infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
44,967 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

44967 Commits (c9d41f215d5018bd37a56fbc2e93e44a998c0520)

Author SHA1 Message Date
William Vu 1a8ffed5e3
Land #9369, register_dir{,s}_for_cleanup 2018-01-10 22:02:15 -06:00
William Vu b1cecd4193 Bump TIMEOUT in Msf::Exploit::Remote::SunRPC 2018-01-10 20:36:35 -06:00
William Vu f66b11f262 Nix an unneeded variable declaration 2018-01-10 20:24:02 -06:00
William Vu f5210ed6d6 Update module doc with missing options 2018-01-10 20:18:50 -06:00
Wei Chen 6510ee53bc
Land #9204, Add exploit for Samsung SRN-1670D (CVE-2017-16524) 
Land #9204
 2018-01-10 20:15:29 -06:00
Wei Chen 18c179a091 Update module and add documentation 
This updates the module to pass:

* msftidy
* Ruby style guidelines
* Proper usage of Metasploit API
* Mostly other cosmetic fixes

A documentation is also added.
 2018-01-10 20:13:42 -06:00
William Vu 1c1f3b161e Rescue XDR errors in Msf::Exploit::Remote::SunRPC 2018-01-10 20:11:30 -06:00
William Vu b66889ac86 Rescue additional errors and refactor code 
https://jvns.ca/blog/2015/11/27/why-rubys-timeout-is-dangerous-and-thread-dot-raise-is-terrifying/
 2018-01-10 20:11:25 -06:00
Wei Chen 7e2c7837e5
Land #9325, Add CVE-2017-6090 phpCollab 2.5.1 file upload exploit module 
Land #9325
 2018-01-10 17:39:50 -06:00
Wei Chen b1f3f471f3 Update phpcollab_upload_exec code (also module documentation) 2018-01-10 17:38:52 -06:00
Wei Chen dd737c3bc8
Land #9317, remove multiple deprecated modules 
Land #9317

The following modules are replaced by the following:

auxiliary/scanner/discovery/udp_probe
is replaced by:
auxiliary/scanner/discovery/udp_sweep

exploit/unix/webapp/wp_ninja_forms_unauthenticated_file_upload
is replaced by:
exploit/multi/http/wp_ninja_forms_unauthenticated_file_upload

