adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
57,534 Commits 27 Branches 1,043 Tags
1663bf31847b2cf92c736649c58c81adbce99272
Commit Graph

14510 Commits

Author SHA1 Message Date
gwillcox-r7 d2b1d97b62 Land #13940, Compliance and Typo Edits for baldr_upload_exec 2020-08-06 11:25:31 -05:00
gwillcox-r7 2ca508c08e Further edits for RuboCop and msftidy_docs.rb compliance 2020-08-06 11:18:39 -05:00
gwillcox-r7 5c6530d9e5 Update module description and documentation to have a better description of what is going on and to also fix further copies of the typos that were pointed out. 2020-08-06 10:50:47 -05:00
Jeffrey Martin 35017886b8 Land #13935, Preliminary Version 6 2020-08-06 10:19:34 -05:00
bwatters ba7f1ea486 Land #13897, Fix dangling reference issue in cve_2020_0688_service_tracing.rb 
and filesystem.rb

Merge branch 'land-13897' into upstream-master
 2020-08-05 17:04:15 -05:00
Jericho 41e22992ff typo and touch-ups to desc 
typo and touch-ups to desc
 2020-08-04 16:59:57 -06:00
bwatters fade2c76b5 Land #13904, Added Module: priviledged docker container escape 
Merge branch 'land-13904' into upstream-master
 2020-08-04 14:39:17 -05:00
gwillcox-r7 6ed05df308 Land #13517, Documalis Free PDF Editor and Free PDF Scanner JPEG PDF Stack Buffer Overflow 2020-08-03 14:11:50 -05:00
gwillcox-r7 b64e843d9f Remove CVE reference for now until we can add in a proper CVE reference, fix some alignment issues for Notes section 2020-08-03 13:06:45 -05:00
Jeffrey Martin 9aa26d1208 Merge upstream into 6.x 2020-08-03 11:43:47 -05:00
gwillcox-r7 513f2dac9b Add in Notes section to exploit 2020-08-03 11:00:17 -05:00
gwillcox-r7 b13b3b3d77 Add in a temp valid CVE number to see if that will get builds to pass or not 2020-07-31 17:49:14 -05:00
gwillcox-r7 8ad94e5484 Remove trailing new line at end of the line that was causing the last commit to fail for reasons other than the CVE being missing 2020-07-31 17:47:58 -05:00
gwillcox-r7 2d5fa912c3 Apply fixes to documentation to fix some errors and make it msftidy_docs.rb compliant. Also apply RuboCop updates to the module 2020-07-31 17:36:51 -05:00
gwillcox-r7 e355bc783c Update the module's description and title to be more accurate, and also remove the EDB field and replace it with a temporary CVE field 2020-07-31 16:07:33 -05:00
gwillcox-r7 96859ba492 Add in the proper instructions corresponding to the gadgets that we use for the SEH handler overwrite within the exploit 2020-07-31 15:50:49 -05:00
gwillcox-r7 907bedca34 Edit up the exploit to correct the size calculation logic so it correctly calculates the maximum size of the payload and ensures we don't overrun this. 2020-07-31 15:36:37 -05:00
Spencer McIntyre a32d4c2a20 Land #13875, CVE-2020-8010 & CVE-2020-8012 2020-07-31 09:08:36 -04:00
stealthcopter 10e591ae24 Randomized exploit filenames 2020-07-30 17:35:30 +01:00
stealthcopter f424887536 Using upload_and_chmodx function and linting 2020-07-30 17:04:45 +01:00
gwillcox-r7 b6bce114ea Add in further edits to the library code to remove the possiblity of dangling handles and also update the module code accordingly. 2020-07-30 10:45:19 -05:00
Spencer McIntyre a7274afd46 Add an optional delay when executing PSExec commands 2020-07-30 09:45:22 -04:00
