae17943d4c fix documentation preformat blocks 2017-12-27 22:32:26 -06:00
Jon Hart bbed7db13c
Merge branch 'upstream-master' into feature/mqtt-login 2017-12-27 13:08:44 -08:00
Tod Beardsley e6de25d63b
Land #9316 Cambium modules and mixins, tx @juushya 
These cover several of the CVEs mentioned in

https://blog.rapid7.com/2017/12/19/r7-2017-25-cambium-epmp-and-cnpilot-multiple-vulnerabilities/
 2017-12-26 12:39:51 -06:00
b0yd 7aa296577e Added readme 2017-12-22 14:34:35 -05:00
Jon Hart d4bc98c13f
Merge branch 'upstream-master' into feature/mqtt-login 2017-12-22 08:07:40 -08:00
William Vu caae33b417
Land #9170, Linux UDF for mysql_udf_payload 2017-12-21 20:48:24 -06:00
Jon Hart 917e9aa328
Doc READ_TIMEOUT 2017-12-20 19:10:49 -08:00
Jon Hart 962bc71d10
Merge branch 'feature/mqtt' into feature/mqtt-login 2017-12-20 18:58:36 -08:00
Jon Hart 9c0df54f36
syntax 2017-12-20 18:54:09 -08:00
Jon Hart fa1536209a
syntax 2017-12-20 18:52:34 -08:00
Jon Hart 508253eadc
More docs 2017-12-20 18:51:44 -08:00
Jon Hart 0f72ce1ee5
Add WIP documentation for auxiliary/scanner/mqtt/connect 2017-12-20 18:45:10 -08:00
Nick Marcoccio 86ce3c8781 Made suggested changes and added documentation 2017-12-20 15:54:16 -05:00
Brent Cook a8b845fff9
Land #9283, Add node.js ws websocket library DoS module 2017-12-20 14:20:42 -06:00
Tod Beardsley 8c1f1696af
Kill trailing whitespace in docs 2017-12-18 17:35:49 -06:00
Tod Beardsley 4aa480d655
Land #9311, docs for #9180 2017-12-18 17:34:55 -06:00
Tod Beardsley c2b8d23854
Kill trailing whitespace 2017-12-18 16:56:09 -06:00
Tod Beardsley 65da14c165
Adding docs for modules 2017-12-18 16:47:43 -06:00
Jon Hart a33ed82a40
Land #9214, @realoriginal's update to the Cisco SMI scanner to also fetch Cisco IOS configs 2017-12-18 12:22:26 -08:00
Ryan Knell 369d74cdb2 Updating documentation 
Added a missing backtick
 2017-12-18 10:34:00 -05:00
William Vu 76823e9fe6
Land #9183, Jenkins Groovy XStream RCE 2017-12-18 03:38:27 -06:00
Pearce Barry 880a1d4283
Land #9312, Module acting as a Pyrotechnical Device Deployment Tool (PDT) for Hardware Bridge 2017-12-17 18:32:28 -06:00
Pearce Barry 8344401484
Add docs, minor tweaks. 2017-12-17 18:15:49 -06:00
RootUp 95e2f1da95
Update samsung_browser_sop_bypass.md 2017-12-17 11:02:24 +05:30
RootUp 53a098a7f3
Update samsung_browser_sop_bypass.md 2017-12-16 22:46:29 +05:30
RootUp 6b54fe6775
Create samsung_browser_sop_bypass.md 2017-12-16 22:26:08 +05:30
Brent Cook c6a2ae2551
Land #9248, Add wd_mycloud_multiupload_upload exploit 2017-12-13 18:51:02 -06:00
h00die c0a534140d
Land #9284 a regex dos for ua_parser_js npm module 2017-12-13 19:31:49 -05:00
h00die 544e4e3d0b fix md formatting 2017-12-13 19:30:50 -05:00
Nicholas Starke dd5532c5de Addressing Formatting Issues 
There were several formatting and layout issues
that are fixed in this commit.  Also changing
`RHOSTS` to `RHOST`.