exploit/windows/misc/regsvr32_applocker_bypass_server
is replaced by:
exploits/multi/script/web_delivery
 2018-01-10 15:47:20 -06:00
Wei Chen 8d77f35b16
Land #9373, Add LabF nfsAxe FTP Client 3.7 Stack Buffer Overflow 
Land #9373
 2018-01-09 22:40:50 -06:00
Wei Chen 25280e3319 Update labf_nfsaxe and module documentation 2018-01-09 22:39:40 -06:00
Brent Cook f125e13278
python meterpreter whitespace normalization 2018-01-09 16:08:52 -05:00
Wei Chen 777e383568
Land #9377, Add HPE iMC dbman RestoreDBase Unauthenticated RCE exploit 
Land #9377
 2018-01-09 13:56:53 -06:00
Wei Chen a0c9cdd73d
Land #9376, Add HPE iMC dbman RestartDB Unauthenticated RCE exploit 
Land #9376
 2018-01-09 13:28:03 -06:00
Wei Chen b06db60a56 Fix typos 2018-01-09 11:20:02 -06:00
Brent Cook cb82015c87
Land #9387, Check exploit stance for array as well as string 2018-01-09 03:52:59 -05:00
Brent Cook 573ee28631
Land #9378, Detect and return on bad VNC negotiations 2018-01-09 03:46:00 -05:00
William Vu f1bb3feb34
Land #9388, update LICENSE and COPYING 2018-01-09 00:01:49 -06:00
William Vu 4849c6cdf1 Update COPYING 2018-01-09 00:01:35 -06:00
Wei Chen 7b6a8af387 Update commvault_cmd_exec module documentation 2018-01-08 15:42:01 -06:00
William Vu bbad416a86 Add module doc to appease the @h00die god 2018-01-08 15:02:39 -06:00
William Vu 4a5a17a8e1 Add NIS ypserv map dumper 2018-01-08 14:27:53 -06:00
Aaron Meese 463d9b836b
Update LICENSE 
Updated year
 2018-01-08 14:17:44 -06:00
William Vu 333d57461a Check exploit stance for array as well as string 
An exploit can be both aggressive and passive.
 2018-01-08 13:52:04 -06:00
Kevin Kirsche ab89e552ed
Remove accidental trailing space 2018-01-08 14:42:03 -05:00
Kevin Kirsche 2252490e62
Fix using arbitrary keys to instead use "URL" 2018-01-08 14:30:03 -05:00
Kevin Kirsche e80ca348cf
Add Exploit-DB ID 2018-01-08 10:55:46 -05:00
Wei Chen 693a12e307
Land #9384, Add mkienow to the mailmap file 
Land #9384
 2018-01-07 20:35:01 -06:00
Kevin Kirsche 6beeece708
Re-add timeout value 2018-01-07 20:21:29 -05:00
Matthew Kienow 3c23fda36a
Add mkienow to the mailmap 2018-01-07 18:00:21 -05:00
Wei Chen a633caf734
Land #9382, Add Aaron to mailmap 
Land #9382
 2018-01-07 12:22:09 -06:00
Wei Chen d138f1508c
Land #9340, Add exploit for Commvault Remote Command Injection 
Land #9340
 2018-01-07 12:17:26 -06:00
Daniel Teixeira ff1806ef5f
Update labf_nfsaxe.rb 2018-01-07 16:46:06 +00:00
Pearce Barry 340cd66b7c
Add Aaron to the mailmap. Woo! 2018-01-06 22:37:30 -06:00
Kevin Kirsche eefd432161
Make sure Platforms match our actual target list 2018-01-06 08:31:30 -05:00
Kevin Kirsche 4bd196f8b2
Fix missing single quotes and remove comma 2018-01-06 08:30:48 -05:00
Kevin Kirsche 867b32415d
Fix feedback from wvu-r7 
Fixes feedback from wvu-r7

- Consolidates payload to single method
- Replaces gsub! with standard encode method
- Note exploit discovery and proof of concept code used in authors (still seems weird to include the discovery as an author...)
- Change link
- Use `ARCH_CMD` instead of `[ARCH_CMD]`
- Remove Linux target as it's only Windows or Unix
- Remove timeout as I don't know how to pass it to `send_request_cgi`
 2018-01-06 08:12:43 -05:00
William Vu 461f1c12e6 Fix nil bug(s) by moving arrays to initialize 2018-01-06 02:31:16 -06:00
William Vu 14143c2b90 Fix missed file_dropper_win_path 2018-01-06 01:44:25 -06:00
Brendan Coles a1a594d1f8 Add documentation 2018-01-06 05:09:24 +00:00
Brendan Coles 9ec17bdd54 Add documentation 2018-01-06 05:08:33 +00:00
Kevin Kirsche 744f20304c
Remove hardcoded user-agent from the headers 
Remove hardcoded user-agent from the headers allowing for `send_request_cgi` to control this
 2018-01-05 18:22:27 -05:00
Daniel Teixeira a69f275a39
Update labf_nfsaxe.rb 2018-01-05 21:14:47 +00:00
Daniel Teixeira c819aebc76
Add files via upload 2018-01-05 21:11:21 +00:00
Daniel Teixeira 3fd13b86c3
Add files via upload 2018-01-05 21:02:18 +00:00
Daniel Teixeira e797ca4781
Add files via upload 2018-01-05 21:00:47 +00:00
Daniel Teixeira aca76e2a4e
Update labf_nfsaxe.rb 2018-01-05 20:58:36 +00:00
Daniel Teixeira 2643acbc25
Update labf_nfsaxe.rb 2018-01-05 20:55:49 +00:00