adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
56,079 Commits 27 Branches 1,043 Tags
1116635477d8d168131048e52d055eeac7b0630a
Commit Graph

28524 Commits

Author SHA1 Message Date
L 1116635477 fixed 2020-04-27 10:50:09 -05:00
L 0516f6e5de Add shiro_rememberme_v124_deserialize Module 2020-04-27 10:50:09 -05:00
Christophe De La Fuente af239303d2 Land #13257, .NET Deserialization Library Improvements 2020-04-27 13:05:38 +02:00
gwillcox-r7 c5136b056a Land #13100, Add MeterpreterDebugLevel support and fixes to OSX stager 2020-04-25 15:38:18 -05:00
gwillcox-r7 9799ec3e44 Land #13330, Update meterpreter payloads to 1.4.1 2020-04-25 14:38:52 -05:00
gwillcox-r7 1bec0a9c19 Land #13291, Update outdated example_linux_priv_esc.rb code 2020-04-24 23:07:38 -05:00
Brent Cook bee800034b Update cached payload sizes 2020-04-24 12:02:45 -05:00
Shelby Pace 640eb77403 Land #13260, add docker wincred module 2020-04-24 10:02:38 -05:00
Shelby Pace df8d6b7af1 add check for vulnerable path 2020-04-24 09:56:42 -05:00
gwillcox-r7 8265759c13 Land #13319, Updates to f5 mgmt module docs and module docs template 2020-04-24 09:08:38 -05:00
h00die 46d76fa4f0 fix review comments 2020-04-24 06:42:49 -04:00
Tim W 5234d6067c add MeterpreterDebugLevel option for osx meterpreter 2020-04-24 15:13:57 +08:00
h00die 5dd67af6f1 flip gatherpoof 2020-04-23 05:52:05 -04:00
gwillcox-r7 c264d83fba Land #13253, Add VMware vCenter Server vmdir Information Disclosure and Authentication Bypass 2020-04-22 21:50:26 -05:00
William Vu 00b28da98c Move username and password check to top of run 
Check the options first, since they're unrequired. Missed this.
 2020-04-22 20:36:27 -05:00
bwatters-r7 c7670c6594 Land #11967, Add screenshare post module for mouse and keyboard input 
Merge branch 'land-11967' into upstream-master
 2020-04-22 19:37:09 -05:00
bwatters-r7 1c757f90db bcoles suggestions 2020-04-22 18:08:58 -05:00
William Vu ef68c66d31 Persist base_dn value, since the code is stable 
I wasn't sure before. We should be able to rely on @base_dn doing the
right thing now. There is no need to check the value every time.

Practically, I think the base DN will always be dc=vsphere,dc=local.
 2020-04-22 17:38:12 -05:00
William Vu 0c0de73afa Reformat post-RuboCop code, mostly to 80 columns 
Now with more horizontal space!
 2020-04-22 17:38:12 -05:00
William Vu 0dc6ac7133 RuboCop for the RuboCop gods 2020-04-22 17:38:12 -05:00
William Vu 6b44f896b7 Fix it again 
I think this is what I was going for.
 2020-04-22 17:38:12 -05:00
William Vu df5e673cf5 Fix typo 2020-04-22 17:38:12 -05:00
wvu-r7 00949ccfe5 Prefer safe navigation operator with inline block 
Makes the expression a little simpler.

Co-Authored-By: bcoles <bcoles@gmail.com>
 2020-04-22 17:38:12 -05:00
William Vu b810f44fde Remove ill-fated VMware advice 2020-04-22 17:38:12 -05:00
William Vu 2dccfdd864 Reduce false positives when testing any LDAP 2020-04-22 17:38:12 -05:00
William Vu d466f269c3 Dump password and lockout policy from LDAP data 2020-04-22 17:38:12 -05:00
William Vu 676ab353ff Rename aux/gather/vmware_vcenter_vmdir{,_ldap} 2020-04-22 17:38:12 -05:00
William Vu 0bacda8117 Use auxiliary/gather/vmware_vcenter_vmdir as check 2020-04-22 17:38:12 -05:00
William Vu 4fadbfb48e Update auxiliary/gather/vmware_vcenter_vmdir 
It should return CheckCodes now and the base DN when vulnerable.
 2020-04-22 17:38:12 -05:00
William Vu 9d59be8dc6 Add auxiliary/gather/vmware_vcenter_vmdir again 2020-04-22 17:38:11 -05:00
William Vu 9633f5daf4 Exploit an LDAP auth bypass to add an admin user 
Thanks to JJ Lehmann and Ofri Ziv of Guardicore Labs for their work.

https://www.guardicore.com/2020/04/pwning-vmware-vcenter-cve-2020-3952/
 2020-04-22 17:38:11 -05:00
William Vu 8b74fd6605 Move discover_base_dn method to mixin 2020-04-22 17:38:11 -05:00
William Vu 88fcf4b9a2 Add and use new LDAP mixin 2020-04-22 17:38:11 -05:00
William Vu 852ba1d36d Add VMware vCenter vmdir info disclosure module 2020-04-22 17:38:11 -05:00
gwillcox-r7 546333b227 Land #13252, UUID support for OSX x64 reverse_tcp stager 2020-04-22 16:36:10 -05:00
gwillcox-r7 0bd3847cf4 Quick patch to fix the RequiresMidstager values as OSX doesn't use them 2020-04-22 16:34:01 -05:00
William Vu 823c29a127 Update post-RuboCop style in my recent modules 
Mostly 80 columns (yeah, I know) and additional whitespace to complement
the lack of alignment.
 2020-04-22 10:52:00 -05:00
Tim W 983ebfc0bb fix documentation and add osx platform 2020-04-22 18:50:05 +08:00
Tim W d095b667ae fix rubocop 2020-04-22 12:38:49 +08:00
Tim W 63b46839f5 fix firefox keys 2020-04-22 12:37:48 +08:00
Tim W 33c63b1056 add description 2020-04-22 12:37:48 +08:00
Tim W ef368e043d use espia for screenshots on windows 2020-04-22 12:37:48 +08:00
Tim W 10f89eec69 default to localhost 2020-04-22 12:37:48 +08:00
Tim d62e68e355 Apply suggestions from code review 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2020-04-22 12:37:48 +08:00
Tim W 25b2fa8335 add mouse move events 2020-04-22 12:37:48 +08:00
Tim W 17174beecb fix event sequencing 2020-04-22 12:37:48 +08:00
Tim W 8cb2460f08 fix screenshare 2020-04-22 12:37:48 +08:00
Tim W c673f85b58 Add initial commit of screenshare module 2020-04-22 12:37:48 +08:00
Spencer McIntyre 1615a68abf Land #13263, remove spaces from the Python stager 2020-04-21 12:55:02 -04:00
Mehmet İnce f174b71549 Recalculate payload cache sizes and update payload format 2020-04-21 16:06:36 +03:00