adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
72,572 Commits 27 Branches 1,043 Tags
2390058b375decd201edcbcd6b33db24f599a16f
Commit Graph

738 Commits

Author SHA1 Message Date
Jack Heysel 11d58ef2e8 Land #18631, Improve vScalation Priv Esc Check 
This PR adds an improvement to the check method of the
vcenter_java_wrapper_vmon_priv_esc module. Before the module
would attempt to run stat on a file before checking if the file
existed on the system. This fixes that issue.
 2023-12-28 13:16:11 -05:00
jvoisin fc66cd1522 Improve a bit glibc_tunables_priv_esc 
- Fix some typos
- Add a check via `readelf` should `file` not be available
- Add a message before launching the exploit, since it might take some time to finish.
 2023-12-20 20:59:47 +01:00
Christophe De La Fuente fb26c93291 Land #18541, Glibc Tunables Privilege Escalation CVE-2023-4911 (Looney Tunables) 2023-12-20 20:04:21 +01:00
Jack Heysel 77fb5d02b2 Fixed up indentation and rubocop complaints 2023-12-20 13:16:32 -05:00
jheysel-r7 342492557d Apply suggestions from code review 2023-12-20 13:09:13 -05:00
jheysel-r7 6a16602a08 Apply suggestions from code review 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2023-12-20 13:08:33 -05:00
h00die 1e374403ec better check for vmon 2023-12-19 19:01:45 -05:00
Jack Heysel d65ceb9abc Rubocop 2023-12-19 13:54:23 -05:00
Jack Heysel b86df4820c Responded to comments from jvoisin 2023-12-19 13:50:09 -05:00
jheysel-r7 96241f509a Apply suggestions from code review 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2023-12-19 13:18:45 -05:00
Jack Heysel 065abf6b92 Rubocop, doc scenario update 2023-12-19 12:30:02 -05:00
Jack Heysel 44b4b3b5bc Update version parsing 2023-12-19 12:16:17 -05:00
Jack Heysel 4e61596e7a Check Build ID before running exploit 2023-12-19 12:15:35 -05:00
Jack Heysel e858628292 Execute python payload in memory 2023-12-19 00:46:11 -05:00
Jack Heysel 549ee43df9 Update docs description minor comments 2023-12-19 00:32:21 -05:00
Jack Heysel c6a6809700 Updated attribution 2023-12-18 19:41:49 -05:00
Jack Heysel df111afb06 Glibc Tunables Exploit 2023-12-14 18:28:43 -05:00
h00die f1fc6b7cdd review comments, adding new payloads 2023-12-01 16:06:48 -05:00
h00die b171b5e77c working cve-2022-0492 2023-11-28 15:16:18 -05:00
h00die 4ae62a431b not-working docker escape 2023-11-28 13:44:08 -05:00
h00die 2ca5ca1f63 stronger grep 2023-05-16 16:18:14 -04:00
h00die 6bee4f56d9 updates from review 2023-05-13 15:49:11 -04:00
h00die e692e927dc review fixes 2023-05-05 16:43:47 -04:00
h00die 95562e04aa sudoedit work 2023-05-02 18:39:59 -04:00
h00die d454b2e195 cve-2023-22809 2023-04-25 20:54:48 -04:00
h00die e7725e7b6d cve-2023-22809 2023-04-25 04:37:33 -04:00
bwatters 9c9eac28a7 Land #17874, VMware Workspace One Access mr_me Hekate LPE 
Merge branch 'land-17874' into upstream-master
 2023-04-18 19:29:39 -05:00
Jack Heysel de18ed438a Removed unnecessary require statement 2023-04-18 18:05:11 -04:00
Jack Heysel a2c23d18ef Added require builder statement 2023-04-18 16:01:14 -04:00
Jack Heysel ace2f42387 Changed ranking to Good 2023-04-14 15:15:40 -04:00
Jack Heysel 30cf40a4f1 VMware Workspace One Acces LPE 2023-04-12 15:36:17 -04:00
cgranleese-r7 c3a7da54d5 reduces code duplication 2023-04-04 10:27:11 +01:00
cgranleese-r7 40e6917b7f tests passing 2023-04-04 10:24:09 +01:00
dm-ct 38f7cbdfc6 Update zimbra_slapper_priv_esc.rb 
fixing reference to use an archive link as the sites down.
 2023-03-27 16:46:07 +01:00
cgranleese-r7 ec7347cd49 Land #17509, tomcat 7 priv esc on rhel based systems (cve-2016-5425) 2023-03-14 10:16:18 +00:00
h00die 8dfe58e617 review comment 
Co-authored-by: cgranleese-r7 <69522014+cgranleese-r7@users.noreply.github.com>
 2023-03-13 14:42:26 -04:00
adfoster-r7 656ded4b86 Add module notes 2023-02-08 15:46:07 +00:00
adfoster-r7 25ee41df68 Run rubocop on exploit modules 2023-02-08 15:20:32 +00:00
h00die a5a7d5dd10 correct cleanup and stabilization 2023-02-05 08:15:38 -05:00
h00die 561b42f105 use exploit retry function 2023-02-04 18:17:42 -05:00
h00die aff14e8e46 tocat to tomcat 2023-02-04 18:17:42 -05:00
h00die e30cae2e40 uncomment needed code 2023-02-04 18:17:42 -05:00
h00die 34b1e66f90 tomcat 8 priv esc on ubuntu prebuilt so file 2023-02-04 18:17:41 -05:00
h00die 2b09af78e1 tomcat 8 priv esc on ubuntu 2023-02-04 18:17:41 -05:00
Jack Heysel 6ab7e177f4 Land #17392, add F5 Big-IP priv esc module 
Add a privilege escalation module for F5 that uses
the unsecured MCP socket to create a new root account
 2023-02-02 15:10:33 -05:00
adfoster-r7 952a4fe37a Land #17581, modules: Check datastore ForceExploit before checking if session is root 2023-02-02 10:19:07 +00:00
bcoles ef87a63bde modules: Check datastore ForceExploit before checking if session is root 2023-02-02 18:17:02 +11:00
Grant Willcox 48a27ab555 Fix the remaining references to the old wiki site. 2023-02-01 21:25:06 -06:00
Ron Bowes cf172d22c8 Get rid of #String.hash in favour of UnixCrypt 2023-02-01 11:02:04 -08:00
Ron Bowes 1094221468 Merge branch 'rapid7:master' into f5-createuser-privesc 2023-02-01 10:20:43 -08:00