infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
35,241 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

1950 Commits (cfe97489628b6af9b11f990dea72a1a3e5cc7c46)

Author SHA1 Message Date
wchen-r7 cfe9748962 Deprecate exploits/multi/http/uptime_file_upload 
Please use uptime_file_upload_1.rb
 2015-10-27 17:36:54 -05:00
wchen-r7 0c648eb210 Move to modules/exploits/multi/http/uptime_file_upload_2 
This exploit is rather similiar to uptime_file_upload.rb, because
they both abuse post2file to upload. The difference is that this
module requires a priv escalation to be able to upload, and the
other one doesn't.
 2015-10-27 17:31:31 -05:00
wchen-r7 592fdef93d Update uptime_code_exec 2015-10-27 17:29:55 -05:00
wchen-r7 181e7c4c75 Update metadata 2015-10-23 17:22:31 -05:00
wchen-r7 01c2641c6b Change print_* 2015-10-23 16:27:52 -05:00
wchen-r7 3c961f61a7 Modify check to use Nokogiri 2015-10-23 14:29:16 -05:00
wchen-r7 6f02cedff8 Move method create_exec_service 2015-10-23 13:10:00 -05:00
Ewerson Guimaraes (Crash) 2828653f8f Update uptime_code_exec.rb 2015-10-23 11:49:21 +02:00
Ewerson Guimaraes (Crash) 5539363218 Update uptime_code_exec.rb 2015-10-23 11:33:59 +02:00
Ewerson Guimaraes (Crash) 944f47b064 Update 
Check nil
Removed headers
Fixed url normalization
 2015-09-05 10:07:58 +02:00
Ewerson Guimaraes (Crash) 68d27acd69 Update 
Add exploit-db references
nil check  to version
 2015-09-04 23:18:24 +02:00
Ewerson Guimaraes (Crash) 5b5e97f37a Update 
Add normalize_uri
Change print_status  tp vprint_status
Removed unused http headers
an other minor changes
 2015-09-04 22:12:42 +02:00
Ewerson Guimaraes (Crash) 5063acac3c Poorly designed argument fixed 
Poorly designed argument fixed
 2015-09-04 19:43:49 +02:00
Ewerson Guimaraes (Crash) cf8b34191d Updates 
Add Def for  cgi request.
 2015-09-04 19:19:02 +02:00
Ewerson Guimaraes (Crash) 92aa09a586 Merge remote-tracking branch 'rapid7/master' into Uptime 2015-09-03 20:48:50 +02:00
Ewerson Guimaraes (Crash) 6250983fb4 Update 
Update
 2015-09-03 20:29:57 +02:00
James Lee b4547711f3
Add certutil support. 
Tested while landing #5736
 2015-09-03 13:27:10 -05:00
HD Moore cd65478d29
Land #5826, swap ExitFunction -> EXITFUNC 2015-09-01 13:58:12 -05:00
Christian Mehlmauer 3e613dc333
change exitfunc to thread 2015-09-01 10:43:45 +02:00
Christian Mehlmauer 648c034d17
change exitfunc to thread 2015-09-01 10:42:15 +02:00
Ewerson Guimaraes (Crash) 252e80e793 Uptime Version 7.4.0 / 7.5.0 Upload and Exec file 
Uptime Version 7.4.0 / 7.5.0 Upload and Exec file
 2015-08-31 23:57:39 +02:00
Brent Cook d670a62000
Land #5822, migrate obsolete payload compatibility options 2015-08-31 15:20:20 -05:00
joev 98e2d074c3 Add disclosure date. 2015-08-15 20:09:41 -05:00
joev a133e98ba5 Adds a ff 35-36 RCE vector based off the recent ff bug. 2015-08-15 20:02:00 -05:00
Christian Mehlmauer 80a22412d9 use EXITFUNC instead of ExitFunction 2015-08-13 21:22:32 +02:00
William Vu 605a14350f
Land #5833, sshexec improvements 2015-08-13 14:16:22 -05:00
William Vu 3bd6c4cee4 Add a comma 2015-08-13 14:16:09 -05:00
William Vu c94a185610
Land #5697, Werkzeug debug RCE 2015-08-13 13:32:27 -05:00
William Vu d54ee19ce9 Clean up module 2015-08-13 13:32:22 -05:00
Spencer McIntyre 28fbb7cdde Update the description of the sshexec module 2015-08-12 16:05:09 -04:00
Spencer McIntyre dfe2bbf1e9 Add a python target to the sshexec module 2015-08-12 15:46:47 -04:00
jvazquez-r7 203c231b74
Fix #5659: Update CMD exploits payload compatibility options 2015-08-10 17:12:59 -05:00
h00die eab9b3bf5b interpolation fix on secret 2015-08-01 14:39:12 -04:00
h00die ceb49a51a6 thanks @espreto for help 2015-08-01 11:11:37 -04:00
h00die 4561241609 updates per @jvazquez-r7 comments 2015-07-24 20:34:40 -04:00
jvazquez-r7 2c9183fa56
Return check code 2015-07-24 16:14:43 -05:00
jvazquez-r7 a163606513
Delete unused SLEEP option 2015-07-24 15:29:56 -05:00
jvazquez-r7 1b1ac09d2a Merge to solve conflicts 2015-07-24 15:24:29 -05:00
Tod Beardsley cadb03bac0
Fix my own blasted typo, ty @wvu-r7 2015-07-20 17:14:34 -05:00
Tod Beardsley 2052b4ef56
Fixed the HT leak attribution a little 2015-07-20 16:36:47 -05:00
Tod Beardsley f7c11d0852
More cleanups 
Edited modules/exploits/multi/browser/adobe_flash_hacking_team_uaf.rb
first landed in #5678, adobe_flash_hacking_team_uaf.rb

Edited
modules/exploits/multi/browser/adobe_flash_opaque_background_uaf.rb
first landed in #5698, Adobe Flash CVE-2015-5122 opaqueBackground

Edited modules/exploits/multi/http/sysaid_auth_file_upload.rb first
landed in #5471, @pedrib's module for SysAid CVE-2015-2994

Edited modules/exploits/multi/http/sysaid_rdslogs_file_upload.rb first
landed in #5473 Correct spelling of sysaid module
 2015-07-20 16:29:49 -05:00
Tod Beardsley ab6204ca2e
Correct spelling of sysaid module 
First landed in #5473.
 2015-07-20 16:21:50 -05:00
Pedro Ribeiro 3fe165a265 Remove whitespace at the end 2015-07-18 20:18:34 +01:00
Pedro Ribeiro 70a2247941 Pick target is not needed... 2015-07-18 20:12:49 +01:00
Pedro Ribeiro 7483e77bba Fix Linux target by trying again if exploit fails 2015-07-18 20:12:13 +01:00
wchen-r7 7113c801b1
Land #5732, reliability update for adobe_flash_hacking_team_uaf 2015-07-17 16:43:39 -05:00
wchen-r7 837eb9ea38
Land #5742, better quality coverage for adobe_flash_opaque_background_uaf 2015-07-17 16:25:14 -05:00
wchen-r7 f77f7d6916 Bump rank 2015-07-17 16:23:27 -05:00
wchen-r7 0bd1dc017e Update coverage information 2015-07-17 16:23:00 -05:00
jvazquez-r7 4e6b00fe31
Land #5473, @pedrib's exploit for Sysaid CVE-2015-2994 
* sysaid rdslogs arbitrary file upload
 2015-07-17 12:10:40 -05:00