adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
58,454 Commits 27 Branches 1,043 Tags
2f2d43e3bbbf6edbf6ffd10eccc84ca0c761435d
Commit Graph

2571 Commits

Author SHA1 Message Date
William Vu 3970b69734 Land #14229, Telerik UI for ASP.NET AJAX exploit 
CVE-2017-11317 && CVE-2019-18935
 2020-10-20 13:24:35 -05:00
Grant Willcox b932ed5225 Recompile the exploit.dll DLL for CVE-2019-1458 as per Rapid7 policies 2020-10-15 10:58:56 -05:00
Tim W 12c5f4f916 CVE-2019-1458 chrome sandbox escape initial commit 2020-10-15 10:57:46 -05:00
Spencer McIntyre adfc8f89c4 Implement version enumeration and report CVE-2017-11317 for Telerik 2020-10-07 10:27:50 -04:00
Spencer McIntyre d6e1eee635 Add a new Mixed Mode Assembly DLL payload template 2020-10-05 15:19:40 -04:00
bwatters e24a81919a Land #13996, Add module for CVE-2020-9801, CVE-2020-9850 and CVE-2020-9856, 
RCE for Safari on macOS 10.15.3 (pwn2own2020)

Merge branch 'land-13996' into upstream-master
 2020-10-01 09:46:39 -05:00
Shelby Pace f0f4da2b1e Land #14157, Windows update orchestrator privesc 2020-09-25 16:07:27 -05:00
Christophe De La Fuente 2d1b378a18 Land #14122, Jenkins Deserialization RCE (CVE-2017-1000353) 2020-09-22 12:32:09 +02:00
bwatters 534e945cd0 First attempt at CVE-2020-1313 2020-09-18 15:39:12 -05:00
bwatters 06f5518953 Update binaries 2020-09-16 11:41:02 -05:00
bwatters a2edcda819 Rubocop on module and update error handling on exploit C code + recompile 2020-09-16 11:17:39 -05:00
bwatters 95bb6ad71a Add new binaries 2020-09-16 11:17:39 -05:00
bwatters a5253c5674 remove old binaries before we added both x86 and x64 binaries 2020-09-16 11:17:39 -05:00
bwatters a72769909b Change exe to take destination and source files for copy 2020-09-16 11:17:39 -05:00
bwatters 17272209cc First try at CVE-2020-1048, needs lots of work 2020-09-16 11:17:38 -05:00
Shelby Pace ff500dd9fb add poc 2020-09-11 12:00:16 -05:00
bwatters e592736833 Land #13992, Add module for CVE-2020-9839, LPE for macOS <= 10.15.4 
Merge branch 'land-13992' into upstream-master
 2020-09-04 15:53:17 -05:00
bwatters 5e2a3a6f65 Recompiled binary exploit file to match source 2020-09-04 15:46:52 -05:00
Tim W 1693a3c787 add exploit binaries 2020-09-01 17:14:21 +08:00
Tim W 9150f0bc3a move int64.js and utils.js to javascript_utils folder 2020-09-01 16:14:31 +08:00
Tim W 46db23c35e fix int64.js and utils.js 2020-09-01 16:14:30 +08:00
Tim W c23cb63c6e exploit binary 2020-09-01 14:10:34 +08:00
h00die cd41d9c3c9 Land #13911, iphone 4 on ios 7.1.2 safari jit for root 2020-08-14 16:01:14 -04:00
Tim W 1eaf66dab1 CVE-2020-9850 2020-08-14 16:10:34 +08:00
Jeffrey Martin 35017886b8 Land #13935, Preliminary Version 6 2020-08-06 10:19:34 -05:00
h00die 41058775b3 add sharphound exe, rubocop, and final update run 2020-08-04 09:06:45 -04:00
h00die dc5fefcb20 update sharphound and john 2020-08-04 08:48:23 -04:00
h00die 0ca7581b67 disk write method success 2020-08-03 13:08:39 -04:00
Jeffrey Martin 9aa26d1208 Merge upstream into 6.x 2020-08-03 11:43:47 -05:00
Tim W 0b513d6c51 remove debug logging from the kernel exploit 2020-07-30 18:10:26 +08:00
Spencer McIntyre a886177b96 Land #13837, Add FreeBSD ip6_setpktopt Use-After-Free Privilege Escalation module 2020-07-29 15:40:47 -04:00
Spencer McIntyre 428ce72108 Use colon instead of em-dash and add a URL comment to the doc template 2020-07-28 08:49:57 -04:00
Tim W 79adcf7904 Add module for iOS 7.1.2 2020-07-27 15:05:31 +08:00
Spencer McIntyre 9ba9690c14 Put more information into the generated module docs 2020-07-26 13:14:16 -04:00
Brendan Coles cbbd4fc517 Add CVE-2020-7457 exploit.c 2020-07-26 08:04:37 +00:00
Spencer McIntyre 65f9b62c52 Initial outline of module doc info template 2020-07-24 18:09:52 -04:00
gwillcox-r7 7d3653280f Land #13848, Add CDATA OLT telnet backdoor wordlist 2020-07-16 11:32:06 -05:00
0x44434241 703dc79710 Vim ate my trailing space for guest/[nopassword] 2020-07-16 12:50:08 +09:00
0x44434241 94b46209d9 Adding in C-Data FTTH OLT Device telnet backdoor credential pairs. 
Further information:
 - https://www.zdnet.com/article/backdoor-accounts-discovered-in-29-ftth-devices-from-chinese-vendor-c-data/
 - https://pierrekim.github.io/blog/2020-07-07-cdata-olt-0day-vulnerabilities.html
 2020-07-16 12:38:23 +09:00
Jeffrey Martin 65039a5091 Merge upstream into 6.x 2020-07-15 09:58:07 -05:00
Spencer McIntyre 6f153688ff Add labels to shuffled assembly source code for post-processing 2020-07-08 14:39:00 -04:00
Spencer McIntyre cfae4c76d0 Shuffle the block API source code every time 2020-07-07 15:55:32 -04:00
gwillcox-r7 586971428a Recompile everything so we don't have the messagebox calls 2020-06-11 00:18:45 -05:00
gwillcox-r7 93b28e662e Change out template_dll solution files so that it generates the DLL with the correct name and in the correct location 2020-06-10 11:41:34 -05:00
gwillcox-r7 7711cecee9 Final tweaks to make this more reliable, should be good now 2020-06-10 11:02:53 -05:00
gwillcox-r7 4a9c878132 Finally fix up the hanging issue via new template DLLs and associated code 2020-06-10 11:02:53 -05:00
gwillcox-r7 cb20eaf6f9 Finally fix the issue with the cleanup of the files within the exploit 2020-06-10 11:02:51 -05:00
gwillcox-r7 401feb3e53 Change code so that we automatically exit Notepad upon DLL completing its work. Should help tidy things up more 2020-06-10 11:02:50 -05:00
gwillcox-r7 cf17b2065c Updated module with some output corrections, recompiled DLLs 2020-06-10 11:02:50 -05:00
gwillcox-r7 ae2b40bf99 Update the output of the module to be more correct. Also upload updated DLLs 2020-06-10 11:02:49 -05:00