infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
32,088 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

8102 Commits (f88d9651b6f8c5d7a44028bbccf23efcdab06919)

Author SHA1 Message Date
jvazquez-r7 b6146b1499 Use print_warning 2015-03-12 17:22:03 -05:00
jvazquez-r7 e035e6ce51
Land #4899, @h0ng10's exploit for iPass Open Mobile CVE-2015-0925 2015-03-12 16:42:52 -05:00
jvazquez-r7 7b7ebc20d7 Fix indentation 2015-03-12 16:41:41 -05:00
jvazquez-r7 da47d368e8 Do minor style cleaning 2015-03-12 16:35:48 -05:00
jvazquez-r7 a77078b555
Add X86 target 2015-03-12 16:34:44 -05:00
HD Moore b43893ad71
Lands #4903, corrects the return value used for the script path 2015-03-12 14:05:22 -05:00
m-1-k-3 2eab258a76 msftidy 2015-03-12 19:07:56 +01:00
sinn3r 220a26c5a4
Land #4907, CVE-2015-1427, elasticsearch groovy code injection 2015-03-12 11:28:24 -05:00
sinn3r ac24652196
Land #4911, CVE-2015-0096 (ms15_020_shortcut_icon_dllloader) 2015-03-12 10:51:56 -05:00
sinn3r 67d05f9354 Add the PR as a reference (how to guide) 2015-03-12 10:51:01 -05:00
jvazquez-r7 68d69177ad Add smb module for MS15-020 2015-03-11 23:46:50 -05:00
HD Moore 24440b8c38
Lands #4913, adds OSVDB reference to nvidia module 2015-03-11 23:32:22 -05:00
jvazquez-r7 a9fa2d25aa Add SMB module for MS10-046 2015-03-11 23:23:56 -05:00
Tod Beardsley 99494328d2
Update Nvidia module with an OSVDB ref 
The paper is really good, but could use a more traditional reference.

[See #4884]
 2015-03-11 19:51:22 -05:00
jvazquez-r7 0e4e264325 Redo description 2015-03-11 18:19:28 -05:00
jvazquez-r7 4e6aca0209 refactor create_exploit_file 2015-03-11 18:13:09 -05:00
jvazquez-r7 5662e5c5a6 Add module for MS15-020 2015-03-11 17:29:02 -05:00
sinn3r 43b90610b1 Temp 2015-03-11 13:53:34 -05:00
sinn3r 2a9d6e64e2 Starting point for CVE-2015-0318 2015-03-11 09:58:41 -05:00
jvazquez-r7 8a452a7cba Do somce cleanup 2015-03-10 17:10:44 -05:00
jvazquez-r7 4a84693fb0 Support windows 2015-03-10 16:58:33 -05:00
jvazquez-r7 c26bea3429 Fix credits 2015-03-10 16:27:07 -05:00
jvazquez-r7 980c83cb70 Fix metadata 2015-03-10 16:25:02 -05:00
jvazquez-r7 9e17874389 Exploit CVE-2015-1427 2015-03-10 16:17:51 -05:00
m-1-k-3 64f769504b encoding 2015-03-10 17:47:15 +01:00
m-1-k-3 6657c7d11d Belkin - CVE-2014-1635 2015-03-10 16:49:51 +01:00
jvazquez-r7 f8f178b1db Fix script_mvel_rce check 2015-03-10 09:39:02 -05:00
jvazquez-r7 9dc99e4207 Update check 2015-03-10 09:26:22 -05:00
Sigurd Jervelund Hansen c6cb1e840d Fixes persistence module by revering changes to the value returned by the write_script_to_target function, which screws up the path that is used for startup. Currently an escaped path "C://Users//..." is being used instead of using windows standards "C:\Users\...". 2015-03-10 10:26:03 +01:00
jvazquez-r7 fc4b312879 Add template 2015-03-09 23:04:32 -05:00
Julian Vilas fe822f8d33 Modify automatic file cleanup 2015-03-10 00:45:20 +01:00
Julian Vilas 0ef303cb6c Fix Java payload 2015-03-10 00:01:27 +01:00
jvazquez-r7 78167c3bb8 Use single quotes when possible 2015-03-09 16:55:21 -05:00
jvazquez-r7 cb72b26874 Add module for CVE-2014-0311 2015-03-09 16:52:23 -05:00
Hans-Martin Münch (h0ng10) bba4223d68 Initial commit 2015-03-09 16:36:11 +01:00
William Vu 3075c56064 Fix "response HTML" message 
In modules/exploits/multi/browser/firefox_xpi_bootstrapped_addon.rb.
