adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
59,982 Commits 27 Branches 1,043 Tags
2a48dd265d8bb200ed6d2ead53700a52bbccee32
Commit Graph

1184 Commits

Author SHA1 Message Date
Grant Willcox 8dce1acd64 Land #14794, dup_scout_enterprise_login_bof: Add v9.9.14 target and auto targeting 2021-03-12 12:07:57 -06:00
Spencer McIntyre 8d2e644f4f Add a new Java Deserialization mixin and use it to set the shell 2021-03-11 12:09:29 -06:00
Shelby Pace fbd6f19d04 Land #14846, add HPE SIM unauth AMF deser rce 2021-03-08 16:50:49 -06:00
Grant Willcox 514d46bd4d Rubocop module again and also update the documentation to reflect recent changes 2021-03-08 16:08:36 -06:00
Grant Willcox 8479f01290 Improve the check logic to more accurately detect if a target is vulnerable or not 2021-03-08 15:59:26 -06:00
Grant Willcox 2e45962cc0 Change gsub! to gsub so that we don't end up with nil errors when a match isn't found 2021-03-08 15:11:58 -06:00
Grant Willcox 02e89947c7 Update check method to fix an incorrect check code, change from Appears to Detected 2021-03-05 11:16:24 -06:00
Grant Willcox 2b488800e6 Update the check method to eliminate potential false positives by searching for the presence of three strings that together should only be returned by HPE SIM web servers. 2021-03-05 11:14:30 -06:00
Grant Willcox 59d7288773 RuboCop module and fix small spelling mistake in documentation 2021-03-04 18:48:19 -06:00
Grant Willcox f193caa48e Also make sure that the default option is to use Windows Powershell since this supports Meterpreter and is generally a lot more reliable 2021-03-04 18:40:21 -06:00
Grant Willcox d739bf7809 Fix up payload_template_adjustments function to use a simpler loop like structure as per space-r7 
's recommendations
 2021-03-04 18:34:45 -06:00
Grant Willcox 306e1979af First round of code adjustments per review comments 2021-03-04 12:38:11 -06:00
Grant Willcox 3ef8fcd996 Update module to fix an extra print statement and write documentation 2021-03-03 10:14:41 -06:00
Grant Willcox f327d30e08 First attempt at CVE-2020-7200 module, with RuboCopped module 2021-03-02 16:38:19 -06:00
dwelch-r7 dc8fea2063 remove require 'faker' since we globally autoload it now 2021-03-02 13:59:32 +00:00
Brendan Coles f89d67df19 dup_scout_enterprise_login_bof: Add v9.9.14 target and auto targeting 2021-02-25 17:14:25 +00:00
dwelch-r7 319f15d938 Handle nil versions for rubygems 4 2021-02-25 16:47:49 +00:00
Alan Foster b06c5c12aa Rubocop recently landed modules continued 2021-02-25 14:13:40 +00:00
Alan Foster 5b3fde7735 Rubocop recently landed modules 2021-02-16 15:08:08 +00:00
Christophe De La Fuente 88eaf97e79 Land #14607, Updates for Exchange ECP DLP Policy Exploit 2021-02-11 15:15:34 +01:00
Spencer McIntyre 1f5f086c5e Updates for the Exchange ECP DLP Policy RCE module to randomize data 2021-02-10 15:00:39 -05:00
cgranleese-r7 3a2932b798 Migrate old uses of manual autocheck to use the new prepend autocheck 2021-02-02 10:15:46 +00:00
Julien Bedel b9800b087f Change notification name 
From "Exploit" to a random alphanumeric String in order to make it less fingerprintable.

Co-authored-by: acammack-r7 <adam_cammack@rapid7.com>
 2021-01-21 18:32:05 +01:00
JulienBedel 14f24b258d Add PRTG Network Monitor RCE (CVE-2018-9276) 2021-01-18 12:01:44 +01:00
Spencer McIntyre f5b5624b81 Update Exchange DLP check method, add authors and a source 2021-01-12 18:00:27 -05:00
Spencer McIntyre 652e4eaf60 Update the exchange ECP DLP Policy exploit for the latest bypass 2021-01-12 17:45:09 -05:00
Spencer McIntyre 367c5e747f Land #14470, Fix ssi template for some sharepoint versions 2020-12-09 16:23:34 -05:00
adfoster-r7 85a9accbee Land #14202, Add initial zeitwerk autoloader approach for lib/msf/core 2020-12-08 12:53:02 +00:00
Shelby Pace 8e1cab0131 Land #14339, add flexdotnetcms rce 2020-12-07 14:28:01 -06:00
Shelby Pace cd900a0507 fix comment 2020-12-07 14:27:07 -06:00
S3cur3Th1ssh1t 6c1ac7f9a2 Fix ssi template for some sharepoint versions 2020-12-07 14:34:09 +01:00
dwelch-r7 1617b3ec9b Use zeitwerk for lib/msf/core folder 2020-12-07 10:31:45 +00:00
kalba-security 9417266d21 replace Checkcode:Unknown with Detected in check(), skip cleanup unless required 2020-11-23 08:17:44 -05:00
William Vu d3f16c7061 Land #14361, COOKIE for sharepoint_ssi_viewstate 2020-11-18 15:55:19 -06:00
chmod750 5ec0556abd Update modules/exploits/windows/http/sharepoint_ssi_viewstate.rb 
CamelCase update

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>
 2020-11-06 23:26:40 +01:00
chmod750 7a968fcd39 Update modules/exploits/windows/http/sharepoint_ssi_viewstate.rb 
CamelCase update

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>
 2020-11-06 23:20:12 +01:00
chmod750 22b0fae73c Update sharepoint_ssi_viewstate.rb 2020-11-06 16:40:16 +01:00
chmod750 8356b44892 Add cookie header functionnality 2020-11-06 16:16:59 +01:00
Alan Foster 5b438fd933 Preference target values when registering options 2020-11-05 23:16:37 +00:00
kalba-security 31237258e5 Add Rubocop changes 2020-11-05 07:27:51 -05:00
kalba-security 0a9589166f Add CVE ID 2020-11-05 06:55:37 -05:00
kalba-security ea70c15b56 Implement suggestions from code review 2020-11-04 09:49:27 -05:00
kalba-security 8aceea1872 Add flexdotnetcms_upload_exec module and docs 2020-11-03 09:50:28 -05:00
William Vu e4fb76d74f Add version check to exchange_ecp_dlp_policy 
And update modules/exploits/windows/http/sharepoint_ssi_viewstate.rb.
 2020-10-20 14:32:43 -05:00
William Vu 3970b69734 Land #14229, Telerik UI for ASP.NET AJAX exploit 
CVE-2017-11317 && CVE-2019-18935
 2020-10-20 13:24:35 -05:00
Spencer McIntyre b58ed7f909 Update the Telerik RAU module metadata and add the TARGETURI option 2020-10-20 13:48:59 -04:00
Spencer McIntyre 57aef4367c Adjust the exploit timeout and set the default RPORT for Telerik RAU 2020-10-19 19:31:14 -04:00
William Vu 253928570b Update module doc 2020-10-19 11:18:00 -05:00
Spencer McIntyre a05f8a721b Print what the web.config loot path is 2020-10-19 10:27:41 -04:00
William Vu 4cb08f7426 Address outstanding issues 2020-10-15 13:24:08 -05:00