adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
59,982 Commits 27 Branches 1,043 Tags
2a48dd265d8bb200ed6d2ead53700a52bbccee32
Commit Graph

6880 Commits

Author SHA1 Message Date
bwatters 2c1869f9df Land #14907, Add exploit for CVE-2021-1732 
Merge branch 'land-14907' into upstream-master
 2021-03-18 14:29:59 -05:00
Wes 42df4495a7 abb_wserver_exec - add CVE reference 
add the cve for this

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5620
https://nvd.nist.gov/vuln/detail/CVE-2019-5620

cve was assigned years after public exploit code
 2021-03-17 15:58:21 -04:00
Wes 34674ce174 Update abb_wserver_exec.rb 
update advisory link 

#2708
 2021-03-17 09:59:15 -04:00
Spencer McIntyre 0bff88c0c0 Update the module metadata and add module docs 2021-03-16 10:40:34 -04:00
bwatters ae5d31cb39 Land # 14776, Add Window Server 2012 SrClient DLL Hijacking local exploit module 
Merge branch 'land-14776' into upstream-master
 2021-03-15 14:34:35 -05:00
Spencer McIntyre 2e3d98a36a Move the DLL injection code into a reusable function 2021-03-15 11:47:02 -04:00
kalba-security 98c04eae6c Remove TODO comment, update documentaton to include WAIT_FOR_TIWORKER option. 2021-03-15 07:51:12 -04:00
Spencer McIntyre f0a9a1deb3 Add the initial exploit for CVE-2021-1732 2021-03-12 17:30:22 -05:00
Grant Willcox 8dce1acd64 Land #14794, dup_scout_enterprise_login_bof: Add v9.9.14 target and auto targeting 2021-03-12 12:07:57 -06:00
Spencer McIntyre 8d2e644f4f Add a new Java Deserialization mixin and use it to set the shell 2021-03-11 12:09:29 -06:00
Shelby Pace fbd6f19d04 Land #14846, add HPE SIM unauth AMF deser rce 2021-03-08 16:50:49 -06:00
Grant Willcox 514d46bd4d Rubocop module again and also update the documentation to reflect recent changes 2021-03-08 16:08:36 -06:00
Grant Willcox 8479f01290 Improve the check logic to more accurately detect if a target is vulnerable or not 2021-03-08 15:59:26 -06:00
Grant Willcox 2e45962cc0 Change gsub! to gsub so that we don't end up with nil errors when a match isn't found 2021-03-08 15:11:58 -06:00
kalba-security ab632b93d1 Drop x86 target, add checks for Windows Update nil setting and for when TiWorker.exe is already running on the target 2021-03-06 10:47:59 -05:00
Grant Willcox 02e89947c7 Update check method to fix an incorrect check code, change from Appears to Detected 2021-03-05 11:16:24 -06:00
Grant Willcox 2b488800e6 Update the check method to eliminate potential false positives by searching for the presence of three strings that together should only be returned by HPE SIM web servers. 2021-03-05 11:14:30 -06:00
Spencer McIntyre 53f4d3f193 Land #14792, Apply fixes for invalid architecture checks to affected modules 
Fixes #14599
 2021-03-05 09:24:34 -05:00
Christophe De La Fuente 32899a61ea Land #14847, Add Microsoft Windows RRAS Service MIBEntryGet Overflow 2021-03-05 11:01:58 +01:00
Grant Willcox 59d7288773 RuboCop module and fix small spelling mistake in documentation 2021-03-04 18:48:19 -06:00
Grant Willcox f193caa48e Also make sure that the default option is to use Windows Powershell since this supports Meterpreter and is generally a lot more reliable 2021-03-04 18:40:21 -06:00
Grant Willcox d739bf7809 Fix up payload_template_adjustments function to use a simpler loop like structure as per space-r7 
