adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
58,321 Commits 27 Branches 1,043 Tags
339c1941efdbe265cfe586f11f1da2d000c19d44
Commit Graph

650 Commits

Author SHA1 Message Date
bwatters e24a81919a Land #13996, Add module for CVE-2020-9801, CVE-2020-9850 and CVE-2020-9856, 
RCE for Safari on macOS 10.15.3 (pwn2own2020)

Merge branch 'land-13996' into upstream-master
 2020-10-01 09:46:39 -05:00
Shelby Pace f0f4da2b1e Land #14157, Windows update orchestrator privesc 2020-09-25 16:07:27 -05:00
Christophe De La Fuente 2d1b378a18 Land #14122, Jenkins Deserialization RCE (CVE-2017-1000353) 2020-09-22 12:32:09 +02:00
bwatters 534e945cd0 First attempt at CVE-2020-1313 2020-09-18 15:39:12 -05:00
bwatters 06f5518953 Update binaries 2020-09-16 11:41:02 -05:00
bwatters a2edcda819 Rubocop on module and update error handling on exploit C code + recompile 2020-09-16 11:17:39 -05:00
bwatters 95bb6ad71a Add new binaries 2020-09-16 11:17:39 -05:00
bwatters a5253c5674 remove old binaries before we added both x86 and x64 binaries 2020-09-16 11:17:39 -05:00
bwatters a72769909b Change exe to take destination and source files for copy 2020-09-16 11:17:39 -05:00
bwatters 17272209cc First try at CVE-2020-1048, needs lots of work 2020-09-16 11:17:38 -05:00
Shelby Pace ff500dd9fb add poc 2020-09-11 12:00:16 -05:00
bwatters e592736833 Land #13992, Add module for CVE-2020-9839, LPE for macOS <= 10.15.4 
Merge branch 'land-13992' into upstream-master
 2020-09-04 15:53:17 -05:00
bwatters 5e2a3a6f65 Recompiled binary exploit file to match source 2020-09-04 15:46:52 -05:00
Tim W 1693a3c787 add exploit binaries 2020-09-01 17:14:21 +08:00
Tim W 9150f0bc3a move int64.js and utils.js to javascript_utils folder 2020-09-01 16:14:31 +08:00
Tim W 46db23c35e fix int64.js and utils.js 2020-09-01 16:14:30 +08:00
Tim W c23cb63c6e exploit binary 2020-09-01 14:10:34 +08:00
h00die cd41d9c3c9 Land #13911, iphone 4 on ios 7.1.2 safari jit for root 2020-08-14 16:01:14 -04:00
Tim W 1eaf66dab1 CVE-2020-9850 2020-08-14 16:10:34 +08:00
Tim W 0b513d6c51 remove debug logging from the kernel exploit 2020-07-30 18:10:26 +08:00
Tim W 79adcf7904 Add module for iOS 7.1.2 2020-07-27 15:05:31 +08:00
Brendan Coles cbbd4fc517 Add CVE-2020-7457 exploit.c 2020-07-26 08:04:37 +00:00
gwillcox-r7 586971428a Recompile everything so we don't have the messagebox calls 2020-06-11 00:18:45 -05:00
gwillcox-r7 93b28e662e Change out template_dll solution files so that it generates the DLL with the correct name and in the correct location 2020-06-10 11:41:34 -05:00
gwillcox-r7 7711cecee9 Final tweaks to make this more reliable, should be good now 2020-06-10 11:02:53 -05:00
gwillcox-r7 4a9c878132 Finally fix up the hanging issue via new template DLLs and associated code 2020-06-10 11:02:53 -05:00
gwillcox-r7 cb20eaf6f9 Finally fix the issue with the cleanup of the files within the exploit 2020-06-10 11:02:51 -05:00
gwillcox-r7 401feb3e53 Change code so that we automatically exit Notepad upon DLL completing its work. Should help tidy things up more 2020-06-10 11:02:50 -05:00
gwillcox-r7 cf17b2065c Updated module with some output corrections, recompiled DLLs 2020-06-10 11:02:50 -05:00
gwillcox-r7 ae2b40bf99 Update the output of the module to be more correct. Also upload updated DLLs 2020-06-10 11:02:49 -05:00
gwillcox-r7 1607b8c342 Add initial files for CVE-2020-0787 2020-06-10 11:02:35 -05:00
Shelby Pace c8ab30a40a add poc code 2020-06-02 14:29:02 -05:00
William Vu 8473662e32 Land #13463, Oracle WebLogic CVE-2020-2555 exploit 2020-05-20 23:21:07 -05:00
Brendan Coles 8631babcbb Update CVE-2019-13272 pre-compiled exploit 2020-05-11 13:36:41 +00:00
Brendan Coles dbc2b8b006 Update CVE-2019-13272 exploit C code to prefer auto targeting 
Previously, the exploit would attempt to use a hardcoded list of
known useful helpers and fall back to automatic targeting. This
logic has been reversed, preferring automatic targeting first.
 2020-05-09 03:59:31 +00:00
Spencer McIntyre 9769e04b6e Land #13322, CVE-2020-0668 Service tracing file junction overwrite 2020-05-07 09:47:20 -04:00
gwillcox-r7 a1275845ec Land #13200, CVE-2019-0808 LPE for Windows 7 x86 SP0 and SP1 2020-05-06 17:23:52 -05:00
gwillcox-r7 1c79674620 Recompile DLL and alter vcxproj file to automatically place generated DLL in right folder 2020-05-06 16:33:01 -05:00
Shelby Pace 587fc0ff09 add PoC 2020-05-04 11:08:38 -05:00
Tim W b8dc843b48 add binary 2020-05-01 19:02:54 +08:00
bwatters-r7 7213d379ec Add Uso dll 2020-04-23 15:18:22 -05:00
bwatters-r7 0bbb822fe4 Working through mountpoint issues 2020-04-21 09:54:45 -05:00
h00die e1f1ad45bc working exploit 2020-04-19 15:19:19 -04:00
h00die 58074dc6bb waiting on metasm question 2020-04-18 20:26:45 -04:00
Spencer McIntyre 3392fa18d4 Add the x64 LPE exploit for CVE-2020-0796 2020-04-02 17:22:00 -04:00
Brent Cook f59ec03c42 Land #12465, add Android Binder UAF (CVE-2019-2215) 2020-02-23 01:06:33 -08:00
Christophe De La Fuente 394e99fbe9 Land #12568, Fix exploit/windows/local/ms16_032_secondary_logon_handle_privesc 2020-01-30 11:57:56 +01:00
cdelafuente-r7 3491da7da0 Add a random sentinel to close channel when terminates (#1) 
* Add a random sentinel to close channel when terminates

* Replace spaces with tabs to be consistent

* Remove unnecessary escaped quotes and use include? instead of regex
 2020-01-25 23:30:49 +01:00
Tim W cfffb65a21 Land #12859, update AF_PACKET chocobo_root linux LPE 2020-01-24 17:30:13 +08:00
Brent Cook 6f6cc00871 Land #12751, add Linux RDS socket NP deref privesc 2020-01-22 07:08:47 -06:00