Prateep Bandharangshi
8869ebfe9b
Fix incorrect disclosure date for OpenNMS exploit
...
Disclosure date was Nov 2015, not Nov 2014
2016-11-21 16:44:36 +00:00
Brent Cook
005d34991b
update architecture
2016-11-20 19:09:33 -06:00
William Vu
da356e7d62
Remove Compat hash to allow more payloads
2016-11-04 13:57:05 -05:00
William Vu
f0c89ffb56
Refactor module and use FileDropper
2016-11-04 13:57:05 -05:00
William Vu
6d7cf81429
Update references
2016-11-04 13:57:05 -05:00
William Vu
009d6a45aa
Update description
2016-11-04 13:57:05 -05:00
William Vu
bf7936adf5
Add instance_eval and syscall targets
2016-11-04 13:57:05 -05:00
Brent Cook
f8912486df
fix typos
2016-11-01 05:43:03 -05:00
William Webb
5e7d546fa2
Land #7094 , OpenNMS Java Object Deserialization RCE Module
2016-10-14 13:19:11 -05:00
wchen-r7
8654baf3dd
Land #6880 , add a module for netcore/netdis udp 53413 backdoor
2016-08-08 15:43:34 -05:00
wchen-r7
f98efb1345
Fix typos
2016-08-08 15:41:03 -05:00
Vex Woo
864989cf6c
For echo command
2016-07-26 20:27:23 -05:00
Brent Cook
b08d1ad8d8
Revert "Land #6812 , remove broken OSVDB references"
...
This reverts commit 2b016e0216
, reversing
changes made to 7b1d9596c7
.
2016-07-15 12:00:31 -05:00
Brent Cook
2b016e0216
Land #6812 , remove broken OSVDB references
2016-07-11 22:59:11 -05:00
Brent Cook
a530aa4cf1
restrict perms a bit more
2016-07-11 22:22:34 -05:00
Brent Cook
a107a0f955
remove unneeded rport/rhost defines
2016-07-11 22:22:34 -05:00
Brent Cook
6bf51fe064
streamline payload generation
2016-07-11 22:22:34 -05:00
Brent Cook
7ef6c8bf9e
ruby style updates
2016-07-11 22:22:33 -05:00
Brent Cook
c1f51e7ddf
Update and fixup module against OpenNMS-16
2016-07-11 22:22:33 -05:00
benpturner
50746eec29
Fixes comments in regards to #{peer}
2016-07-11 22:22:33 -05:00
benpturner
ce8317294f
New module to exploit the OpenNMS Java Object Unserialization RCE vulnerability. This now gets flagged inside Nessus and there was no Metasploit module to exploit this.
...
This module exploits the vulnerability to a full session.
2016-07-11 22:22:32 -05:00
sho-luv
25f49c0091
Fixed Description
...
Just cleaned up Description.
2016-07-08 16:17:39 -07:00
Vex Woo
4a4904149b
ruby conditional operator -> expression
2016-05-16 10:45:04 -05:00
Vex Woo
4a3ab9d464
add a module for netcore/netdis udp 53413 backdoor
2016-05-16 02:11:53 -05:00
wchen-r7
816bc91e45
Resolve #6807 , remove all OSVDB references.
...
OSVDB is no longer a vulnerability database, therefore all the
references linked to it are invalid.
Resolve #6807
2016-04-23 12:32:34 -05:00
Christian Mehlmauer
3123175ac7
use MetasploitModule as a class name
2016-03-08 14:02:44 +01:00
Brent Cook
f703fa21d6
Revert "change Metasploit3 class names"
...
This reverts commit 666ae14259
.
2016-03-07 13:19:55 -06:00
Brent Cook
44990e9721
Revert "change Metasploit4 class names"
...
This reverts commit 3da9535e22
.
2016-03-07 13:19:48 -06:00
Christian Mehlmauer
3da9535e22
change Metasploit4 class names
2016-03-07 09:57:22 +01:00
Christian Mehlmauer
666ae14259
change Metasploit3 class names
2016-03-07 09:56:58 +01:00
Brent Cook
3d1861b3f4
Land #6526 , integrate {peer} string into logging by default
2016-02-15 15:19:26 -06:00
William Vu
c67360f436
Remove extraneous whitespace
2016-02-10 09:44:01 -06:00
wchen-r7
1d6b782cc8
Change logic
...
I just can't deal with this "unless" syntax...
2016-02-08 18:40:48 -06:00
wchen-r7
d60dcf72f9
Resolve #6546 , support manual config for X-Jenkins-CLI-Port
...
Resolve #6546
2016-02-08 18:16:48 -06:00
James Lee
12256a6423
Remove now-redundant peer
...
These all include either Msf::Exploit::Remote:Tcp or Msf::Exploit::Remote:HttpClient
2016-02-01 15:12:03 -06:00
wchen-r7
cea3bc27b9
Fix #6362 , avoid overriding def peer repeatedly
...
def peer is a method that gets repeated a lot in modules, so we
should have it in the tcp mixin. This commit also clears a few
modules that use the HttpClient mixin with def peer.
2015-12-23 11:44:55 -06:00
wchen-r7
ab3fe64b6e
Add method peer for jenkins_java_deserialize.rb
2015-12-15 01:18:27 -06:00
wchen-r7
bd8aea2618
Fix check for jenkins_java_deserialize.rb
...
This fixes the following:
* nil return value checks
* handle missing X-Jenkins-CLI-Port scenario more properly
* proper HTTP path normalization
2015-12-14 11:25:59 -06:00
dmohanty-r7
eb4611642d
Add Jenkins CLI Java serialization exploit module
...
CVE-2015-8103
2015-12-11 14:57:10 -06:00
karllll
a5c6e260f2
Update hp_vsa_login_bof.rb
...
Updated reference URL to latest location
2015-12-10 10:56:39 -05:00
wchen-r7
154fb585f4
Remove bad references (dead links)
...
These links are no longer available. They are dead links.
2015-10-27 12:41:32 -05:00
HD Moore
cd65478d29
Land #5826 , swap ExitFunction -> EXITFUNC
2015-09-01 13:58:12 -05:00
Christian Mehlmauer
3e613dc333
change exitfunc to thread
2015-09-01 10:43:45 +02:00
Christian Mehlmauer
648c034d17
change exitfunc to thread
2015-09-01 10:42:15 +02:00
Christian Mehlmauer
80a22412d9
use EXITFUNC instead of ExitFunction
2015-08-13 21:22:32 +02:00
jvazquez-r7
203c231b74
Fix #5659 : Update CMD exploits payload compatibility options
2015-08-10 17:12:59 -05:00
HD Moore
25e0f888dd
Initial commit of R7-2015-08 coverage
2015-07-08 13:42:11 -05:00
jvazquez-r7
4224008709
Delete print_debug/vprint_debug
2015-04-21 11:14:03 -05:00
sinn3r
d45cdd61aa
Resolve #4507 - respond_to? + send = evil
...
Since Ruby 2.1, the respond_to? method is more strict because it does
not check protected methods. So when you use send(), clearly you're
ignoring this type of access control. The patch is meant to preserve
this behavior to avoid potential breakage.
Resolve #4507
2015-01-02 13:29:17 -06:00
Tod Beardsley
d3050de862
Remove references to Redmine in code
...
See #4400 . This should be all of them, except for, of course, the module
that targets Redmine itself.
Note that this also updates the README.md with more current information
as well.
2014-12-19 17:27:08 -06:00