gwillcox-r7 2ef43ab7d0 Land #13920, CVE-2020-1147 SharePoint Deserialization RCE 2020-07-29 16:10:32 -05:00
gwillcox-r7 17c26b098b Ninja edit to make sure that if we fail to authenticate to the server, we return CheckCode::Unknown rather than CheckCode::Safe 2020-07-29 16:08:51 -05:00
Spencer McIntyre 4fa657d6eb Fix a bunch of documentation typos and minor code cleanups 2020-07-29 16:30:44 -04:00
Spencer McIntyre a886177b96 Land #13837, Add FreeBSD ip6_setpktopt Use-After-Free Privilege Escalation module 2020-07-29 15:40:47 -04:00
Spencer McIntyre 7af4297e86 Add the exploit for CVE-2020-1147 2020-07-29 11:58:38 -04:00
Shelby Pace 18b5ddbfdc Land #13891, add Baldr file upload rce 2020-07-28 17:20:21 -05:00
Shelby Pace 768d104f12 randomize os, delete payload 2020-07-28 17:19:26 -05:00
Shelby Pace 99cf54977f rubocop 2020-07-28 16:48:32 -05:00
Shelby Pace c79c9fc280 reverse xor arguments 2020-07-28 16:47:35 -05:00
Ege Balcı 26f869f860 Update modules/exploits/multi/http/baldr_upload_exec.rb 2020-07-28 11:07:46 +03:00
Ege Balcı fb745f78cc Update modules/exploits/multi/http/baldr_upload_exec.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-07-28 10:53:16 +03:00
Ege Balcı 5d49367726 Update modules/exploits/multi/http/baldr_upload_exec.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-07-28 10:52:37 +03:00
Ege Balcı fef9a23692 Update modules/exploits/multi/http/baldr_upload_exec.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-07-28 10:51:03 +03:00
h00die 5a40c6dc00 move config_changes 2020-07-27 15:35:05 -04:00
stealthcopter f4ae295572 added autocheck mixin 2020-07-26 10:10:13 +01:00
Matthew Rollings be1fa2ae95 Update modules/exploits/linux/local/docker_privileged_container_escape.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2020-07-26 09:44:51 +01:00
Matthew Rollings 0533167418 Update modules/exploits/linux/local/docker_privileged_container_escape.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2020-07-26 09:44:38 +01:00
Matthew Rollings ce22c58a1d Update modules/exploits/linux/local/docker_privileged_container_escape.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2020-07-26 09:44:21 +01:00
Matthew Rollings 140bf04d87 Update modules/exploits/linux/local/docker_privileged_container_escape.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2020-07-26 09:44:07 +01:00
Brendan Coles 95b99ce5cf Use Msf::Exploit::Remote::AutoCheck 2020-07-26 08:04:37 +00:00
Brendan Coles 476281d4bd Use Msf::Post::Unix.is_root? 2020-07-26 08:04:37 +00:00
Brendan Coles fbc77f7576 Add FreeBSD ip6_setpktopt Use-After-Free Privilege Escalation module 2020-07-26 08:04:37 +00:00
stealthcopter 3d3dcc503f Added docker priviledged container escape 2020-07-25 12:14:30 +01:00
wetw0rk 8421b1a956 fixes, and format 2020-07-24 15:50:00 -05:00
gwillcox-r7 35e48c83bb Add in call to session.fs.dir.rmdir() in library code and in the module as sometimes the file might not be deleted otherwise. 2020-07-24 15:39:19 -05:00
Ege Balcı 7985eafda0 Add Baldr Botnet Panel RCE Module 2020-07-24 07:45:43 +03:00
gwillcox-r7 b5b8630a5b Fix minor RuboCop mistake 2020-07-23 22:11:51 -05:00
gwillcox-r7 88c10de36f Add in proposed changes to cve_2020_0688_service_tracing.rb and filesystem.rb so that we can properly create mount points without dangling handle references 2020-07-23 21:44:18 -05:00