adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
68,051 Commits 27 Branches 1,043 Tags
052d233bd973e6a7e8b39da038962ceffa4cc6de
Commit Graph

1363 Commits

Author SHA1 Message Date
bcoles 5f92d9418d Modules: Fix Stability/SideEffects/Reliability notes for several modules 2022-10-01 17:54:59 +10:00
adfoster-r7 3a281234df Add feature flagged datastore rewrite, with support for option fallback lookups 2022-09-16 12:59:02 +01:00
bcoles 666a3efcfd ms10_092_schelevator: Cleanup 2022-08-19 15:19:28 +10:00
Grant Willcox 7df60f71b6 Remove SCHELEVATOR echo statement as its not needed anymore 2022-07-28 11:02:59 -05:00
Christophe De La Fuente 0e3fdd0799 Fix from code review 2022-06-29 19:18:47 +02:00
Christophe De La Fuente a9d3e7c758 Fix run_as module on x64 systems 2022-06-27 13:21:58 +02:00
Christophe De La Fuente 52a8191821 Fix vss_persistence module and remove Windows 7 target 2022-05-25 13:11:34 +02:00
Christophe De La Fuente 5fd18ef864 Fixes from review 2022-05-19 14:54:07 +02:00
Christophe De La Fuente 7992cb2072 Update vss_persistenceand persistence_exe modules to includes 
changes in `TaskScheduler` mixin
 2022-05-17 14:52:47 +02:00
Christophe De La Fuente 14cd7bc335 Add task scheduler mixin and update persistence_exe and vss_persistence modules 2022-05-17 14:52:47 +02:00
Jeff McJunkin d1034c8b57 s4u_persistence.rb: Allow all post-Vista builds 
Currently this module doesn't account for Server builds 2016 and above, nor Windows 10 builds. This PR fixes the `sysinfo` comparison to allow later builds.

