infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
44,336 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

44336 Commits (d6024277fcccca299241ac37e7a0dcfda5679a6d)

Author SHA1 Message Date
Nick Marcoccio d6024277fc fixed missing quote 2017-12-20 09:03:32 -05:00
Nick Marcoccio 139afe45a9 Add phpCollab 2.5.1 exploit module 2017-12-20 08:36:58 -05:00
Pearce Barry 880a1d4283
Land #9312, Module acting as a Pyrotechnical Device Deployment Tool (PDT) for Hardware Bridge 2017-12-17 18:32:28 -06:00
Pearce Barry 8344401484
Add docs, minor tweaks. 2017-12-17 18:15:49 -06:00
Brent Cook 36a3088a67
Land #9303, allow arguments to the editor with the 'edit' command 2017-12-15 13:46:15 -06:00
William Vu 0a1eea9860 Allow local_editor in cmd_edit to take arguments 
Such as vim -i NONE. This may allow command injection via arguments.
However, you can already start an arbitrary program by setting
LocalEditor or escaping the editor.

msf > setg LocalEditor /bin/sh
LocalEditor => /bin/sh
msf > edit -i
[*] Launching /bin/sh -i
$
 2017-12-14 19:51:57 -06:00
William Webb 234ef5627e
Land #9299, Add arch to MS17-010 detection 2017-12-14 12:20:56 -08:00
Metasploit be4f9236f2
Bump version of framework to 4.16.24 2017-12-14 10:08:05 -08:00
bwatters-r7 9ea7747a5c
Land #9233, Fix #9232 corruption of non-latin characters in W methods 
Merge branch 'land-9233' into upstream-master
 2017-12-14 11:54:36 -06:00
Pearce Barry 048b39ccd6
Initial commit of pdt module. 2017-12-14 09:23:21 -06:00
William Vu 3cd287ddd6 Update the MS17-010 scanner to use dcerpc_getarch 2017-12-14 02:08:30 -06:00
William Vu 8e4b007edc Move verify_arch to dcerpc_getarch 
We can use this code elsewhere, such as the MS17-010 scanner.
 2017-12-14 02:08:25 -06:00
Brent Cook c6a2ae2551
Land #9248, Add wd_mycloud_multiupload_upload exploit 2017-12-13 18:51:02 -06:00
Brent Cook 125a079fa9 add cve reference 2017-12-13 18:50:21 -06:00
h00die d7ad443be1 Merge branch 'master' of https://github.com/rapid7/metasploit-framework into upstream-master 2017-12-13 19:33:05 -05:00
h00die c0a534140d
Land #9284 a regex dos for ua_parser_js npm module 2017-12-13 19:31:49 -05:00
h00die 544e4e3d0b fix md formatting 2017-12-13 19:30:50 -05:00
Wei Chen deacebc46b
Land #9264, Add private type when storing SSH password 
Land #9264
 2017-12-13 18:24:31 -06:00
Wei Chen cfec0f4965
Land #9282, Add exploit for MSFT Office DDR in RTF format 
Land #9282
 2017-12-13 18:16:04 -06:00
Nicholas Starke dd5532c5de Addressing Formatting Issues 
There were several formatting and layout issues
that are fixed in this commit.  Also changing
`RHOSTS` to `RHOST`.
 2017-12-13 14:26:27 -06:00
Wei Chen b99663fb6c
Bring #9282 up to date with upstream-master 2017-12-13 13:16:30 -06:00
Wei Chen 37514eec17
Land #9234, Add exploit for ClickJacking vuln for pfSense 
Land #9234
 2017-12-12 14:56:21 -06:00
Wei Chen c7019e5aee Only load files once 2017-12-12 14:54:49 -06:00
Wei Chen 6149f51273
Land #9256, Add aux module to discover WSDD enabled devices 
Land #9256
 2017-12-12 11:55:42 -06:00
Wei Chen fdd4fc1c41
Land #9292, fix variable name to store the username 
Land #9292
 2017-12-12 11:21:33 -06:00
securekomodo b335cacfc1
Update wp_slideshowgallery_upload.rb 
Variable on line 67 needs to be changed to "user" from "username" which was undefined and causing error during exploit execution.

[-] Exploit failed: NameError undefined local variable or method `username' for #<Msf::Modules::Mod6578706c6f69742f756e69782f7765626170702f77705f736c69646573686f7767616c6c6572795f75706c6f6164::MetasploitModule:0x0055c61ab093f8>

After changing the incorrect variable name from "username" to "user", the exploit completes.
 2017-12-12 00:33:28 -05:00
Matthew Kienow d79b0ad981
Land #9286, Advantech WebAccess webvrpcs BOF RCE 2017-12-12 00:25:56 -05:00
mr_me e7a2dd2e71 fixed email 2017-12-11 23:20:46 -06:00
mr_me 26e2eb8f1a Changed to good ranking 2017-12-11 23:14:36 -06:00
Pearce Barry 7f93cca446
Land #9288, Add Dup Scout Enterprise login buffer overflow 2017-12-11 17:12:20 -06:00
Pearce Barry 9a6c54840b
Minor tweak to use vprint... 2017-12-11 16:48:47 -06:00
Nicholas Starke 2d23054a1f Changes as per comments 
A few things were changed as per the PR comments:
1) The module title was reworded
2) The module description was multi-lined
3) Negative logic was rewritten to use 'unless'
4) Strings which did not require interpolation were rewritten
5) Documentation markdown was added.
 2017-12-11 14:11:40 -06:00
mr_me f8977ed72c added some fixes 2017-12-11 11:34:17 -06:00
Brent Cook 63b5bb3dea
Land #9126, Add android advanced options 2017-12-11 04:11:44 -06:00
Brent Cook 602335abf1 bump payloads 2017-12-11 04:11:21 -06:00
Brent Cook 1653e31f71 Merge branch 'upstream-master' into land-9126- 2017-12-11 03:57:00 -06:00
William Vu bbbe48efbb
Land #9289, typo fix for sysgauge_client_bof.md 2017-12-09 19:37:13 -06:00
Chris Higgins 3a14ac3b37 Fixed a spelling error in documentation 2017-12-09 02:30:42 -06:00
Chris Higgins e91830efe7 Add Dup Scout Enterprise login buffer overflow 2017-12-09 02:20:05 -06:00
Metasploit 348cbe54b6
Bump version of framework to 4.16.23 2017-12-08 10:01:55 -08:00
Brent Cook 378f11d859
Land #9279, add docker pull badge to readme 2017-12-07 21:53:35 -06:00
mr_me 34ef650b0d fixed up msftidy, opps. 2017-12-07 17:03:39 -06:00
mr_me 073ffcb3bc added some docs 2017-12-07 16:58:14 -06:00
mr_me 75a82b3fe7 Advantech WebAccess webvrpcs ViewDll1 Stack-based Buffer Overflow Remote Code Execution Vulnerability 2017-12-07 16:34:26 -06:00
Austin 900f7d6f69
docs on options 2017-12-07 14:47:40 -05:00
Austin 5a81f8091d
change some options for somethinf for sensible 2017-12-07 14:44:36 -05:00
Adam Cammack 5b5ac878cc
Land #9285, Handle IPv6 addresses in `full_uri` 2017-12-07 13:25:05 -06:00
Austin 335cc13cab
remove option, advanced Message seems to break it. 2017-12-07 14:17:14 -05:00
William Vu 2565ad6a27 Handle IPv6 addresses in full_uri (add brackets) 2017-12-07 12:56:55 -06:00
Austin 7bdc99a153
Fix HANDLER + some default options! 2017-12-07 13:53:39 -05:00