adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
61,090 Commits 27 Branches 1,043 Tags
167e33dac0e98e59e6ecb4fc0ee701152f4eaba3
Commit Graph

2243 Commits

Author SHA1 Message Date
Grant Willcox 5b274770ef Update exploit code to add missing slashes to certain important parts of the code where the exploit might fail if a custom path is supplied, and also improve the error handling in the code overall 2021-06-14 15:02:38 -05:00
0xShoreditch 8eddecc858 Update apache_activemq_upload_jsp.rb 
Corrected a minor error where the URI and filesystem path were not separated.
 2021-06-13 07:27:56 +01:00
Grant Willcox 47633ac9e6 Land #15205, Fix TLS bug for gitlab file read RCE module to work on TLS enabled GitLab servers 2021-05-18 16:02:04 -05:00
William aee65a6d8d Fix indentation 2021-05-17 23:31:49 +08:00
William 5e04eec4fc Update fix 
Changing the regex to solve the bug

Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2021-05-17 23:27:12 +08:00
William e0f6700a7e Add empty line 2021-05-17 23:10:29 +08:00
William ce4748494a Fix whitespace issue 2021-05-17 23:07:05 +08:00
Grant Willcox e7983c3b6f Land #15192, Enforce Style/RedundantBegin for new modules 2021-05-17 09:51:57 -05:00
William 69b1f4bbc7 Bug fix 
Fix bug that prevent the module from working on SSL enabled GitLab server
 2021-05-16 14:23:16 +08:00
adfoster-r7 ac2c467121 Land #15011, Enhance analyze command API to understand modules' needs 2021-05-14 14:30:33 +01:00
Alan Foster 100da2f1b1 Enforce Style/RedundantBegin for new modules 2021-05-13 04:01:03 +01:00
Alan Foster 5a0360228f Update cockpit cms module 2021-05-12 17:20:31 +01:00
A Galway a9859af870 prints all cookies instead of just one 2021-05-07 14:52:26 +01:00
A Galway bf02dea70f rubocop 2021-05-07 13:28:17 +01:00
A Galway ba6584f761 altered login & rce requests to use cookie_jar api 2021-05-07 13:11:17 +01:00
Brendan Coles 4a93f15c80 Land #15136, Set microfocus_ucmdb_unauth_deser default payload to reverse_python 2021-05-02 10:27:05 +00:00
Pedro Ribeiro e6b605369e UCMDB: remove warning from docs and change Linux target to reverse_python 2021-05-02 16:53:02 +07:00
adfoster-r7 6c6d7699ed Land #14831, Add CookieJar support to http_client 2021-04-30 14:08:04 +01:00
h00die e39b065e06 vprint to print 2021-04-20 15:26:47 -04:00
h00die 51f9e1ae73 cockpit cms rce 2021-04-18 18:52:04 -04:00
A Galway 88f17c5128 cleanup and removes cookies filtering 2021-04-16 17:31:11 +01:00
A Galway fc55d74b80 http-client cookie jar support and tests 2021-04-16 12:24:21 +01:00
Christophe De La Fuente 1dfdb619a9 Update from code review 
- Set RPORT default value to 3000
- Use ternary operator
 2021-04-07 19:40:59 +02:00
Adam Cammack 6096d0f135 Remove superfluous default_cred? methods 2021-04-07 06:12:25 -05:00
Christophe De La Fuente 73a8b7aa5f Add Gitea and Gogs RCE modules and documentations 2021-03-31 16:47:29 +02:00
alanfoster 308a42e95b Fix apache_activemq_upload_jsp exploit module for Java 8 2021-03-20 15:26:34 +00:00
Spencer McIntyre aaf7e21def Update the microfocus_ucmdb_unauth_deser module to use the new mixin 
This updates the microfocus_ucmdb_unauth_deser module to use the new
Java Deserialization mixin. Unfortunately we do not have access to the
software for testing so these changes can not be verified.
 2021-03-11 12:09:29 -06:00
Spencer McIntyre d580e7d122 Fix some documentation, remove unnecessary code and fix a filename typo 2021-03-11 12:09:29 -06:00
Spencer McIntyre 8d2e644f4f Add a new Java Deserialization mixin and use it to set the shell 2021-03-11 12:09:29 -06:00
William Vu bcf7ad000b Add CheckModule to fingerprint VMware product 2021-03-05 17:25:37 -06:00
William Vu 33e52b0fb2 Update and refactor check 
Now with more science!
 2021-03-05 17:25:37 -06:00
William Vu 26f1c209b2 Add VMware vCenter Server CVE-2021-21972 exploit 2021-03-05 17:25:37 -06:00
dwelch-r7 319f15d938 Handle nil versions for rubygems 4 2021-02-25 16:47:49 +00:00
Alan Foster b06c5c12aa Rubocop recently landed modules continued 2021-02-25 14:13:40 +00:00
Spencer McIntyre 1d5a6e4a0b Land #14771, Add Apache Flink JAR Upload Java Code Execution 2021-02-23 09:19:56 -05:00
Brendan Coles 69031fa91f Add Apache Flink JAR Upload Java Code Execution 2021-02-22 23:00:57 +00:00
agalway-r7 8a339f54c1 Land #14734, updates and runs rubocop against recent modules 
Rubocop recently landed modules
 2021-02-19 13:48:47 +00:00
agalway-r7 275e9c5454 Land #14696, Further Zeitwerk lands to improve boot speed 
Zeitwerk rex folder
 2021-02-19 10:33:37 +00:00
Alan Foster 5b3fde7735 Rubocop recently landed modules 2021-02-16 15:08:08 +00:00
dwelch-r7 f6c3de5732 Land #14733, Add latest Rubocop rules 2021-02-12 16:18:13 +00:00
Alan Foster bed7ae2c78 Add latest rubocop rules 2021-02-12 13:31:51 +00:00
Christophe De La Fuente 85b7e85d0b Land #14671, Micro Focus Multiple Products Authenticated RCE (CVE-2020-11853) 2021-02-09 18:24:57 +01:00
Pedro Ribeiro 9881512833 Update modules/exploits/multi/http/microfocus_obm_auth_rce.rb 
Co-authored-by: cdelafuente-r7 <56716719+cdelafuente-r7@users.noreply.github.com>
 2021-02-09 14:18:47 +07:00
dwelch-r7 b95be3ed10 Zeitwerk rex folder 2021-02-08 12:24:12 +00:00
cgranleese-r7 3a2932b798 Migrate old uses of manual autocheck to use the new prepend autocheck 2021-02-02 10:15:46 +00:00
Pedro Ribeiro 7d9eb1e88b fix typo on LWSSO_COOKIE_KEY 2021-01-28 22:45:04 +07:00
Pedro Ribeiro c73fa70543 do the rubocop thing and add docs 2021-01-28 18:21:51 +07:00
Pedro Ribeiro a5725b823a add sploit 2021-01-28 17:41:06 +07:00
Pedro Ribeiro 191e772f06 fix issues highlighted by smcintyre-r7 2021-01-25 22:25:07 +07:00
Pedro Ribeiro fc0e221f5a add comment for self removal 2021-01-24 22:47:47 +07:00