 2015-03-07 17:08:08 -06:00
Julian Vilas 2eb0011a99 Autotrigger JSP shell at docBase 2015-03-07 20:41:08 +01:00
Julian Vilas 3be2bde5a2 Use bypass for bulletin S2-020 2015-03-07 19:14:20 +01:00
jvazquez-r7 2134cc3d22
Modify description 2015-03-05 16:55:24 -06:00
jvazquez-r7 7b4776ee79 Deregister FOLDER_NAME 2015-03-05 16:42:07 -06:00
jvazquez-r7 1bc81ea723
Merge #4884 into updated master 2015-03-05 16:41:15 -06:00
Meatballs 33f089b1a5
Tidyup 2015-03-05 21:50:12 +00:00
jvazquez-r7 9f3f8bb727
Merging #3323 work 2015-03-05 15:44:15 -06:00
jvazquez-r7 c388fd49c2 Fix print message 2015-03-05 15:43:54 -06:00
jvazquez-r7 dd2559b748 Favor new target over new module 2015-03-05 15:41:53 -06:00
jvazquez-r7 e1a4b046a0 Add support for tomcat 7 to struts_code_exec_classloader 2015-03-05 15:40:24 -06:00
Meatballs c56679f33e
Modify for new SMB mixin 2015-03-05 21:26:13 +00:00
jvazquez-r7 de08d8247b Do some module cleanup 2015-03-05 13:00:01 -06:00
jvazquez-r7 82659aba93 Populate metadata from code to make test easier 2015-03-05 12:40:20 -06:00
jvazquez-r7 dc02f8332f Pass msftidy 2015-03-05 12:29:31 -06:00
jvazquez-r7 a06eb04d59 Deregister FOLDER_NAME on exploit modules 2015-03-05 12:27:12 -06:00
sinn3r cb9922ad39
Land #4874, Add PHPMoAdmin command injection 2015-03-05 11:30:44 -06:00
sinn3r 8978b1d7b5 Add a version 2015-03-05 11:29:44 -06:00
Ricardo Almeida 32188f09d6 Update phpmoadmin_exec.rb 
Changes:
Added required comment at the top of the file;
Changed Class name "Metasploit3" >> "Metasploit4";
Standard name/email format for public PoC author.
 2015-03-05 12:56:08 +00:00
Ricardo Almeida 95962aab0d Update phpmoadmin_exec.rb 
Changes:
"Check if vulnerable" code improvement;
Payload delivery code improvement;
Minor indent issues.

Thanks for your feedback guys :)
 2015-03-05 12:46:53 +00:00
jvazquez-r7 e715eaba58 Update description 2015-03-04 16:39:27 -06:00
jvazquez-r7 e155f2998e Change module filename 2015-03-04 16:38:08 -06:00
jvazquez-r7 77abd57397 Do code cleanup 2015-03-04 16:37:31 -06:00
jvazquez-r7 22ff4d0097 Update with master changes 2015-03-04 16:30:19 -06:00
jvazquez-r7 e7de09df29 Change module filename 2015-03-04 16:18:45 -06:00
jvazquez-r7 1337b7ace8 Clean module 2015-03-04 16:18:10 -06:00
Ricardo Almeida 9530e15c81 Update phpmoadmin_exec.rb 
Changes:
Changed description section;
Changed 'URL' to 'EDB' in references section;
Added newline at the end.
 2015-03-04 21:59:08 +00:00
jvazquez-r7 d4738d8c0a
Update #3076 branch 2015-03-04 15:51:00 -06:00
Ricardo Almeida c19895ac85 Update phpmoadmin_exec.rb 
Changes:
Added new URL;
Added CVE number;
Corrected the disclosure date;
Corrected the normalize_uri() function syntax.
