infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
40,575 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

2325 Commits (d5845343bd93e5160a9bb069e949a1c582e26a33)

Author SHA1 Message Date
OJ e8158bd200
Add multi platform type, wire into the multi stage 2016-11-28 09:34:09 +10:00
Brent Cook 005d34991b update architecture 2016-11-20 19:09:33 -06:00
Brent Cook f313389be4 Merge remote-tracking branch 'upstream/master' into land-7507-uuid-arch 2016-11-20 19:08:56 -06:00
wchen-r7 8cd9a9b670 Deprecate wp_ninja_forms_unauthenticated_file_upload 
wp_ninja_forms_unauthenticated_file_upload actually supports
multiple platforms.

Instead of using:
exploit/unix/webapp/wp_ninja_forms_unauthenticated_file_upload

Please use:
exploit/multi/http/wp_ninja_forms_unauthenticated_file_upload
 2016-11-10 11:17:09 -06:00
wchen-r7 ca5610ccde
Land #7511, Update jenkins_script_console to support newer versions 2016-11-04 11:24:25 -05:00
William Vu 5ed030fcf6
Land #7529, nil.downcase fix for tomcat_mgr_deploy 
Don't think it was ever needed, since the password is case-sensitive.

Fixed a minor merge conflict where PASSWORD became HttpPassword.
 2016-11-03 15:39:46 -05:00
Jin Qian 2f8d3c3cf3 Remove the bug where downcase() is invoked on password which is optional and can be empty. 2016-11-03 15:23:19 -05:00
Spencer McIntyre ccce361768 Remove accidentally included debug output 2016-10-29 18:46:51 -04:00
Spencer McIntyre fa7cbf2c5a Fix the jenkins exploit module for new versions 2016-10-29 18:19:14 -04:00
OJ 57eabda5dc
Merge upstream/master 2016-10-29 13:54:31 +10:00
OJ 1d617ae389
Implement first pass of architecture/platform refactor 2016-10-28 07:16:05 +10:00
mr_me 16b7c77851 satisfying travis 2016-10-27 13:37:04 -05:00
mr_me a8ab7b09b0 Added Bassmaster batch Arbitrary JavaScript Injection Remote Code Execution Vulnerability (CVE-2014-720) 2016-10-27 13:22:39 -05:00
David Maloney 6b77f509ba
fixes bad file refs for cmdstagers 
when moving to the rex-exploitation gem some of the
file references were missed, partially due to silly differences
between how each file was referenced

Fixes #7466
 2016-10-21 12:31:18 -05:00
wchen-r7 9e97febcd1
Land #7429, Ruby on Rails Dynamic Render File Upload Remote Code Exec 2016-10-13 11:45:46 -05:00
William Vu e78d3d6bf0 Fix erroneous cred reporting in SonicWALL exploit 
A session ID will be returned in the parsed JSON if the login succeeded.

Bad user:

{"noldapnouser"=>1, "loginfailed"=>1}

Bad password:

{"loginfailed"=>1}

Good user/password:

{"userid"=>"1", "sessionid"=>"4WJ9cNg1TkBrwjzX"}
 2016-10-11 19:25:52 -05:00
mr_me bd646ded1b fixed the check function 2016-10-11 14:06:03 -05:00
mr_me d8f98ccd4e run through msftidy 2016-10-10 22:36:20 -05:00
mr_me f2252bb179 fixed a few things, thanks @h00die 2016-10-10 22:30:01 -05:00
mr_me 3c3f424a4d added a some references 2016-10-10 17:56:03 -05:00
mr_me bca3aab1db added CVE-2016-0752 2016-10-10 17:36:20 -05:00
Brent Cook b77a910205
Land #7355, allwinner post to local exploit conversion 2016-10-08 21:38:54 -05:00
RageLtMan f24bfe7d4e Import Powershell::exec_in_place 
Allow passing exec_in_place parameter to cmd_psh_payload in order
to execute raw powershell without the commandline wrappers of
comspec or calling the powershell binary itself.
This is useful in contexts such as the web delivery mechanism or
recent powershell sessions as it does not require the creation of
a new PSH instance.
 2016-10-08 14:06:35 -05:00
Pearce Barry 5de1d34869
Land #7341, add module metasploit_static_secret_key_base 2016-09-23 09:20:48 -05:00
h00die cba297644e post to local conversion 2016-09-22 22:08:24 -04:00
Brent Cook 9f3c8c7eee
Land #7268, add metasploit_webui_console_command_execution post-auth exploit 2016-09-22 00:50:58 -05:00
Justin Steven dcfbb9ee6a
Tidy info 
Replace errant \t with \x20
 2016-09-21 20:14:11 +10:00
Justin Steven 1e24568406
Tweak verbosity re: found secrets 2016-09-21 20:14:08 +10:00
Justin Steven 30d07ce0c7
Tidy metasploit_static_secret_key_base module 
* Inline magic values
* Optimise out dead Rails3-specific code
 2016-09-21 20:13:58 +10:00
Louis Sato 8b1d29feef
Land #7304, fix rails_secret_deserialization popchain 2016-09-20 16:05:03 -05:00
Justin Steven a1ca27d491
add module metasploit_static_secret_key_base 2016-09-20 07:04:00 +10:00
Justin Steven 116c754328
tidy Platform 2016-09-15 10:35:42 +10:00
Justin Steven 8a0c8b54fc
merge branch 'master' into PR branch 
make Travis happy
 2016-09-15 10:31:24 +10:00
Justin Steven ff1c839b7d
appease msftidy 
trailing whitespace
 2016-09-15 08:18:43 +10:00
James Barnett 6509b34da1
Land #7255, Fix issue causing Glassfish to fail uploading to Windows targets. 2016-09-14 12:57:41 -05:00
William Vu 8533e6c5fd
Land #7252, ARCH_CMD to ARCH_PHP for phoenix_exec 2016-09-14 10:38:37 -05:00
Pedro Ribeiro 8d4ee3fac6 Forgot the bracket! 2016-09-13 19:01:22 +01:00
Pedro Ribeiro 41bdae4b84 update links and CVE on webnms_file_upload 2016-09-13 18:50:25 +01:00
Justin Steven 17bad7bd4f
fix popchain 
ERB changed as per <https://github.com/ruby/ruby/commit/e82f4195d4>
which broke the popchain used for code execution.
 2016-09-13 21:25:14 +10:00
Justin Steven 6bafad44f2
drop 'require uri', tweak option text 2016-09-09 20:31:23 +10:00
Justin Steven 0b012c2496
Combine Unix and Windows modules 2016-09-09 20:28:13 +10:00
William Vu 7d44bd5ba4 Clean up module 2016-09-06 23:30:58 -05:00
aushack 015b790295 Added default rport. 2016-09-07 14:24:07 +10:00
wchen-r7 445a43bd97 Trim the fat 2016-08-30 15:56:51 -05:00
wchen-r7 1b505b9b67 Fix #7247, Fix GlassFish on Windows targets 
Fix #7247
 2016-08-30 15:46:08 -05:00
William Vu 7a412031e5 Convert phoenix_exec to ARCH_PHP 2016-08-29 14:14:22 -05:00
William Vu 43a9b2fa26
Fix missing return 
My bad.
 2016-08-29 14:13:18 -05:00
William Vu d50a6408ea
Fix missed Twitter handle 2016-08-29 13:46:26 -05:00
William Vu f8fa090ec0
Fix one more missed comma 2016-08-29 13:40:55 -05:00
William Vu 53516d3323
Fix #7220, phoenix_exec module cleanup 2016-08-29 13:28:15 -05:00