infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
28,520 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

734 Commits (e54442af36a8b7fc067ee5630e23e9a4e146ae2b)

Author SHA1 Message Date
Tod Beardsley 51b96cb85b
Cosmetic title/desc updates 2014-11-03 13:37:45 -06:00
sinn3r b7a1722b46 Pass msftidy, more descriptive name and description 2014-10-30 22:14:18 -05:00
Deral Heiland 64a59e805c Fix a simple typo 2014-10-29 12:40:24 -04:00
Deral Heiland 1bf1be0e46 Updated to module based feedback from wchen-r7 2014-10-29 11:42:07 -04:00
Deral Heiland 9021e4dae6 Xerox Workcentre firmware injection exploit 2014-10-28 11:15:43 -04:00
jvazquez-r7 c77a0984bd
Land #3989, @us3r777's exploit for CVE-2014-7228, Joomla Update unserialize 
the commit.
 empty message aborts
 2014-10-20 13:39:08 -05:00
jvazquez-r7 4e6f61766d Change module filename 2014-10-20 13:31:22 -05:00
jvazquez-r7 e202bc10f0 Fix title 2014-10-20 13:30:44 -05:00
jvazquez-r7 f07c5de711 Do code cleanup 2014-10-20 13:27:48 -05:00
jvazquez-r7 052a9fec86 Delete return 2014-10-20 10:52:33 -05:00
jvazquez-r7 199f6eba76 Fix check method 2014-10-20 10:46:40 -05:00
us3r777 16101612a4 Some changes to use primer 
Follow wiki How-to-write-a-module-using-HttpServer-and-HttpClient
 2014-10-20 17:26:16 +02:00
us3r777 1e143fa300 Removed unused variables 2014-10-20 16:58:41 +02:00
URI Assassin 35d3bbf74d
Fix up comment splats with the correct URI 
See the complaint on #4039. This doesn't fix that particular
issue (it's somewhat unrelated), but does solve around
a file parsing problem reported by @void-in
 2014-10-17 11:47:33 -05:00
Tod Beardsley b1223165d4
Trivial grammar fixes 2014-10-14 12:00:50 -05:00
us3r777 444b01c4b0 Typo + shorten php serialized object 2014-10-12 21:29:04 +02:00
us3r777 2428688565 CVE-2014-7228 Joomla/Akeeba Kickstart RCE 
Exploit via serialiazed PHP object injection. The Joomla! must be
updating more precisely, the file $JOOMLA_WEBROOT/administrator/
components/com_joomlaupdate/restoration.php must be present
 2014-10-09 18:51:24 +02:00
Christian Mehlmauer 1584c4781c Add reference 2014-10-09 06:58:15 +02:00
jvazquez-r7 4f96d88a2f
Land #3949, @us3r777's exploit for CVE-2014-6446, wordpress infusionsoft plugin php upload 2014-10-08 16:35:49 -05:00
jvazquez-r7 66a8e7481b Fix description 2014-10-08 16:35:14 -05:00
jvazquez-r7 8ba8402be3 Update timeout 2014-10-08 16:32:05 -05:00
jvazquez-r7 bbf180997a Do minor cleanup 2014-10-08 16:29:11 -05:00
us3r777 03888bc97b Change the check function 
Use regex based detection
 2014-10-06 18:56:01 +02:00
us3r777 29111c516c Wordpress Infusionsoft Gravity Forms CVE-2014-6446 
The Infusionsoft Gravity Forms plugin 1.5.3 through 1.5.10 for
WordPress does not properly restrict access, which allows remote
attackers to upload arbitrary files and execute arbitrary PHP
code via a request to utilities/code_generator.php.
 2014-10-06 14:10:01 +02:00
Christian Mehlmauer f45b89503d change WPVULNDBID to WPVDB 2014-10-03 17:13:18 +02:00
Christian Mehlmauer 33b37727c7 Added wpvulndb links 2014-10-02 23:03:31 +02:00
William Vu df44dfb01a
Add OSVDB and EDB references to Shellshock modules 2014-09-29 21:39:07 -05:00
jvazquez-r7 6e2d297e0c Credit the original vuln discoverer 2014-09-26 13:45:09 -05:00
jvazquez-r7 a4bc17ef89 deregister options needed for exploitation 2014-09-26 10:15:46 -05:00
jvazquez-r7 54e6763990 Add injection to HOSTNAME and URL 2014-09-26 10:13:24 -05:00
James Lee 86f85a356d
Add DHCP server module for CVE-2014-6271 2014-09-26 01:24:42 -05:00
jvazquez-r7 9acccfe9ba Fix description 2014-09-19 17:18:59 -05:00
jvazquez-r7 d826132f87 Delete CVE, add EDB 2014-09-19 17:16:03 -05:00
jvazquez-r7 7afbec9d6c
Land #2890, @Ahmed-Elhady-Mohamed module for OSVDB 93034 2014-09-19 17:12:49 -05:00
jvazquez-r7 1fa5c8c00c Add check method 2014-09-19 17:11:16 -05:00
jvazquez-r7 ce0b00bb0b Change module location and filename 2014-09-19 16:59:35 -05:00
sinn3r c73ec66c7a
Land #3659 - Add HybridAuth install.php PHP Code Execution 2014-08-19 17:19:01 -05:00
Brendan Coles 564431fd41 Use arrays in refs for consistency 2014-08-18 18:54:54 +00:00
Tod Beardsley cad281494f
Minor caps, grammar, desc fixes 2014-08-18 13:35:34 -05:00
Brendan Coles b8b2e3edff Add HybridAuth install.php PHP Code Execution module 2014-08-16 23:31:46 +00:00
Emilio Pinna 4ff73a1467 Add version build check 2014-08-13 09:53:43 +02:00
Emilio Pinna 3440f82b2e Minor description adjustment 2014-08-12 22:18:59 +02:00
Emilio Pinna 9e38ffb797 Add the check for the manual payload setting 2014-08-12 21:55:42 +02:00
Emilio Pinna 5b6be55c50 Fix (properly) 'execute_command()' missing 'opts' parameter 2014-08-12 19:49:27 +02:00
Emilio Pinna 3af17ffad0 Fixed 'execute_command()' missing 'opts' parameter 2014-08-12 19:24:24 +02:00
Emilio Pinna f71589f534 Simplify payload upload using 'CmdStager' mixin 2014-08-12 10:49:17 +02:00
Emilio Pinna cc5770558d Remove local payload saving used for debugging 2014-08-11 19:16:14 +02:00
Emilio Pinna 4790b18424 Use FileDropper mixin to delete uploaded file 2014-08-11 19:02:09 +02:00
Emilio Pinna ac526ca9bd Fix print_* to vprint_* in check method 2014-08-11 18:58:11 +02:00
Emilio Pinna 4b4b24b79d Fix errors printing 2014-08-11 18:54:43 +02:00