adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
57,534 Commits 27 Branches 1,043 Tags
1663bf31847b2cf92c736649c58c81adbce99272
Commit Graph

2659 Commits

Author SHA1 Message Date
Jeffrey Martin 35017886b8 Land #13935, Preliminary Version 6 2020-08-06 10:19:34 -05:00
bwatters fade2c76b5 Land #13904, Added Module: priviledged docker container escape 
Merge branch 'land-13904' into upstream-master
 2020-08-04 14:39:17 -05:00
Jeffrey Martin 9aa26d1208 Merge upstream into 6.x 2020-08-03 11:43:47 -05:00
stealthcopter 10e591ae24 Randomized exploit filenames 2020-07-30 17:35:30 +01:00
stealthcopter f424887536 Using upload_and_chmodx function and linting 2020-07-30 17:04:45 +01:00
stealthcopter f4ae295572 added autocheck mixin 2020-07-26 10:10:13 +01:00
Matthew Rollings be1fa2ae95 Update modules/exploits/linux/local/docker_privileged_container_escape.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2020-07-26 09:44:51 +01:00
Matthew Rollings 0533167418 Update modules/exploits/linux/local/docker_privileged_container_escape.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2020-07-26 09:44:38 +01:00
Matthew Rollings ce22c58a1d Update modules/exploits/linux/local/docker_privileged_container_escape.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2020-07-26 09:44:21 +01:00
Matthew Rollings 140bf04d87 Update modules/exploits/linux/local/docker_privileged_container_escape.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2020-07-26 09:44:07 +01:00
stealthcopter 3d3dcc503f Added docker priviledged container escape 2020-07-25 12:14:30 +01:00
Shelby Pace 3dbb63241c Land #13853, bpf signed ext privesc improvements 2020-07-22 14:09:17 -05:00
adfoster-r7 d34ab2bd98 Land #13859, remove fail_with call from exim4_deliver_message_priv_esc check method 2020-07-22 10:16:45 +01:00
Brendan Coles 96fea955d0 Remove fail_with from check method 2020-07-18 10:00:14 +00:00
William Vu d5d4716b1c Update TMSH escape reliability notes 
What's strange is that if the stars align, like if the system has been
"used" enough, the exploit is incredibly reliable. Maybe my test
environment is bonkers.
 2020-07-17 06:26:00 -05:00
William Vu c082ccd337 Make Meterpreter the default target 2020-07-17 06:10:53 -05:00
William Vu 1ae689ce5f Improve robustness by refactoring error handling 
tmshCmd.jsp is extremely unreliable!
 2020-07-17 05:23:42 -05:00
Brendan Coles fe773c0422 Use Msf::Exploit::Remote::AutoCheck and Msf::Post::Linux::Compile 2020-07-17 10:06:42 +00:00
Jeffrey Martin 65039a5091 Merge upstream into 6.x 2020-07-15 09:58:07 -05:00
adfoster-r7 7e7881fbfa Land #13730, Add Pandora FMS Events Remote Code Execution (CVE-2020-13851) module and docs 2020-07-11 13:10:47 +01:00
Jeffrey Martin c61f34ed16 Land #13596, [GSoC] SQLi library with support to MySQL (and MariaDB) 2020-07-10 13:45:47 -05:00
kalba-security 957042f0a3 Nuke redundant force-exploit advanced option 2020-07-09 17:24:19 -04:00
kalba-security df42399f61 Add installation instructions to docs 2020-07-09 17:20:07 -04:00
kalba-security dc34acd070 Push to test autocheck issue 2020-07-09 16:43:18 -04:00
kalba-security 6bb20f41d8 Code review changes 2020-07-09 15:21:13 -05:00
kalba-security 36397a3e8f Add cmdstager support 2020-07-09 15:21:12 -05:00
kalba-security 3ac3dcb3cf Incorporate suggestios from code review 2020-07-09 15:21:12 -05:00
kalba-security c2abb40890 Fix HTTP timeout 2020-07-09 15:21:12 -05:00
kalba-security 3eceeca911 Add Pandora FMS Events Remote Code Execution module and docs 2020-07-09 15:21:12 -05:00
William Vu 398c13a1b2 Add Mikhail Klyuchnikov's writeup as a reference 2020-07-08 14:36:42 -05:00
William Vu ee240393f4 Credit Mikhail Klyuchnikov for CVE-2019-19781 2020-07-08 14:35:16 -05:00
William Vu d726a2cdcb Fix a few final things 2020-07-07 12:06:05 -05:00
William Vu c8176b803a Add version information to the description 2020-07-06 16:24:22 -05:00
William Vu 7ef4cb64ad Tweak timeouts to avoid a race condition 2020-07-06 14:30:27 -05:00
William Vu be90526d5f Add vuln discovery credit and reference 2020-07-06 14:26:52 -05:00
William Vu 41bb4d3a8d Add dir_trav method back in 
I was wondering why I refactored it away. Oh, I needed it.
 2020-07-05 18:23:45 -05:00
William Vu 1f765d0e1f Upgrade CheckCodes, since the dir traversal passed 2020-07-05 16:29:53 -05:00
William Vu 6e7701ba21 Add rudimentary check method 2020-07-05 16:18:03 -05:00
William Vu 0417e88ff2 Add F5 BIG-IP TMUI RCE (CVE-2020-5902) 2020-07-05 15:22:15 -05:00
William Vu 36b5d237fa Make cmd/unix target types consistent to :unix_cmd 
There were some using :unix_command, and it was just an oversight.
 2020-07-05 11:16:47 -05:00
William Vu 01899d4843 Land #13787, AutoCheck mixin refactor with prepend 2020-07-01 14:49:03 -05:00
William Vu 08c1402be9 Land #13733, AnyDesk GUI CVE-2020-13160 exploit 2020-07-01 14:47:07 -05:00
William Vu ffc07d6c8f Merge remote-tracking branch 'upstream/master' into pr/13787 2020-07-01 14:42:16 -05:00
Spencer McIntyre a27bf9df38 Fix some grammatical mistakes and set a default target for anydesk 2020-07-01 15:27:33 -04:00
wvu-r7 e0fbc9fd05 Correct whitespace change 
Seems like a typo.
 2020-07-01 11:00:04 -05:00
Shelby Pace e2f6330755 Land #13725, fix error / clean up atutor exploit 2020-06-30 13:32:34 -05:00
William Vu 755d2d3261 Use subpar regex validation on LEAK_FILE 2020-06-30 11:17:26 -05:00
Alan Foster b841246536 Update autocheck to use prepend instead of include, add ForceExploit functionality 2020-06-30 11:40:46 +01:00
Niboucha Redouane 2c4ca04dca Rename the factory method for SQLi classes, and add a check on the class to instanciate 2020-06-27 14:51:54 +02:00
Jeffrey Martin aa6c037dbd refactor mixin as factory for sqli classes 2020-06-26 15:09:01 -05:00