adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
57,534 Commits 27 Branches 1,043 Tags
1663bf31847b2cf92c736649c58c81adbce99272
Commit Graph

6634 Commits

Author SHA1 Message Date
Jeffrey Martin 35017886b8 Land #13935, Preliminary Version 6 2020-08-06 10:19:34 -05:00
bwatters ba7f1ea486 Land #13897, Fix dangling reference issue in cve_2020_0688_service_tracing.rb 
and filesystem.rb

Merge branch 'land-13897' into upstream-master
 2020-08-05 17:04:15 -05:00
gwillcox-r7 6ed05df308 Land #13517, Documalis Free PDF Editor and Free PDF Scanner JPEG PDF Stack Buffer Overflow 2020-08-03 14:11:50 -05:00
gwillcox-r7 b64e843d9f Remove CVE reference for now until we can add in a proper CVE reference, fix some alignment issues for Notes section 2020-08-03 13:06:45 -05:00
Jeffrey Martin 9aa26d1208 Merge upstream into 6.x 2020-08-03 11:43:47 -05:00
gwillcox-r7 513f2dac9b Add in Notes section to exploit 2020-08-03 11:00:17 -05:00
gwillcox-r7 b13b3b3d77 Add in a temp valid CVE number to see if that will get builds to pass or not 2020-07-31 17:49:14 -05:00
gwillcox-r7 8ad94e5484 Remove trailing new line at end of the line that was causing the last commit to fail for reasons other than the CVE being missing 2020-07-31 17:47:58 -05:00
gwillcox-r7 2d5fa912c3 Apply fixes to documentation to fix some errors and make it msftidy_docs.rb compliant. Also apply RuboCop updates to the module 2020-07-31 17:36:51 -05:00
gwillcox-r7 e355bc783c Update the module's description and title to be more accurate, and also remove the EDB field and replace it with a temporary CVE field 2020-07-31 16:07:33 -05:00
gwillcox-r7 96859ba492 Add in the proper instructions corresponding to the gadgets that we use for the SEH handler overwrite within the exploit 2020-07-31 15:50:49 -05:00
gwillcox-r7 907bedca34 Edit up the exploit to correct the size calculation logic so it correctly calculates the maximum size of the payload and ensures we don't overrun this. 2020-07-31 15:36:37 -05:00
Spencer McIntyre a32d4c2a20 Land #13875, CVE-2020-8010 & CVE-2020-8012 2020-07-31 09:08:36 -04:00
gwillcox-r7 b6bce114ea Add in further edits to the library code to remove the possiblity of dangling handles and also update the module code accordingly. 2020-07-30 10:45:19 -05:00
Spencer McIntyre a7274afd46 Add an optional delay when executing PSExec commands 2020-07-30 09:45:22 -04:00
gwillcox-r7 17c26b098b Ninja edit to make sure that if we fail to authenticate to the server, we return CheckCode::Unknown rather than CheckCode::Safe 2020-07-29 16:08:51 -05:00
Spencer McIntyre 4fa657d6eb Fix a bunch of documentation typos and minor code cleanups 2020-07-29 16:30:44 -04:00
Spencer McIntyre 7af4297e86 Add the exploit for CVE-2020-1147 2020-07-29 11:58:38 -04:00
h00die 5a40c6dc00 move config_changes 2020-07-27 15:35:05 -04:00
wetw0rk 8421b1a956 fixes, and format 2020-07-24 15:50:00 -05:00
gwillcox-r7 35e48c83bb Add in call to session.fs.dir.rmdir() in library code and in the module as sometimes the file might not be deleted otherwise. 2020-07-24 15:39:19 -05:00
gwillcox-r7 b5b8630a5b Fix minor RuboCop mistake 2020-07-23 22:11:51 -05:00
gwillcox-r7 88c10de36f Add in proposed changes to cve_2020_0688_service_tracing.rb and filesystem.rb so that we can properly create mount points without dangling handle references 2020-07-23 21:44:18 -05:00
wetw0rk 938342793e removed vuln-confirmation 2020-07-23 09:46:13 -05:00
wetw0rk dbd6129ec4 if-vuln-check 2020-07-23 09:32:04 -05:00
Shelby Pace bf4d0bf6ee Land #13828, add Zentao Pro rce 2020-07-22 09:42:11 -05:00
Shelby Pace be95c0e17e include autocheck 2020-07-22 09:40:25 -05:00
Shelby Pace 6c066a97ed add bcoles suggestions 2020-07-22 09:39:17 -05:00
wetw0rk 3d0a7313ef nimsoft sploit 2020-07-21 11:19:23 -05:00
wetw0rk d7ae3bd20c CVE-2020-8010 & CVE-2020-8012 aka Sing About Me, I'm Dying Of Thirst 2020-07-19 17:57:55 -05:00
Erik Wynter 368adc26ef Update zentao_pro_rce.rb 2020-07-17 18:12:27 -04:00
Spencer McIntyre ffebf48242 Land #13830, Add QEMU/KVM target for CVE-2019-0708 2020-07-16 16:00:16 -04:00
bwatters eb863048f0 Land #13741, CVE-2020-5741: Plex rce on Windows 
Merge branch 'land-13741' into upstream-master
 2020-07-16 10:20:50 -05:00
Shelby Pace 9c32b45ca2 remove CheckCode returns in login 2020-07-15 20:06:15 -05:00
Tod Beardsley 637b9ab51d Add CVE-2020-7361 reference 2020-07-15 15:40:51 -05:00
Jeffrey Martin 65039a5091 Merge upstream into 6.x 2020-07-15 09:58:07 -05:00
kalba-security 2d3588c0ad Add suggestions from code review 2020-07-13 12:51:57 -04:00
Stefan Pietsch 4c1b075679 Add QEMU/KVM target for CVE-2019-0708 2020-07-08 23:32:16 +02:00
kalba-security 1f631e20ad Add zentao_pro_rce Windows exploit and docs 2020-07-08 15:13:45 -04:00
h00die 456bf6b948 update escapes 2020-07-07 01:17:26 -04:00
Spencer McIntyre 700d2ff819 Fix the SMB share for the psexec command target 2020-07-06 10:36:25 -04:00
Spencer McIntyre 9dc02229e9 Support ARCH_CMD payloads in the psexec exploit module 2020-07-06 10:33:03 -04:00
h00die 89332d0056 native python for plex unpickle 2020-07-03 19:37:18 -04:00
Alan Foster b841246536 Update autocheck to use prepend instead of include, add ForceExploit functionality 2020-06-30 11:40:46 +01:00
h00die a99a3c2d75 working albumn_name length thanks to acammack 2020-06-30 00:28:57 -04:00
Alan Foster a754225ba5 update deprecation notice to have a reason 2020-06-25 12:17:31 -04:00
h00die 94cc286689 update docs and 401 handling code 2020-06-24 21:05:23 -04:00
gwillcox-r7 0dde85f562 Land #13739, Cisco AnyConnect Priv Esc via Path Traversal 2020-06-24 17:47:52 -05:00
gwillcox-r7 15de510623 Add in RuboCop and msftidy_docs.rb fixes 2020-06-24 17:19:21 -05:00
Christophe De La Fuente 5f64444d4f Update module and documentation from code review 2020-06-24 23:34:26 +02:00