infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
23,204 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

1216 Commits (e4aedfad4377e3023517cf2f4da3c324489d7b79)

Author SHA1 Message Date
Tod Beardsley a863d0a526
Pre-release fixes, including msftidy errors. 2014-02-18 14:02:37 -06:00
sinn3r 52ac85be11
Land #2931 - Oracle Forms and Reports RCE 2014-02-17 08:54:23 -06:00
sinn3r 110ffbf342 Indent looks off for this line 2014-02-17 08:53:29 -06:00
sinn3r 632ea05688 100 columns 2014-02-17 08:52:56 -06:00
sinn3r 8da7ba131b In case people actually don't know what RCE means 2014-02-17 08:51:48 -06:00
sinn3r 73459baefd Add OSVDB references 2014-02-17 08:50:34 -06:00
Mekanismen fb7b938f8e check func fixed 2014-02-17 15:11:56 +01:00
Mekanismen e27d98368e fixed local server issues 2014-02-16 18:26:08 +01:00
Mekanismen e40b9e5f37 updated and improved 2014-02-16 16:24:39 +01:00
Mekanismen b7d69c168c bugfix and user supplied local path support 2014-02-15 16:24:59 +01:00
sinn3r 9daffbd484
Land #2973 - Dexter panel (CasinoLoader) SQLi to file upload code exec 2014-02-14 17:16:27 -06:00
sinn3r 48199fec27 Change URL identifier, and make the user choose a target 2014-02-14 17:15:00 -06:00
bwall 783e62ea85 Applied changes from @wchen-r7's comments 2014-02-11 10:14:52 -08:00
bwall 13fadffe7e Dexter panel (CasinoLoader) SQLi to PHP code exec - Initial 2014-02-10 13:44:30 -08:00
grimmlin 2d93b38e2a Fixed java_signed_applet for Java 7u51 2014-02-07 16:29:50 +01:00
Tod Beardsley d34020115a
Fix up on apache descs and print_* methods 2014-02-03 13:13:57 -06:00
Mekanismen 5a883a4477 updated 2014-01-31 21:59:26 +01:00
sinn3r b67ac39a33
Land #2921 - Apache Struts Developer Mode OGNL Execution 2014-01-31 12:06:58 -06:00
sinn3r 60ead5de43 Explain why we flag the vuln as "Appears" instead of vulnerable 2014-01-31 12:05:58 -06:00
jvazquez-r7 2fca2da9f7 Add an vprint message on check 2014-01-31 11:57:20 -06:00
jvazquez-r7 356692f2f5
Land #2923, @rangercha tomcat deploy module compatible with tomcat8 2014-01-31 10:53:53 -06:00
Mekanismen f6291eb9a8 updated 2014-01-31 14:33:18 +01:00
jvazquez-r7 93db1c59af Do small fixes 2014-01-30 17:16:43 -06:00
jvazquez-r7 9daacf8fb1 Clean exploit method 2014-01-30 16:58:17 -06:00
jvazquez-r7 4458dc80a5 Clean the find_csrf mehtod 2014-01-30 16:39:19 -06:00
jvazquez-r7 697a86aad7 Organize a little bit the code 2014-01-30 16:29:45 -06:00
jvazquez-r7 50317d44d3 Do more easy clean 2014-01-30 16:23:17 -06:00
jvazquez-r7 1a9e6dfb2a Allow check to detect platform and arch 2014-01-30 15:17:20 -06:00
jvazquez-r7 b2273dce2e Delete Automatic target 
It isn't usefull at all, when auto targeting is done, the payload (java platform and arch)
has been already selected.
 2014-01-30 15:04:08 -06:00
jvazquez-r7 cebbe71dba Do easy cleanup of exploit 2014-01-30 14:42:02 -06:00
jvazquez-r7 c336133a8e Do a first clean related to auto_target 2014-01-30 14:27:20 -06:00
jvazquez-r7 57b8b49744 Clean query_manager 2014-01-30 14:20:02 -06:00
jvazquez-r7 148e51a28b Clean metadata and use TARGETURI 2014-01-30 14:03:52 -06:00
William Vu 56287e308d Clean up unused variables 2014-01-30 11:20:21 -06:00
Mekanismen e7ab77c736 added module for Oracle Forms and Reports 2014-01-30 14:45:17 +01:00
RangerCha a49473181c Added new module. Abuses tomcat manager upload page. Tested on tomcat 5.5.36, 6.0.37, 7.0.50, 8.0.0rc10 2014-01-27 09:04:59 -05:00
jvazquez-r7 8fe74629fe Allow send_request_cgi to take care of the uri encoding 2014-01-26 00:06:41 -06:00
jvazquez-r7 37adf1251c Delete privileged flag because is configuration dependant 2014-01-25 18:25:31 -06:00
jvazquez-r7 038cb7a981 Add module for CVE-2012-0394 2014-01-25 18:17:01 -06:00
William Vu 7c5229e2eb Use opts hash for glassfish_deployer 
https://dev.metasploit.com/redmine/issues/8498
 2014-01-24 20:17:02 -06:00
sinn3r cdc425e4eb Update some checks 2014-01-24 12:08:23 -06:00
sinn3r 7f560a4b41 Oops, I broke this module 2014-01-22 11:23:18 -06:00
sinn3r 646f7835a3 Saving progress 2014-01-21 17:14:55 -06:00
sinn3r 85396b7af2 Saving progress 
Progress group 4: Making sure these checks comply with the new
guidelines. Please read: "How to write a check() method" found in
the wiki.
 2014-01-21 14:10:35 -06:00
sinn3r 689999c8b8 Saving progress 
Progress group 3: Making sure these checks comply with the new
guidelines. Please read: "How to write a check() method" found in
the wiki.
 2014-01-21 13:03:36 -06:00
jvazquez-r7 e2fa581b8c Delete empty line 2014-01-17 22:05:14 -06:00
sinn3r 57318ef009 Fix nil bug in jboss_invoke_deploy.rb 
If there is a connection timeout, the module shouldn't access the
"code" method because that does not exist.
 2014-01-17 11:47:18 -06:00
sinn3r bc9c865c25
Land #2865 - js payload to firefox_svg_plugin & add BA support for FF JS exploits 2014-01-13 11:17:36 -06:00
jvazquez-r7 95a5d12345 Merge #2835, #2836, #2837, #2838, #2839, #2840, #2841, #2842 into one branch 2014-01-13 10:57:09 -06:00
Joe Vennix b3b04c4159 Fix both firefox js exploits to use browser_autopwn. 2014-01-11 17:34:38 -06:00