's recommendations
 2021-03-04 18:34:45 -06:00
Grant Willcox 41794fe4e7 Remove redundant assignments of sysinfo["Architecture"] to unused "arch" variable 2021-03-04 15:54:38 -06:00
Grant Willcox 306e1979af First round of code adjustments per review comments 2021-03-04 12:38:11 -06:00
Grant Willcox 3ef8fcd996 Update module to fix an extra print statement and write documentation 2021-03-03 10:14:41 -06:00
Brendan Coles 3da8fce9cf Add Microsoft Windows RRAS Service MIBEntryGet Overflow 2021-03-03 02:50:42 +00:00
Grant Willcox f327d30e08 First attempt at CVE-2020-7200 module, with RuboCopped module 2021-03-02 16:38:19 -06:00
dwelch-r7 dc8fea2063 remove require 'faker' since we globally autoload it now 2021-03-02 13:59:32 +00:00
Grant Willcox 6d939c16ce Land #14783, Update KarjaSoft Sami FTP Server v2.0.2 USER Overflow module 2021-02-26 11:17:05 -06:00
Brendan Coles 743248d993 Update KarjaSoft Sami FTP Server v2.0.2 USER Overflow module 2021-02-25 20:53:30 +00:00
Brendan Coles f89d67df19 dup_scout_enterprise_login_bof: Add v9.9.14 target and auto targeting 2021-02-25 17:14:25 +00:00
dwelch-r7 319f15d938 Handle nil versions for rubygems 4 2021-02-25 16:47:49 +00:00
Alan Foster b06c5c12aa Rubocop recently landed modules continued 2021-02-25 14:13:40 +00:00
Grant Willcox f65b4155e5 Fix up modules to use more explicit reference to ARCH_X64 and to correctly check sysinfo['Architecture'] as per #14599 2021-02-22 18:47:46 -06:00
agalway-r7 8a339f54c1 Land #14734, updates and runs rubocop against recent modules 
Rubocop recently landed modules
 2021-02-19 13:48:47 +00:00
agalway-r7 275e9c5454 Land #14696, Further Zeitwerk lands to improve boot speed 
Zeitwerk rex folder
 2021-02-19 10:33:37 +00:00
kalba-security 68d4b197fa Add SrClient DLL Hijacking local exploit module and docs 2021-02-18 13:50:28 -05:00
Alan Foster 5b3fde7735 Rubocop recently landed modules 2021-02-16 15:08:08 +00:00
A Galway f227e82600 Land #14730, OBM Local PrivEsc to SYSTEM 2021-02-15 10:24:34 +00:00
Brendan Coles a1c316c679 msftidy: Fix exploit module checks for author and stack buffer overflow 2021-02-13 04:10:13 +00:00
dwelch-r7 f6c3de5732 Land #14733, Add latest Rubocop rules 2021-02-12 16:18:13 +00:00
Alan Foster bed7ae2c78 Add latest rubocop rules 2021-02-12 13:31:51 +00:00
Christophe De La Fuente 88eaf97e79 Land #14607, Updates for Exchange ECP DLP Policy Exploit 2021-02-11 15:15:34 +01:00
Spencer McIntyre 1f5f086c5e Updates for the Exchange ECP DLP Policy RCE module to randomize data 2021-02-10 15:00:39 -05:00
dwelch-r7 b95be3ed10 Zeitwerk rex folder 2021-02-08 12:24:12 +00:00
cgranleese-r7 3a2932b798 Migrate old uses of manual autocheck to use the new prepend autocheck 2021-02-02 10:15:46 +00:00
Pedro Ribeiro 90f8c1f7b9 add tested for 2019.11 too 2021-01-30 21:54:48 +07:00
Pedro Ribeiro 137664818d add obm windows privesc sploit 2021-01-29 18:45:33 +07:00
Robin Wood 89f4d3e2d7 Fix for issue #14678 
Stops the printing of a rogue nil when exploit completes.

See https://github.com/rapid7/metasploit-framework/issues/14678
 2021-01-29 11:17:38 +00:00
bwatters 9174958489 Land #14627, Add PRTG Network Monitor RCE (CVE-2018-9276) 
Merge branch 'land-14627' into upstream-master
 2021-01-27 15:48:27 -06:00