adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
67,028 Commits 27 Branches 1,043 Tags
04aa05faa2a07fdfb77b7e35e8b99d5d4dcd005f
Commit Graph

32712 Commits

Author SHA1 Message Date
bcoles 04aa05faa2 ms01_026_dbldecode: Use HttpClient; remove meterpreter code; fix stager 2022-07-03 18:22:55 +10:00
adfoster-r7 6b17905790 Land #16722, Fix notes for SideEffects and Reliability 2022-06-28 10:15:04 +01:00
bcoles 9087f86cce exploit/multi/misc/nomad_exec: Fix notes for SideEffects and Reliability 2022-06-28 17:02:51 +10:00
adfoster-r7 22a1e06f02 Land #16702, Fix reference URL link in hikvision_rtsp_bof.rb 2022-06-27 12:23:04 +01:00
Spencer McIntyre fb3d349969 Land #16676, Add 6th getsystem technique 2022-06-23 15:14:52 -04:00
Christophe De La Fuente 369c23a90b Revert to TECHNIQUE datastore option for backwards compatibility 2022-06-23 18:43:18 +02:00
Grant Willcox e4ce1c53dd Fix reference URL link 2022-06-22 15:49:43 -05:00
bwatters c7820048cd Land #16680, Add a Windows target for Confluence 
Merge branch 'land-16680' into upstream-master
 2022-06-21 17:56:32 -05:00
space-r7 7983f878a8 Land #16597, psh cmd adapter fix for encrypt shell 2022-06-21 09:47:05 -05:00
Spencer McIntyre 339114e3c0 Check the target platform for compatibility 2022-06-15 17:11:56 -04:00
Jeffrey Martin bcac5a1274 add missing payload tests 2022-06-15 14:34:08 -05:00
Spencer McIntyre dc3596525e Add Windows targets 2022-06-15 15:23:34 -04:00
Christophe De La Fuente 35e535415a getsytem module: use ACTION instead of TECHNIQUE datastore option 2022-06-14 15:31:33 +02:00
Christophe De La Fuente f804a58970 Add getsystem technique 6 Named Pipe Impersonation (Efs variant - AKA EfsPotato) 2022-06-14 15:31:15 +02:00
bwatters f6bd8fd020 Land #16571, Vcenter offline mdb extract 
Merge branch 'land-16571' into upstream-master
 2022-06-13 10:32:07 -05:00
Grant Willcox a075c676a6 Fix spacing issue 2022-06-10 08:47:41 -05:00
dwelch-r7 3f06e237b7 Correctly format the notes sections 2022-06-10 14:01:57 +01:00
Jack Heysel 67ea2bc23c Land #16630 Fix duplicate ntlm hash storage 
Net-NTLM (v1 and v2) hashes were being duplicated when
stored in the database due to the unique data in the challenge
dispite being the same. This fixes that issue
 2022-06-08 14:07:34 -04:00
Grant Willcox ab322d9318 Add minor review improvements for code readability and future travelers 2022-06-08 11:53:42 -05:00
Dan Staples a55aa8492c Add SAN support to impersonate_ssl module 2022-06-08 11:22:06 -04:00
bwatters 3875db78ae Land #16644, Add Exploit for CVE-2022-26134 (Confluence RCE) 
Merge branch 'land-16644' into upstream-master
 2022-06-07 16:00:37 -05:00
jheysel-r7 2b99967d0c Merge branch 'master' into fix/duplicate-netntlm 2022-06-07 11:42:51 -04:00
Grant Willcox 8584014af2 Land #16583, Bump payloads version to 2.0.93 2022-06-07 08:58:56 -05:00
Spencer McIntyre 1a06f69f95 Works through v7.18 now too 2022-06-06 22:03:21 -04:00
Spencer McIntyre 45c646afea Refactor #encode_ognl 2022-06-06 18:15:44 -04:00
Spencer McIntyre 2c0e034a18 Fix a couple of typos 2022-06-06 18:14:05 -04:00
bwatters c751ef46c9 Land #16635, Add 0-day MSWord RCE #Follina CVE-2022-30190 
Merge branch 'land-16635' into upstream-master
 2022-06-06 14:41:31 -05:00
Spencer McIntyre f55334f0fe Add version detection 2022-06-03 18:26:04 -04:00
Spencer McIntyre 76ec36a091 Remove the Windows targets for now 2022-06-03 16:50:13 -04:00
Spencer McIntyre 29a9ef686a Finish up a draft of the module 2022-06-03 16:47:02 -04:00
Spencer McIntyre cd6bbeb0ba WIP module 2022-06-03 15:27:13 -04:00
Kert Ojasoo 1dc61d02eb Update php_fpm_rce.rb 2022-06-03 11:23:53 +03:00
Christophe De La Fuente 474116d413 Land #16611, DotCMS File Upload to RCE Module (CVE-2022-26352) 2022-06-02 15:30:10 +02:00
RAMELLA Sébastien 3ab06461af fix. second review 2022-06-02 00:58:20 +04:00
RAMELLA Sébastien dd1814903c fix. SRVHOST default value 2022-06-02 00:07:15 +04:00
RAMELLA Sébastien 8c19a02835 fix. first review 2022-06-01 20:15:08 +04:00
space-r7 6d3ccab1be Land #16435, add Microsoft SQL Server sqli support 2022-06-01 10:27:48 -05:00
jheysel-r7 97caca4f6e Update modules/exploits/multi/http/dotcms_file_upload_rce.rb 
Co-authored-by: cdelafuente-r7 <56716719+cdelafuente-r7@users.noreply.github.com>
 2022-06-01 10:54:02 -04:00
Jack Heysel bea4207c62 Land PR #16607 - MyBB RCE Module (CVE-2022-24734) 
This exploit module leverages an improper input validation
vulnerability in MyBB prior to 1.8.30 to execute arbitrary
code in the context of the user running the application.
 2022-05-31 11:59:53 -04:00
Christophe De La Fuente dac355d9cf Land #16492, nfs_mount more intelligent mountability 2022-05-31 11:56:19 +02:00
RAMELLA Sébastien 7f89e92da3 add more informations about 2022-05-31 00:12:30 +04:00
Jack Heysel 2c02a607ee Responded to PR feedback 2022-05-30 14:46:54 -04:00
RAMELLA Sébastien 97921b4ed9 fix chmod 644 2022-05-30 22:11:35 +04:00
RAMELLA Sébastien dfc226cf5f add. Supposed 0day MSWord RCE 2022-05-30 21:23:18 +04:00
h00die c6936bd42f nfs mount more intelligent 2022-05-30 13:03:03 -04:00
Christophe De La Fuente b996f5ee49 Fixes from code review 2022-05-30 16:24:18 +02:00
Spencer McIntyre adcf45b0ff Fix the arch in #handle_connection too 
This fixes an issue with the adated peinject stage which supported both
x86 and x64 via a library that checked its own #arch.
 2022-05-27 16:42:14 -04:00
Spencer McIntyre 1466506069 Update the docs to be accurate 2022-05-27 14:41:06 -04:00
adfoster-r7 a98f9a69c4 Land #16621, Fix timeout of duplicated sessions 2022-05-27 17:30:56 +01:00
sjanusz 7b75bd6e27 Cache remote Python binary name 2022-05-27 10:21:59 +01:00