adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
59,982 Commits 27 Branches 1,043 Tags
2a48dd265d8bb200ed6d2ead53700a52bbccee32
Commit Graph

3630 Commits

Author SHA1 Message Date
Vladimir Ivanov 2a48dd265d Replace class var @@agents with a class instance var in auxiliary and exploit modules. 2021-03-22 12:13:04 +03:00
Vladimir Ivanov 42726a70c0 client.rb - library for auxiliary and exploit modules 
cve_2020_6207_solman_rce.rb - auxiliary module
cve_2020_6207_solman_rce.md - documentation for auxiliary module
cve_2020_6207_solman_rs.rb - exploit module
cve_2020_6207_solman_rs.md - documentation for exploit module
 2021-03-21 16:51:21 +03:00
Spencer McIntyre aaf7e21def Update the microfocus_ucmdb_unauth_deser module to use the new mixin 
This updates the microfocus_ucmdb_unauth_deser module to use the new
Java Deserialization mixin. Unfortunately we do not have access to the
software for testing so these changes can not be verified.
 2021-03-11 12:09:29 -06:00
Spencer McIntyre d580e7d122 Fix some documentation, remove unnecessary code and fix a filename typo 2021-03-11 12:09:29 -06:00
Spencer McIntyre 8d2e644f4f Add a new Java Deserialization mixin and use it to set the shell 2021-03-11 12:09:29 -06:00
Spencer McIntyre 2bd6b7abc7 Specify the modified_type when generating ysoserial payloads 
Fixes #13753
 2021-03-11 12:09:29 -06:00
Alan Foster f5edb5a105 Remove redundant rubocop disables 2021-03-11 17:23:44 +00:00
William Vu bcf7ad000b Add CheckModule to fingerprint VMware product 2021-03-05 17:25:37 -06:00
William Vu 33e52b0fb2 Update and refactor check 
Now with more science!
 2021-03-05 17:25:37 -06:00
William Vu 26f1c209b2 Add VMware vCenter Server CVE-2021-21972 exploit 2021-03-05 17:25:37 -06:00
dwelch-r7 319f15d938 Handle nil versions for rubygems 4 2021-02-25 16:47:49 +00:00
Alan Foster b06c5c12aa Rubocop recently landed modules continued 2021-02-25 14:13:40 +00:00
Spencer McIntyre 1d5a6e4a0b Land #14771, Add Apache Flink JAR Upload Java Code Execution 2021-02-23 09:19:56 -05:00
Brendan Coles 69031fa91f Add Apache Flink JAR Upload Java Code Execution 2021-02-22 23:00:57 +00:00
agalway-r7 8a339f54c1 Land #14734, updates and runs rubocop against recent modules 
Rubocop recently landed modules
 2021-02-19 13:48:47 +00:00
agalway-r7 275e9c5454 Land #14696, Further Zeitwerk lands to improve boot speed 
Zeitwerk rex folder
 2021-02-19 10:33:37 +00:00
Alan Foster 5b3fde7735 Rubocop recently landed modules 2021-02-16 15:08:08 +00:00
dwelch-r7 f6c3de5732 Land #14733, Add latest Rubocop rules 2021-02-12 16:18:13 +00:00
Alan Foster bed7ae2c78 Add latest rubocop rules 2021-02-12 13:31:51 +00:00
Christophe De La Fuente 85b7e85d0b Land #14671, Micro Focus Multiple Products Authenticated RCE (CVE-2020-11853) 2021-02-09 18:24:57 +01:00
Pedro Ribeiro 9881512833 Update modules/exploits/multi/http/microfocus_obm_auth_rce.rb 
Co-authored-by: cdelafuente-r7 <56716719+cdelafuente-r7@users.noreply.github.com>
 2021-02-09 14:18:47 +07:00
dwelch-r7 7fbbe23426 Remove more requires that were missed before 2021-02-08 14:51:58 +00:00
dwelch-r7 b95be3ed10 Zeitwerk rex folder 2021-02-08 12:24:12 +00:00
cgranleese-r7 3a2932b798 Migrate old uses of manual autocheck to use the new prepend autocheck 2021-02-02 10:15:46 +00:00
Alan Foster e0ab259880 Remove < character from Archive_Tar exploit module 2021-01-29 11:20:50 +00:00
Pedro Ribeiro 7d9eb1e88b fix typo on LWSSO_COOKIE_KEY 2021-01-28 22:45:04 +07:00
Pedro Ribeiro c73fa70543 do the rubocop thing and add docs 2021-01-28 18:21:51 +07:00
Pedro Ribeiro a5725b823a add sploit 2021-01-28 17:41:06 +07:00
Spencer McIntyre 74898461b4 Land #14654, Add exploit for Micro Focus UCMDB unauthenticated RCE 2021-01-27 10:00:22 -05:00
Pedro Ribeiro 191e772f06 fix issues highlighted by smcintyre-r7 2021-01-25 22:25:07 +07:00
Pedro Ribeiro fc0e221f5a add comment for self removal 2021-01-24 22:47:47 +07:00
Pedro Ribeiro 7220dc3ff6 add new note on broken payloads 2021-01-24 22:39:01 +07:00
Pedro Ribeiro 12157163f7 Merge branch 'obm_deser' into ucmdb 2021-01-24 22:25:57 +07:00
Pedro Ribeiro bf4ac7b1a8 add UCMDB sploit 2021-01-24 22:25:45 +07:00
Grant Willcox 6e326d6a60 Fix up confusing variable name and a typo as pointed out during review 2021-01-19 09:25:56 -06:00
Grant Willcox 95d3bd98ac Do msftidy_docs and rubocop changes 2021-01-15 18:10:23 -06:00
Grant Willcox 2f0abe4900 Add in documentation and fix up small issues with module 2021-01-15 18:06:07 -06:00
Grant Willcox 65370a6b47 Initial module code 2021-01-15 16:20:06 -06:00
h00die 7d7263cf1f spelling 2021-01-09 08:13:19 -05:00
h00die d8c55501a5 ait csv improter exploit 2021-01-01 12:14:52 -05:00
Grant Willcox 7de662c807 Land #14521, Struts2 Multi Eval OGNL RCE 2020-12-23 11:40:16 -06:00
Grant Willcox 70f8ff31f8 Update documentation to include missing extra options I forgot to document, edit the wording on the module to match the documentation, and do final touch ups. 2020-12-23 10:50:22 -06:00
Grant Willcox 8a932b847a Apply RuboCop edits 2020-12-22 17:57:38 -06:00
Grant Willcox 4a449f97d3 Land #14522, Replace hard-coded Shiro default key with ENC_KEY 2020-12-22 09:26:49 -06:00
Grant Willcox 7d0cb771a5 Apply RuboCop updates to module. 2020-12-21 17:31:24 -06:00
Grant Willcox 24e8aeffe5 Incorporate review feedback and update the associated documentation. 2020-12-21 17:29:21 -06:00
Christophe De La Fuente dc6b67f4c6 Land #14509, Fixes for Solr RCE 2020-12-18 21:51:06 +01:00
James Lee be3a1eb9d6 Guard against empty response 2020-12-16 18:25:17 -06:00
kai 9be1e8c295 replace hard-coded shiro default key with SHIROKEY 2020-12-16 11:03:30 +08:00
Spencer McIntyre 941ba923f7 Add missing module notes 2020-12-15 19:58:04 -05:00