Note: Many other modules have this problem, and it's probably worth Rapid7 staff time to standardize the usage of build comparisons inside modules.
 2022-04-21 15:33:42 -07:00
Spencer McIntyre 5de966cfb1 Land #16382, CVE-2022-26904 SuperProfile LPE 2022-04-07 12:52:39 -04:00
Grant Willcox 51e37bbe42 Add in process kill off code for Meterpreter sessions, seems I forgot to include this 2022-04-07 10:48:08 -05:00
Grant Willcox 4638067723 Fix RuboCop errors 2022-04-06 09:18:05 -05:00
Grant Willcox c8c91fcaf3 Add in fix to ensure that we can spawn sessions automatically on Windows 10 20H2 and other systems were we hit a bug with UAC prompts from the exploit DLL itself not triggering the payload 2022-04-05 19:16:48 -05:00
Grant Willcox db4b22df5e Update the exploit code to output errors in a better format, and fix a potential issue when trying to delete folders recursively. Also update exploit module to try kill msiexec.exe if its still running to prevent it holding onto handles when it shouldn't be. 2022-04-04 17:58:52 -05:00
Grant Willcox 57473850c1 Fix up RuboCop errors as last change made it so that we had an unless elsif statement which isn't valid in Ruby 2022-03-31 12:52:16 -05:00
Grant Willcox 743138abed Add in initial fixes from review and remove extra BREAKAWAY_FROM_JOB code changes not directly related to this PR as we'll raise a separate PR for those 2022-03-31 12:13:29 -05:00
Grant Willcox 51df37de87 Add in documentation and also update the module to handle NarratorQuickstart.exe which sometimes comes up and can lead to visual indicators 2022-03-28 17:53:53 -05:00
Grant Willcox bd3e0c1b53 Add in support for exploiting domain joined systems 2022-03-28 16:14:19 -05:00
Grant Willcox b408197cb7 Another round of RuboCop 2022-03-25 17:37:05 -05:00
Grant Willcox 393765a2f0 Add in UAC checks to ensure PromptOnSecureDesktop is set appropriately before attempting to exploit. Also clean up some of the extra code to prevent unneeded cmd level commands from running 2022-03-25 17:26:48 -05:00
Grant Willcox 56e21ae3a2 Update check code to now use cmd_exe as other call was hanging forever, and also update the check code to use Meterpreter functions if available vs always running shell commands. 2022-03-25 15:25:48 -05:00
Grant Willcox f7c271aaf4 Add in fixes from Spencer's quick initial review of module to address typos and proper check code return values 2022-03-25 14:14:56 -05:00
Grant Willcox e82c25841c RuboCop module to pass tests 2022-03-25 12:45:00 -05:00
Grant Willcox 561c5d513e Update module's on_new_session code 2022-03-25 12:16:44 -05:00
Grant Willcox 8e73710843 Add in on_new_session method to do automatic cleanup with supported session types. Think this is only Meterpreter at the moment 2022-03-24 14:36:29 -05:00
Grant Willcox e5c0259723 Add CREATE_BREAKAWAY_FROM_JOB flag to source files related to DLL generation, update the exploit source to denote how to clean up in case the payload can't clean up 2022-03-23 19:38:32 -05:00
Grant Willcox b1ce05f97c Add in updated Ruby code and also update the DLLs and prepend_migrate.rb to use the CREATE_BREAKAWAY_FROM_JOB flag with CreateProcess to break away from the job if the job has the JOB_OBJECT_LIMIT_BREAKAWAY_OK limit set to allow breakaway jobs 2022-03-23 17:47:25 -05:00
Grant Willcox 715082a960 Update exploit and module with new delay timing and latest copy of DLL 2022-03-21 12:05:48 -05:00
sjanusz bbf9e3163a Fix file reads on Windows for binary files 2022-03-21 12:47:39 +00:00
bwatters b4de9fa92a Land #16344, Add module for CVE-2022-21999 and More Railgun Definitions 
Merge branch 'land-16344' into upstream-master
 2022-03-16 08:37:05 -05:00
Shelby Pace 381b91de45 change wording in arch check 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2022-03-15 16:45:36 -05:00
space-r7 e96ec401bf add arch check, fix logic error, add aka note 2022-03-15 12:58:39 -05:00
space-r7 99664efed7 use full user name, add test output to docs 2022-03-14 09:15:36 -05:00
space-r7 07e6eef201 rename module, modify check 2022-03-10 17:02:58 -06:00
space-r7 bc9f64f043 use default printer in case target is server 
clean up code, add EnumPrinters definitions
 2022-03-10 16:45:20 -06:00
space-r7 aa87d5d387 add fixed definitions and exploit 2022-03-04 15:56:28 -06:00
bwatters 3f35524c61 Rubocop fixes 2022-03-03 13:02:55 -06:00
bwatters f0878f4d1a Improve check method and add autocheck 2022-03-03 12:52:05 -06:00
space-r7 40bb5e2afa correct return val for definition, add module 2022-02-25 18:13:49 -06:00
bwatters b69db83398 Land #16202, Add exploit for CVE-2022-21882 (Win32k LPE) 
Merge branch 'land-16202' into upstream-master
 2022-02-25 15:55:48 -06:00
Spencer McIntyre 2b0002031d Fix the minimum build number 
This particular change looks like a mistake. Build 17134 (v1803) is the
oldest that is supported.
 2022-02-24 11:24:20 -05:00
space-r7 5fb3dc1d8e add printer create / spooler settings logic 2022-02-18 17:51:24 -06:00
Spencer McIntyre 443bf1249a Remove all the old CVE-2021-1732 data 2022-02-18 15:25:39 -05:00
Spencer McIntyre bcd7cb1122 Writeup the module metadata and docs 2022-02-18 15:23:44 -05:00
Spencer McIntyre d92259f868 One exploit for CVE-2021-1732 and CVE-2022-21882 2022-02-18 15:23:38 -05:00
space-r7 0781e90ca2 add struct processing logic 2022-02-17 19:03:32 -06:00
h00die d5ba1afbec fix URLs not resolving 
fix URLs not resolving

add csv export to references

fix URLs not resolving

pdf not pd

missed a url change

remove extra recirectedfrom fields

remove extra file

fix ovftool url accidental replacement
 2022-02-16 17:22:40 -06:00
Grant Willcox 3af93cbacc Fix up changes from timwr's review so long 2021-11-09 10:36:50 -06:00