adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
51,374 Commits 27 Branches 1,043 Tags
319eb30cce03a5be8ae7c19cc69aeafebcd2e8bc
Commit Graph

392 Commits

Author SHA1 Message Date
Ben Schmeckpeper 7d1f6afd4a Remove trailing space from CVE reference 2019-04-03 09:21:55 -05:00
surefire 1b6cd64016 Land #11136, exploit/multi/misc/weblogic_deserialize_unicastref 2019-04-01 18:15:26 -05:00
surefire 40191e5a01 Dissected JSOs, randomized strings, copied T3 header breakdown from @acamro 2019-04-01 18:05:45 -05:00
surefire f292befed4 Land #11134, exploit/multi/misc/weblogic_serialize_marshalledobject 2019-04-01 14:11:30 -05:00
surefire 4d0e47044b Fixed a hardcoded payload length resulting in 40% failures 2019-04-01 14:05:39 -05:00
asoto-r7 399532154d Fix a git snafu when landing #11131 
While landing PR #11131, I tripped over my own shoelaces and overwrote `weblogic_deserialize_rawobject.rb` with `weblogic_deserialize_unicastref.rb`, destroying my changes and introducing a great deal of confusion.

This PR gets us back to where we should have been, with #11131 landed and a few changes to add randomization and expanding on the T3 protocol.
 2019-03-26 17:54:37 -05:00
asoto-r7 26b67bbf91 Fix two-byte error, add randomization, T3 notes from @acamro 2019-03-26 16:45:17 -05:00
asoto-r7 5f5d475c2e Add expected traceback error to documentation 2019-03-26 16:44:45 -05:00
asoto-r7 f9361324bd Merge branch 'weblogic_serialize_rawobject' of git://github.com/acamro/metasploit-framework into acamro-weblogic_serialize_rawobject 2019-03-26 16:38:27 -05:00
rwincey 59fc1ec7ab Rubocop changes 2019-03-09 12:22:04 -05:00
Andres Rodriguez ea45468639 Merge branch 'master' of github.com:rapid7/metasploit-framework into weblogic_serialize_unicastref 2019-03-02 00:49:13 -08:00
rwincey f05d86ffae Even Less Code 2019-02-28 21:49:29 -05:00
rwincey b96326ec80 Less Code 2019-02-28 21:48:25 -05:00
asoto-r7 efba6d2d9c Reverse engineered JSOs 2019-02-20 16:45:47 -06:00
asoto-r7 0f9a796d2f Reverse engineered JSOs, used new ysoserial functionality 2019-02-20 14:28:09 -06:00
asoto-r7 5f84cbc078 Reverse engineered JSOs, used new ysoserial functionality 2019-02-20 14:12:24 -06:00
rwincey a0b5291c30 Space slipped in 2019-02-13 10:25:21 -05:00
rwincey e716c24f2d Style police :P 2019-02-13 00:35:54 -05:00
rwincey b55fdc7323 Minor updates 2019-02-11 21:39:43 -05:00
rwincey f1675cddad Documentation 2019-02-10 23:16:45 -05:00
rwincey ced3ad0bfd BMC Patrol CMD Exec Module 2019-02-10 22:26:24 -05:00
Brendan Coles 24f807490f revisionism 2019-01-10 19:19:14 +00:00
Shelby Pace 29e7c49332 Land #10444, add Consul rexec RCE module 2018-12-28 09:14:28 -06:00
Shelby Pace fb8f06b2f5 Land #10443, add Consul service RCE module 2018-12-28 08:33:56 -06:00
Quentin Kaiser 18c844623a Remove extra spaces. 2018-12-24 13:48:07 +01:00
Quentin Kaiser e10792f4e6 Remove extra space. 2018-12-24 13:30:03 +01:00
Jacob Robles 4bc871c499 Add CmdStager to erlang_cookie_rce 2018-12-21 07:33:37 -06:00
Quentin Kaiser bf2de42077 Now supports all version of Consul. 2018-12-20 18:56:07 +01:00
Quentin Kaiser 2919b970cd Implement execution checks with a timeout limit so we don't leave zombie checks running in background. 2018-12-20 18:41:35 +01:00
Quentin Kaiser ba5c40db77 No need for CVE field. 2018-12-20 18:18:53 +01:00
Milton-Valencia bb758f9a61 I didn't forget msftidy I swear 2018-12-18 14:55:12 -06:00
Milton-Valencia 8a2a605a99 added targets 2018-12-18 14:50:57 -06:00
Quentin Kaiser ef8601aa71 Bail early if we receive an unexpected response. 2018-12-18 19:42:26 +01:00
Quentin Kaiser 4ee7bdee6c Merge branch 'consul_service_exec' of github.com:QKaiser/metasploit-framework into consul_service_exec 2018-12-18 19:33:51 +01:00
Quentin Kaiser b3563b1bc2 Cleaner version of check function thanks to @bcoles. 2018-12-18 19:33:30 +01:00
Brendan Coles 5e134d7d8d Update modules/exploits/multi/misc/consul_service_exec.rb 
Co-Authored-By: QKaiser <QKaiser@users.noreply.github.com>
 2018-12-18 19:27:19 +01:00
Brendan Coles 5192c081ee Update modules/exploits/multi/misc/consul_service_exec.rb 
Co-Authored-By: QKaiser <QKaiser@users.noreply.github.com>
 2018-12-18 19:27:08 +01:00
Quentin Kaiser 6ad40deac3 print_status will never throw a JSON::ParseError exception. 2018-12-18 19:15:13 +01:00
Quentin Kaiser a52ffbcead Missing disclosure date. 2018-12-18 17:03:09 +01:00
Quentin Kaiser a3d020a7e2 Add support for authorization with X-Consul-Token ACL header. 2018-12-18 16:56:03 +01:00
Quentin Kaiser 1839144978 Cleaner to define this as a Hash, then call .to_json on it. 2018-12-18 16:53:49 +01:00
Quentin Kaiser 177ae2f927 fail_with is not allowed in check method. Use vprint_error and return a CheckCode instead. Cleaner response check in check function. Usage of CheckCode instead of Exploit::CheckCode. 2018-12-18 16:33:53 +01:00
Quentin Kaiser 0feadf636b Define in RPORT and SSL in register_options rather than DefaultOptions. Support for echo and printf command stager flavors + support for curl and wget command stager flavors (hence reactivation of SRVHOST, SRVPORT, URIPATH and SSLCert). 2018-12-18 16:29:36 +01:00
Quentin Kaiser 0acdcd98f2 Merge branch 'master' into consul_service_exec 2018-12-18 16:27:08 +01:00
Quentin Kaiser f487f978c2 Merge branch 'consul_exec' of github.com:QKaiser/metasploit-framework into consul_exec 2018-12-18 16:09:18 +01:00
Quentin Kaiser 08541cd7b9 Merge branch 'master' into consul_exec 2018-12-18 16:07:08 +01:00
Quentin Kaiser a1e1e4a4f4 Remove useless comment. 2018-12-18 16:05:50 +01:00
Quentin Kaiser b80e5715d4 Add support for authorization with X-Consul-Token ACL header. 2018-12-18 16:02:39 +01:00
Quentin Kaiser 551f8c5e92 Support for echo and printf command stager flavors + support for curl and wget command stager flavors (hence reactivation of SRVHOST, SRVPORT, URIPATH and SSLCert). 2018-12-18 15:48:58 +01:00
Quentin Kaiser f290221a66 Cleaner response check in check function. Usage of CheckCode instead of Exploit::CheckCode. 2018-12-18 15:36:52 +01:00