 2015-03-04 21:31:44 +00:00
jvazquez-r7 5cc9ea3618 Update with master changes 2015-03-04 15:16:12 -06:00
jvazquez-r7 fa9d921138 Beautify description 2015-03-04 13:07:10 -06:00
jvazquez-r7 8fdb7a798e Change module filename 2015-03-04 13:01:06 -06:00
jvazquez-r7 36375fab28 Fix downcase path handling 2015-03-04 12:58:41 -06:00
jvazquez-r7 62dde22d88 Clean packet building 2015-03-04 12:27:58 -06:00
Ricardo Almeida 4d67e0e1bb Add PHPMoAdmin RCE 2015-03-04 18:17:31 +00:00
jvazquez-r7 e04ff3ee24 Delete CMD option 2015-03-04 11:51:58 -06:00
jvazquez-r7 d4337ce1ae Do minor metadata cleanup 2015-03-04 11:46:01 -06:00
jvazquez-r7 1371cfe025 Test landing #4451 2015-03-04 11:20:07 -06:00
jvazquez-r7 aaab4b401a Fix indenting and use primer 2015-03-04 10:46:34 -06:00
jvazquez-r7 0e57277dc1 Do cleanup 2015-03-04 10:33:57 -06:00
jvazquez-r7 b9ed8178a9 Solve conflicts on ms13_071_theme 2015-03-04 10:28:52 -06:00
Matthew Hall 4757698c15 Modify primer to utilise file_contents macro. 2015-03-04 09:52:00 +00:00
Matthew Hall a90ebfe9a7 Modify primer to utilise file_contents macro. 2015-03-04 09:51:32 +00:00
Matthew Hall dfb6711ad7 Modify primer to utilise file_contents macro. 2015-03-04 09:51:01 +00:00
Matthew Hall a5d748d19e Modify primer to utilise file_contents macro. 2015-03-04 09:50:28 +00:00
Matthew Hall 0d56f5b6e6 Modify primer to utilise file_contents macro. 2015-03-04 09:49:17 +00:00
jvazquez-r7 80b76436bb
Land #4831, @wchen-r7's update for MS14-064 exploit 
* Support Windows XP with VBScript technique
 2015-03-03 19:19:49 -06:00
sinn3r 7591e9ece3 Unbreak the comment 2015-03-03 19:14:18 -06:00
sinn3r 79e7bf7f9c Update comments and description 2015-03-03 19:13:15 -06:00
William Vu ecd7ae9c3b
Land #4857, symantec_web_gateway_restore module 2015-03-02 15:00:10 -06:00
sinn3r ad28f9767f Use include 2015-03-02 14:41:25 -06:00
sinn3r cb140434f9 Update 2015-03-02 12:59:21 -06:00
OJ 905a539a00 Add exploit for Seagate Business NAS devices 
This module is an exploit for a pre-authenticated remote code execution
vulnerability in Seagate Business NAS products.
 2015-03-01 13:25:28 +10:00
sinn3r 4a1fbbdc3b Use datastore to find payload name 2015-02-28 19:56:32 -06:00
sinn3r ef9196ba6c Correct comment 2015-02-27 13:27:49 -06:00
sinn3r 7b6c39058a Correct target name 2015-02-27 13:24:57 -06:00
sinn3r 90aff51676 Add CVE-2014-7285, Symantec Web Gateway restore.php Command Injection 2015-02-27 12:31:29 -06:00
Tod Beardsley 94b4bc24bd
Minor word choice changes 
[See #4804]
 2015-02-24 12:29:11 -06:00
Brent Cook cf913e521c
Land #4832 @wvu-r7 remove and merge duplicate hash key initializers 2015-02-24 08:38:09 -06:00
William Vu 5cdb678654 Fix invalid use of RPORT (should be RHOST) 2015-02-24 05:24:09 -06:00
William Vu aa1e1a5269 Fix duplicate hash key "Platform" 
In modules/exploits/windows/mssql/mssql_linkcrawler.rb.
 2015-02-24 05:19:56 -06:00
William Vu 57642377cc Fix duplicate hash key "MinNops" 
In modules/exploits/windows/backupexec/name_service.rb.
 2015-02-24 05:19:55 -06:00
William Vu f2c96b4fdd Fix duplicate hash key "DefaultOptions" 
In modules/exploits/windows/browser/ntr_activex_stopmodule.rb.
 2015-02-24 05:19:54 -06:00
William Vu b671c9b496 Fix duplicate hash key "DefaultOptions" 
In modules/exploits/windows/browser/oracle_autovue_setmarkupmode.rb.
 2015-02-24 05:19:53 -06:00
William Vu 2e90f266fa Fix duplicate hash key "massage_array" 
In modules/exploits/windows/browser/ms13_090_cardspacesigninhelper.rb.
 2015-02-24 05:19:52 -06:00