adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
56,079 Commits 27 Branches 1,043 Tags
1116635477d8d168131048e52d055eeac7b0630a
Commit Graph

14009 Commits

Author SHA1 Message Date
L 1116635477 fixed 2020-04-27 10:50:09 -05:00
L 0516f6e5de Add shiro_rememberme_v124_deserialize Module 2020-04-27 10:50:09 -05:00
Christophe De La Fuente af239303d2 Land #13257, .NET Deserialization Library Improvements 2020-04-27 13:05:38 +02:00
gwillcox-r7 1bec0a9c19 Land #13291, Update outdated example_linux_priv_esc.rb code 2020-04-24 23:07:38 -05:00
Shelby Pace 640eb77403 Land #13260, add docker wincred module 2020-04-24 10:02:38 -05:00
Shelby Pace df8d6b7af1 add check for vulnerable path 2020-04-24 09:56:42 -05:00
bwatters-r7 1c757f90db bcoles suggestions 2020-04-22 18:08:58 -05:00
William Vu 823c29a127 Update post-RuboCop style in my recent modules 
Mostly 80 columns (yeah, I know) and additional whitespace to complement
the lack of alignment.
 2020-04-22 10:52:00 -05:00
William Vu c5df5355ac Update my module documentation to the new standard 
Also update CheckModule to match current style and best practices.
 2020-04-20 20:06:52 -05:00
h00die e2c792e80d rubocop 2020-04-19 17:23:54 -04:00
h00die e3869bc109 remove functions 2020-04-19 17:19:47 -04:00
William Vu a58200641f Add extra indentation as per GitHub discussion 2020-04-17 11:22:51 -05:00
William Vu 7fe0d4ddad Add another blank line 2020-04-17 11:05:01 -05:00
William Vu 4952ec3e5b Fix RuboCop's mistakes in recently landed modules 2020-04-17 10:21:17 -05:00
Alan Foster f2c3fc5f00 Rubocop recently landed modules 2020-04-17 11:55:04 +01:00
gwillcox-r7 d759fbaed3 Land #13259, Miscellaneous fixes for @wvu's modules and documentation 2020-04-16 22:10:10 -05:00
William Vu 966194d2b7 Remove tested admin password from default PASSWORD 2020-04-16 21:45:44 -05:00
bwatters-r7 b5df7e8147 Land #13102, Add UnRAID 6.8.0 Authentication bypass to RCE 
Merge branch 'land-13102' into upstream-master
 2020-04-16 17:18:55 -05:00
bwatters-r7 f0f403b48e Automated Rubocop fixes 2020-04-16 17:17:02 -05:00
bwatters-r7 15f4f7ea95 Land #13049, Add fileformat exploit for libnotify plugin 
Merge branch 'land-13049' into upstream-master
 2020-04-16 16:03:14 -05:00
bwatters-r7 a18a5fab68 Rubocop autocorrect and update docs to use ascending numbers 2020-04-16 16:00:56 -05:00
Spencer McIntyre 50cfb07cff Add the CVE reference and use Rex for base32 encoding 2020-04-16 13:21:10 -04:00
pasta 065e091384 add exploit for libnotify plugin 2020-04-16 12:28:17 -04:00
Spencer McIntyre 62a000fe32 Land #13193, add updates to the trusted service path LPE 2020-04-16 11:41:02 -04:00
bwatters-r7 b79faae2bd In AI we trust 2020-04-16 08:19:20 -05:00
William Vu cd9e5260f7 Note post-auth requirements in Nexus exploit 2020-04-15 20:25:05 -05:00
William Vu 4401e3654f Merge remote-tracking branch 'upstream/master' into bug/misc 
So we can grab the Nexus files from master.
 2020-04-15 20:24:44 -05:00
William Vu 0684966dcb Make better comments for the comment god 2020-04-15 18:24:28 -05:00
William Vu b7501c1f0c Add my standard print for CmdStager 
And comment some methods used by it.
 2020-04-15 18:06:48 -05:00
bwatters-r7 1b5d75f00c Alan updates, Rubocop complaints. 2020-04-15 17:47:17 -05:00
bwatters-r7 2166ab04ac First swipe at CVE-2019-15752 2020-04-15 16:52:45 -05:00
William Vu 6db312636d Add Nexus Repository Manager Java EL Injection RCE 2020-04-15 15:49:33 -05:00
William Vu 66d5f51e51 Remove Nexus content from this branch 
So the remaining changes can be PR'd separately.
 2020-04-15 15:48:09 -05:00
William Vu 07e77ef815 Update comments, once more with feeling 2020-04-15 15:47:51 -05:00
William Vu 57c13ca8b1 Clarify ThinkPHP exploit's PoC block comments 2020-04-15 15:47:51 -05:00
William Vu e8840563be Comment comments 2020-04-15 15:47:51 -05:00
William Vu 65d338d00e Note tested version in module 2020-04-15 15:47:51 -05:00
William Vu 5a91a1e54f Remove res.code == 200 check again 
It really isn't necessary when we're looking for just the header.
 2020-04-15 15:47:51 -05:00
William Vu 7dd3be507f Add wget CmdStager 2020-04-15 15:47:51 -05:00
William Vu e248e2ed43 Consolidate CmdStager flavors to symbols 
As per the API. Strings are fine, but they're supposed to be symbols.
 2020-04-15 15:47:51 -05:00
William Vu 99336f6bd3 Add ARTIFACTS_ON_DISK, since it uses CmdStager 
Whoops, forgot this when I changed it from ARCH_CMD.
 2020-04-15 15:47:51 -05:00
William Vu 6523dd81c9 Add comment clarifying build number 2020-04-15 15:47:51 -05:00
William Vu 3aa95f98eb Move RPORT back to where I prefer it 
It was next to SSL before because I wanted to indicate the port was SSL.
 2020-04-15 15:47:51 -05:00
William Vu 7cf7211b46 Refactor desktopcentral_deserialization check 2020-04-15 15:47:51 -05:00
William Vu 5cf0f888ee Remove notes-level version information 
Not sure I like this. Don't want people ot copypasta it.
 2020-04-15 15:47:51 -05:00
William Vu 287ce98155 Don't be lazy anymore and pack lengths as shorts 2020-04-15 15:47:51 -05:00
William Vu d9aa80268d Rearrange methods a bit 2020-04-15 15:47:50 -05:00
William Vu 3f8bff2b5a Fix bad regex on length of "Metasploit" string 
It won't match a char because it's a newline. While sticking "m" on the
end of the regex would work, there is zero reason we can't hardcode the
length, since the string is fixed.

irb(main):001:0> "\nhi" =~ /.hi/
=> nil
irb(main):002:0> "\nhi" =~ /.hi/m
=> 0
irb(main):003:0>
 2020-04-15 15:47:50 -05:00
William Vu 4bf2c5edf8 Rename exploit_class to constructor_class 2020-04-15 15:47:50 -05:00
William Vu 6276247bf8 Move Expect mixin to Msf::Exploit::Remote 
I don't think we'll ever see it used beyond remote exploits.
 2020-04-15 15:47:50 -05:00