 2017-12-13 14:26:27 -06:00
Wei Chen b99663fb6c
Bring #9282 up to date with upstream-master 2017-12-13 13:16:30 -06:00
Wei Chen 37514eec17
Land #9234, Add exploit for ClickJacking vuln for pfSense 
Land #9234
 2017-12-12 14:56:21 -06:00
Wei Chen 6149f51273
Land #9256, Add aux module to discover WSDD enabled devices 
Land #9256
 2017-12-12 11:55:42 -06:00
Matthew Kienow d79b0ad981
Land #9286, Advantech WebAccess webvrpcs BOF RCE 2017-12-12 00:25:56 -05:00
Pearce Barry 7f93cca446
Land #9288, Add Dup Scout Enterprise login buffer overflow 2017-12-11 17:12:20 -06:00
Nicholas Starke 2d23054a1f Changes as per comments 
A few things were changed as per the PR comments:
1) The module title was reworded
2) The module description was multi-lined
3) Negative logic was rewritten to use 'unless'
4) Strings which did not require interpolation were rewritten
5) Documentation markdown was added.
 2017-12-11 14:11:40 -06:00
mr_me f8977ed72c added some fixes 2017-12-11 11:34:17 -06:00
Ryan Knell c5f218c84c Addressing comments 
1. Updated documentation
2. Made the Sec-WebSocket-Key header a random value
 2017-12-11 11:49:31 -05:00
Chris Higgins 3a14ac3b37 Fixed a spelling error in documentation 2017-12-09 02:30:42 -06:00
Chris Higgins e91830efe7 Add Dup Scout Enterprise login buffer overflow 2017-12-09 02:20:05 -06:00
Ryan Knell 668585a1f9 Adding documentation 
Adding module documentation for ws_dos.
 2017-12-08 15:52:57 -05:00
mr_me 073ffcb3bc added some docs 2017-12-07 16:58:14 -06:00
Austin 900f7d6f69
docs on options 2017-12-07 14:47:40 -05:00
Austin 12425d962c
Rename office_dde_delivery to office_dde_delivery.md 2017-12-06 22:40:57 -05:00
Austin 1e4b707a60
MS Office DDE Documentation 2017-12-06 21:46:47 -05:00
Brent Cook ce2db3cd87
Land #9275, CVE-2017-11882 (docs fix) 2017-12-05 10:16:54 -06:00
Austin 14226c5f33
missing docs on options 
Missed fixes on documentation
 2017-12-04 20:58:36 -05:00
William Webb 69b01d26bb
Land #9226, Microsoft Office OLE object memory corruption 2017-12-04 16:50:27 -08:00
Austin b7f17f5519
fix documentation 2017-12-04 16:41:27 -05:00
Brent Cook f83e9815dd
Land #9210, Add a Polycom HDX RCE 2017-12-04 12:49:35 -06:00
Brendan Coles 775529277f Add documentation 2017-11-29 17:37:34 +00:00
bwatters-r7 9dc3d60fc2
Stupid Typos 2017-11-29 10:29:38 -06:00
bwatters-r7 efa8d566d7
Added documentation for iamroot 2017-11-29 10:26:06 -06:00
Zenofex d174ef3a70 Add wd_mycloud_multiupload_upload exploit 2017-11-28 07:12:00 -06:00
bwatters-r7 244acc48b6
Land #9212, pfsense group member exec module 2017-11-27 11:27:29 -06:00
Austin 43ff4f12e5
update docs 2017-11-22 06:57:35 -05:00
Yorick Koster b5994bde79
Update pfsense_clickjacking.md 2017-11-22 11:10:47 +01:00
Yorick Koster 5b5c5520e6
Update pfsense_clickjacking.md 2017-11-22 11:09:54 +01:00
Yorick Koster 916ee05cce Add exploit module for Clickjacking vulnerability in CSRF error page pfSense 2017-11-22 11:06:22 +01:00
Austin 73c692fb65
fix docs 2017-11-21 21:31:06 -05:00
Jon Hart 879db5cf38
Land #9050, @mpizala's improvements to the docker_daemon_tcp module 2017-11-21 17:13:24 -08:00
Matthew Kienow b6c81e6da0
Reimplement slowloris as external module 2017-11-21 16:21:01 -05:00
Daniel Teixeira aa16288140
Update slow_loris.md 2017-11-21 15:49:45 -05:00
Daniel Teixeira 6d2007a4db
Update slow_loris.md 2017-11-21 15:49:44 -05:00