adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
59,982 Commits 27 Branches 1,043 Tags
2a48dd265d8bb200ed6d2ead53700a52bbccee32
Commit Graph

4036 Commits

Author SHA1 Message Date
Vladimir Ivanov 6e13a26fd3 Delete links to launchpad.support.sap.com in doc files 2021-03-22 11:03:53 +03:00
Vladimir Ivanov 42726a70c0 client.rb - library for auxiliary and exploit modules 
cve_2020_6207_solman_rce.rb - auxiliary module
cve_2020_6207_solman_rce.md - documentation for auxiliary module
cve_2020_6207_solman_rs.rb - exploit module
cve_2020_6207_solman_rs.md - documentation for exploit module
 2021-03-21 16:51:21 +03:00
bwatters 2c1869f9df Land #14907, Add exploit for CVE-2021-1732 
Merge branch 'land-14907' into upstream-master
 2021-03-18 14:29:59 -05:00
bwatters fb7a97077f Land #14875,CVE-2021-21978 - VMWare View Planner Harness 4.6.x < 4.6 Security Patch 1 Arbitrary File Upload RCE 
Merge branch 'land-14875' into upstream-master
 2021-03-18 12:06:12 -05:00
Grant Willcox b1c3c49eb5 Land #14757, nagios_xi_magpie_debug: add writable paths, improvements, cleanup, fixes 2021-03-16 17:43:43 -05:00
Spencer McIntyre 0bff88c0c0 Update the module metadata and add module docs 2021-03-16 10:40:34 -04:00
Brendan Coles e30d8db082 nagios_xi_magpie_debug: add writable paths, improvements, cleanup, fixes 
Resolve Rubocop violations
Fix off-by-one in array index triggered when no file upload succeeds
Fix cleanup: ensure files are removed when upload succeeds but execution fails
Add AutoCheck
Add module notes
Add error handling and associated operator feedback
Add additional writable paths required for some old Nagios versions
Add fallback to session as `apache` if privlege escalation fails
Update documentation in line with above changes and fix software download links
 2021-03-16 07:13:55 +00:00
bwatters ae5d31cb39 Land # 14776, Add Window Server 2012 SrClient DLL Hijacking local exploit module 
Merge branch 'land-14776' into upstream-master
 2021-03-15 14:34:35 -05:00
kalba-security 98c04eae6c Remove TODO comment, update documentaton to include WAIT_FOR_TIWORKER option. 2021-03-15 07:51:12 -04:00
Alan Foster 9a92ac87a1 Ensure documentation files have md extension 2021-03-15 10:24:50 +00:00
Grant Willcox 4f2e299d8f Update the exploit to use Python as its payload since this is a lot more flexible, allows Meterpreter, returns a shell faster, and we are already injecting into and executing a Python file 2021-03-14 00:00:06 -06:00
Grant Willcox c2c5db95d8 Add in documentation and fix some mistakes in the description of the module 2021-03-14 00:00:05 -06:00
Grant Willcox 8dce1acd64 Land #14794, dup_scout_enterprise_login_bof: Add v9.9.14 target and auto targeting 2021-03-12 12:07:57 -06:00
Spencer McIntyre d580e7d122 Fix some documentation, remove unnecessary code and fix a filename typo 2021-03-11 12:09:29 -06:00
Spencer McIntyre a227d00275 Add additional setup notes for some modules 2021-03-11 12:09:29 -06:00
Spencer McIntyre 8d2e644f4f Add a new Java Deserialization mixin and use it to set the shell 2021-03-11 12:09:29 -06:00
Shelby Pace fbd6f19d04 Land #14846, add HPE SIM unauth AMF deser rce 2021-03-08 16:50:49 -06:00
Grant Willcox 514d46bd4d Rubocop module again and also update the documentation to reflect recent changes 2021-03-08 16:08:36 -06:00
William Vu 729994d4af Update module doc 2021-03-05 17:25:37 -06:00
William Vu 7bbb4cc09a Add module doc 2021-03-05 17:25:37 -06:00
Grant Willcox 59d7288773 RuboCop module and fix small spelling mistake in documentation 2021-03-04 18:48:19 -06:00
Grant Willcox f193caa48e Also make sure that the default option is to use Windows Powershell since this supports Meterpreter and is generally a lot more reliable 2021-03-04 18:40:21 -06:00
Grant Willcox 3ef8fcd996 Update module to fix an extra print statement and write documentation 2021-03-03 10:14:41 -06:00
Brendan Coles 3da8fce9cf Add Microsoft Windows RRAS Service MIBEntryGet Overflow 2021-03-03 02:50:42 +00:00
Grant Willcox 2124ec25ba Rename files and update the exploit module title to better reflect its purpose. Also fix a minor RuboCop related change 
Fix up documentation to reflect recent file renaming changes.
