dnrops
/
metasploit-framework
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
42,644 Commits 10 Branches 885 Tags 1.3 GiB
Commit Graph

42644 Commits

Author SHA1 Message Date
David Maloney 94e4dc2938
fix for smb_login errors 
do not try the TreeConnect if the SESSION_SETUP
has already failed.
 2017-05-18 11:26:03 -05:00
Daniel Teixeira c1624d0967 VX Search Enterprise GET Buffer Overflow 2017-05-18 17:12:47 +01:00
Daniel Teixeira ca6b00161d VX Search Enterprise GET Buffer Overflow Doc 2017-05-18 17:12:10 +01:00
Jeffrey Martin 1af6c08356
Land #8409, mark osx-app macho as executable 2017-05-18 09:28:01 -05:00
Christian Mehlmauer 57dc86bdec
Land #8403, more docker improvements 2017-05-18 13:01:41 +02:00
Tim a68a1858a9 Fix #7703, mark osx-app macho as executable 2017-05-18 18:24:35 +08:00
Ilya Glotov 5dbbd379b2
Add additional nmap dependencies 
Packages nmap-nselibs, nmap-scripts
 2017-05-18 12:54:53 +03:00
zerosum0x0 bdf121e1c0 x86 kernels will safely ret instead of BSOD 2017-05-17 23:48:14 -06:00
zerosum0x0 4f3a98d434 add arch detection to shellcode 2017-05-17 23:36:17 -06:00
zerosum0x0 a5c391dae2 multi-arch ring0->ring3 shellcode .asm file (work in progress) 2017-05-17 23:29:05 -06:00
zerosum0x0 d944bdfab0 expect 0xC00000D 2017-05-17 23:05:20 -06:00
zerosum0x0 646ca14375 basic OS verification, ghetto socket read code 2017-05-17 22:48:45 -06:00
Brent Cook c59371dd5e add ruby backports compat library 2017-05-17 23:41:20 -05:00
wchen-r7 c0bf2cc6e7 Land #8401, Buffer Overflow on Sync Breeze Enterprise 9.4.28 2017-05-17 23:39:50 -05:00
wchen-r7 3360171977 Land #8319, Add exploit module for Mediawiki SyntaxHighlight extension 2017-05-17 23:23:50 -05:00
wchen-r7 1cc00b2944 Add vulnerable setup info in mediawiki_syntaxhighlight.md 2017-05-17 23:23:00 -05:00
wchen-r7 ca1f8da7e5 Get around encoding issues in mediawiki_syntaxhighlight.md 2017-05-17 22:50:56 -05:00
James Lee b78749bc1b
Land #8221, move autoroute 2017-05-17 15:17:45 -05:00
Pearce Barry d0b13544dd
Agreed-upon feedback updates. 2017-05-17 10:57:39 -05:00
Ilya Glotov d68a3d77f5
Move ENV command to the top 2017-05-17 18:18:58 +03:00
Ilya Glotov d2fb4a5ca1
Remove unnecessary code 2017-05-17 17:18:21 +03:00
Ilya Glotov baf297f60e
Add capabilities to nmap 2017-05-17 17:17:30 +03:00
Ilya Glotov f605db1217
Fix typo: postrgres -> postgres 2017-05-17 16:17:53 +03:00
Ilya Glotov 192125264f
Synchronize base ruby image with .ruby-version 2017-05-17 16:14:03 +03:00
Daniel Teixeira ad8788cc74 Update syncbreeze_bof.rb 2017-05-17 11:33:24 +01:00
Daniel Teixeira 5329ce56c4 Sync Breeze Enterprise GET Buffer Overflow 2017-05-17 10:53:28 +01:00
Daniel Teixeira 57eac49222 Add files via upload 2017-05-17 10:52:36 +01:00
lincoln 2f39daafc5 Updated module removing hardcoded binary payload strings 
-Used only nessessary pointers needed for exploit to work removing junk/filler chars
-Repaced ROP chain with generic from msvcrt (even though original was beautiful and smaller, uses hardcoded pointers for leave instructions)
-Cannot use ropdb since 4 byte junk char during generation may result in InvalidByteSequenceError during UTF conversion
-It's been some years since my last pull request...so I might be a bit rusty to new Metasploit standards (please forgive me!)
 2017-05-16 23:22:42 -07:00
William Webb 7e2dab4ddc
Land #8303, Buffer Overflow on Dupscout Enterprise v9.5.14 2017-05-17 01:04:59 -05:00
zerosum0x0 6fb4040d11 add core buffer dump for OS version 2017-05-16 23:18:39 -06:00
William Vu 1f4ff30adb
Improve 200 fail_with in wp_phpmailer_host_header 
One. last. commit. Noticed this in the response body.
 2017-05-16 22:38:36 -05:00
William Vu 21e741b530
Comment out x86 targets in ms17_010_eternalblue.md 
Still under development.
 2017-05-16 19:52:44 -05:00
Jeffrey Martin 8d9561be3b
Land #8397, Secure (https) links in README.md 2017-05-16 17:33:12 -05:00
wchen-r7 11da7c7c81 Land #8394, Add Moxa Credential Recovery Module 2017-05-16 16:45:22 -05:00
wchen-r7 8025eb573a Enforce check 
Because we are not able to get our hands on the hardware for testing,
and that this module may trigger a backtrace if the UDP server isn't
Moxa, we force check to make sure that doesn't happen.
 2017-05-16 16:43:22 -05:00
wchen-r7 77a9676efb Land #8347, Add Serviio Media Server checkStreamUrl Command Execution 2017-05-16 16:20:39 -05:00
Metasploit 729f2a9ab8
Bump version of framework to 4.14.19 2017-05-16 14:09:45 -07:00
William Vu 6d81ca4208
Fix Array/String TypeError in ms17_010_eternalblue 2017-05-16 15:53:34 -05:00
William Vu e24de5f110
Fix Class/String TypeError in ms17_010_eternalblue 2017-05-16 15:41:16 -05:00
wchen-r7 58d65ce4b5 Land #8380, check for command injection in smtp email addresses 
aborts
 2017-05-16 15:36:22 -05:00
Patrick DeSantis d85d1de057 Merge pull request #1 from wchen-r7/pr8394_fix 
Pass msftidy for moxa_credentials_recovery.rb
 2017-05-16 16:11:10 -04:00
James Lee e3f4cc0dfd
Land #8345, WordPress PHPMailer Exim injection 
CVE-2016-10033
 2017-05-16 15:07:21 -05:00
wchen-r7 2d7f7f9aec Pass msftidy 2017-05-16 15:05:12 -05:00
William Vu 29b7aa5b9b Update fail_with for 200 (bad user?) 2017-05-16 15:03:42 -05:00
wchen-r7 e62fc3e93c Land #8376, Add BuilderEngine 3.5 Arbitrary file upload & exec exploit 2017-05-16 14:53:32 -05:00
wchen-r7 631267480d Update module description 2017-05-16 14:48:46 -05:00
William Vu 3893bc4d83 Update doc with new prestager command 2017-05-16 14:48:12 -05:00
wchen-r7 2ed8ae11b4 Add doc and make minor changes 2017-05-16 14:47:19 -05:00
Will e974782b28 Secure (https) links in README.md 
Secure (https) links in README.md
 2017-05-16 15:25:30 -04:00
William Vu 7c1dea2f02 Refactor prestager to work with newer Exim 
Apparently it doesn't like reduce with extract.
 2017-05-16 14:22:43 -05:00