adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
76,542 Commits 27 Branches 1,043 Tags
19c7cf04e05614b257500a43375b06ae237e8064
Commit Graph

334 Commits

Author SHA1 Message Date
jheysel-r7 5374c7b362 Merge pull request #19676 from h00die/needrestart 
Ubuntu needrestart LPE (CVE-2024-48990)
 2025-01-09 17:02:54 -08:00
jheysel-r7 a6ba7bf9c2 Merge pull request #19734 from h00die/runc_arch 
arch linux compatibility for runc priv esc
 2025-01-09 16:45:02 -08:00
h00die 437c9fc99e review of ubuntu_needrestart_lpe 2025-01-09 16:23:09 -05:00
Brendan 7ddffc790c Merge pull request #19460 from gardnerapp/game_overlay 
Land #19460, CVE-2023-2640, CVE-2023-32629 Game Overlay Ubuntu Privilege Escalation
 2024-12-18 14:44:57 -06:00
bwatters-r7 b7f477172f Update docs to reflect recent changes 2024-12-18 14:08:10 -06:00
h00die af462f7dcf arch linux compatibility for runc priv esc 2024-12-16 05:52:29 -05:00
h00die e41f5ad577 needrestart exploit updates 2024-11-27 15:41:23 -05:00
h00die d778f5469b needrestart improvements 2024-11-26 18:22:48 -05:00
h00die d4bd00d48e needrestart improvements 2024-11-25 16:38:18 -05:00
h00die 7fd82b89df offload files to data 2024-11-22 15:57:18 -05:00
h00die 94e5e49052 ubuntu needrestart lpe 2024-11-22 15:44:45 -05:00
h00die 0f6da56a52 vcenter sudo module 2024-11-21 04:34:15 -05:00
h00die 6bd049e346 operator working 2024-11-18 20:09:13 -05:00
gardnerapp 19770cf870 Remove unneeded file and rudocop corrections 
Update modules/exploits/linux/local/gameoverlay_privesc.rb

Co-authored-by: Brendan <bwatters@rapid7.com>

Give bwatters7 credit, add docs

Experiment with randomized bash copy and Rex::File.join

remove unused line

Add missing parenthesis

fix problem with bash copy

Remove rex::join, call proper method for generating payload

add exploit::exe mixin, bash copy randomization

Rubocop changes

Remove nc
 2024-11-18 17:01:08 -06:00
h00die f38661d6c3 pod user working 2024-11-18 07:30:21 -05:00
dledda-r7 3211edd83c docs: review changes 2024-10-09 12:18:35 -04:00
dledda-r7 2762132830 docs: adding motd_persistence docs 2024-10-08 11:22:13 -04:00
Takah1ro 6b64640f8b Update doc 2024-09-09 21:22:07 +09:00
Takah1ro b8f1bc3da2 Update doc 2024-09-09 08:40:08 +09:00
Takah1ro dc81711301 Make timeout user configurable 2024-09-06 08:24:14 +09:00
Takah1ro 3d20dd6ddf Add module: 
Linux Priv Esc (OverlayFS copying bug) CVE-2023-0386
 2024-09-05 22:54:55 +09:00
Jack Heysel 80ee458410 Land #19151, Add Flowmon Priv Esc Feature Module 
Privilege escalation module for Progress Flowmon unpatched feature
 2024-05-29 11:35:53 -04:00
Jack Heysel 2c6fc11639 Responded to comments, clean up /etc/sudoers file 2024-05-23 16:56:35 -04:00
Dave Yesland 0de89d3b2d Update documentation/modules/exploit/linux/local/progress_flowmon_sudo_privesc_2024.md 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2024-05-21 13:42:52 -07:00
Spencer McIntyre 80fdde5fdc Land #19100, Add Loadmaster sudo priv esc 
Add Kemp Progress Loadmaster sudo abuse priv esc
 2024-05-10 10:21:38 -04:00
bwatters b28e263a2b Update debug statements and add protection against bad die name 2024-05-10 08:54:23 -05:00
Spencer McIntyre 47c8d7252b Land #18519, Docker kernel module escape 2024-05-06 09:08:08 -04:00
bwatters b044bcab01 Add command payloads and checks for overwritten files 2024-05-03 13:06:16 -05:00
Spencer McIntyre ca669d8f08 Update docs to reflect changes 2024-05-01 13:45:20 -04:00
DaveYesland c2a561630d Add local privesc module for Flowmon 2024-05-01 09:07:34 -07:00
bwatters d94971598b Add documentation and fix some debug prints 2024-04-29 15:28:34 -05:00
RadioLogic 1c8c91096f Removed port being in documentation as it made no sense 2024-04-23 18:47:30 -04:00
fanqiaojun 6b2bdc893b chore: remove repetitive words 
Signed-off-by: fanqiaojun <fanqiaojun@yeah.net>
 2024-04-15 11:06:50 +08:00
RadioLogic cbbb6cbda4 Merge branch 'master' into docker-kernel-module-escape 2024-03-04 22:58:18 -05:00
Christophe De La Fuente 747d328bcb Land #18786, Fix option collision in service_persistence 2024-02-14 17:25:15 +01:00
lihe07 29524fa7f8 Fix option collision in service_persistence 
The option `SHELLPATH` collide with `cmd/unix/reverse_netcat`,
resulting in abnormal backdoors. This commit rename it to BACKDOOR_PATH
 2024-02-03 23:18:45 +08:00
h00die cf2f76e6a2 cve-2024-21626 review 2024-02-02 16:27:02 -05:00
h00die 1c73cf938f cve-2024-21626 2024-02-01 15:28:04 -05:00
Jack Heysel 904e34434e Land #18626, SaltStack Minion Deployer 
This PR adds an exploit module which allows for
a user who has compromised a host acting as a
SaltStack Master to deploy payloads to the Minions
attached to that Master.
 2024-01-23 11:58:38 -05:00
Christophe De La Fuente a8d46b3e7a Land #18627, Ansible: post gather module, payload deployer, and file reader 2024-01-17 15:26:25 +01:00
h00die e711c9ea43 ansible review 2024-01-10 17:16:57 -05:00
h00die 2cfcb74303 saltstack review 2024-01-10 17:09:02 -05:00
h00die e9296d1add saltstack review 2024-01-10 17:04:03 -05:00
h00die 80e9f1b97d saltstack salt-master review 2024-01-06 06:38:59 -05:00
h00die 11c12fcb6d review comments 2023-12-23 13:23:34 -05:00
h00die a5698f6aa6 review comments 2023-12-23 12:18:06 -05:00
Christophe De La Fuente fb26c93291 Land #18541, Glibc Tunables Privilege Escalation CVE-2023-4911 (Looney Tunables) 2023-12-20 20:04:21 +01:00
Jack Heysel 065abf6b92 Rubocop, doc scenario update 2023-12-19 12:30:02 -05:00
Jack Heysel 4e61596e7a Check Build ID before running exploit 2023-12-19 12:15:35 -05:00
Jack Heysel 549ee43df9 Update docs description minor comments 2023-12-19 00:32:21 -05:00