 2021-02-26 14:32:37 -06:00
Grant Willcox 32ad2908d6 Update documentation file to point out this only grabs info on logged in users, and to fix some msftidy_docs.rb issues and clear up some explanations 2021-02-26 14:32:36 -06:00
RAMELLA Sébastien eb5f418fe2 fix. some rubocop recommendations 2021-02-26 14:32:21 -06:00
RAMELLA Sébastien a0f5da45e3 update module documentation 2021-02-26 14:32:20 -06:00
RAMELLA Sébastien 7eb91e76ab add. fortios path traversal (cve-2018-13379) 2021-02-26 14:32:13 -06:00
Grant Willcox 6d939c16ce Land #14783, Update KarjaSoft Sami FTP Server v2.0.2 USER Overflow module 2021-02-26 11:17:05 -06:00
Brendan Coles 743248d993 Update KarjaSoft Sami FTP Server v2.0.2 USER Overflow module 2021-02-25 20:53:30 +00:00
Brendan Coles f89d67df19 dup_scout_enterprise_login_bof: Add v9.9.14 target and auto targeting 2021-02-25 17:14:25 +00:00
bwatters 7cdd41df76 Land #14544, RDP Web Login User Enumeration Auxiliary Module 
Merge branch 'land-14544' into upstream-master
 2021-02-24 16:10:41 -06:00
bwatters 18f6245637 Land #14648, Process Herpaderping evasion module 
Merge branch 'land-14648' into upstream-master
 2021-02-24 11:39:47 -06:00
Spencer McIntyre 8c1721b845 Land #14766, Add Apache Flink JobManager Traversal 2021-02-23 10:16:42 -05:00
Spencer McIntyre 1d5a6e4a0b Land #14771, Add Apache Flink JAR Upload Java Code Execution 2021-02-23 09:19:56 -05:00
Brendan Coles 8a6c6d18fb Add Apache Flink JobManager Traversal 2021-02-22 23:03:58 +00:00
Brendan Coles 69031fa91f Add Apache Flink JAR Upload Java Code Execution 2021-02-22 23:00:57 +00:00
Spencer McIntyre 4d20e382a0 Land #14784, Update ScadaBR Credentials Dumper module 2021-02-22 15:55:14 -05:00
Brendan Coles bc1ffec2c1 Update ScadaBR Credentials Dumper module 2021-02-22 20:32:55 +00:00
Tim W edea755096 Land #14740, CVE-2021-3156 Sudo LPE (AKA: Baron Samedit) Improvements 2021-02-22 17:48:33 +00:00
kalba-security 68d4b197fa Add SrClient DLL Hijacking local exploit module and docs 2021-02-18 13:50:28 -05:00
Christophe De La Fuente bbdaf23672 Land #14576, Wordpress Plugin: Chopslider 3 SQLi 2021-02-18 11:49:07 +01:00
k0pak4 9391480cb7 Update documentation with additional options and reference 2021-02-15 18:34:23 -05:00
Christophe De La Fuente ab9dd177b7 Add kernel file version check to avoid BSOD on Win10 x86 2021-02-15 21:10:10 +01:00
A Galway f227e82600 Land #14730, OBM Local PrivEsc to SYSTEM 2021-02-15 10:24:34 +00:00
Jeffrey Martin dbce3982fd Land #14067, [GSoC] Module for CVE-2019-13375, and PostgreSQL support for the library 2021-02-14 12:11:09 -06:00
h00die 28aa29fcab updates from review 2021-02-13 15:11:39 -05:00
Shelby Pace c1e2cfd9e7 Land #14744, add Klog Server unauth cmd injection 2021-02-12 11:40:57 -06:00
Brendan Coles bdc2041c83 Add Klog Server authenticate.php user Unauthenticated Command Injection 2021-02-12 17:07:52 +00:00