adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
48,210 Commits 27 Branches 1,043 Tags
34944ff5be0eec6cea29020fbf6fc4c19b55dbcb
Commit Graph

24647 Commits

Author SHA1 Message Date
Wei Chen 0dea5fcfd9 Land #10565, Add Dolibarr ERP/CRM Auxiliary Module 2018-08-31 13:47:46 -05:00
Shelby Pace aa9d0d7c6c using uri_encode 2018-08-31 08:41:25 -05:00
Shelby Pace b1151b9d12 modified login_uri 2018-08-31 08:08:46 -05:00
William Vu 7c7f63df45 Fix missing normalize_uri in struts2_rest_xstream 
I missed this one previously. May not be necessary but nice to have.
 2018-08-30 15:56:43 -05:00
Shelby Pace 42af28a86a printing and storing credentials 2018-08-30 14:17:37 -05:00
Shelby Pace 85c4abac99 storing credentials 2018-08-30 13:59:00 -05:00
Shelby Pace a9376266bc Land #10484, Add PhpMyAdmin password extractor 2018-08-30 12:16:17 -05:00
Shelby Pace 924e61c5c1 Added check and removed register_options 2018-08-30 12:13:39 -05:00
Shelby Pace 6ec8522786 Land #10482, Add Network Manager VPNC Privesc 2018-08-30 10:46:54 -05:00
Jacob Robles 9d3e1c1942 Land #10540, weblogic_deserialize, add check method and linux target 2018-08-30 06:08:03 -05:00
Jacob Robles 953bafc7e7 Land #10545, foxit fix generated strings, update doc 2018-08-30 05:55:44 -05:00
Jacob Robles 3161beff69 Prefer opt hash 2018-08-29 14:56:31 -05:00
Adam Cammack a57e5ac5c0 Land #10594, Remove trailing space from CVE number 2018-08-29 14:31:21 -05:00
Jacob Robles bc4442694e Fix Windows target options, remove comspec 2018-08-29 14:23:00 -05:00
Ben Schmeckpeper c4d697a629 Remove trailing space from CVE identifier 
ASUS Net4Switch ipswcom exploit mistakenly included a trailing space at the end of its CVE reference.
 2018-08-29 14:12:49 -05:00
Shelby Pace 7915c4ac6c getting user credentials in response 2018-08-29 13:59:06 -05:00
Dhiraj Mishra 25145004b2 Removing arch 2018-08-29 22:05:57 +05:30
William Vu 468613f688 Land #10536, https:// reference check for msftidy 2018-08-29 11:14:42 -05:00
Jacob Robles d5ad683ba6 More doc updates 2018-08-29 10:59:36 -05:00
Shelby Pace bb4a4b8839 initial module setup 2018-08-29 10:28:10 -05:00
Jacob Robles 086ec5bdfb Fix generated strings in pdf 2018-08-29 06:24:20 -05:00
Dhiraj Mishra c486dab574 Updating 
Thank you bcoles :)
 2018-08-29 11:45:08 +05:30
William Vu 326f006146 Land #10542, CVE ref for office_ms17_11882 exploit 2018-08-29 00:42:53 -05:00
Christian Mehlmauer 14fa41a376 merge changes 2018-08-29 06:09:40 +02:00
William Vu ba76292c40 Land #10543, struts2_rest_xstream targeting fixes 2018-08-28 16:50:26 -05:00
William Vu f6b868bac2 Prefer regex for target check in exploit method 
This is how I initially wrote it out, and I think I like it better.
Obviously we'll still check individual symbols in execute_command, since
some of the matching is disjoint.
 2018-08-28 15:56:45 -05:00
Adam Cammack 2958f9a83f Land #10541, Correct claymore_dos.py's CVE ref 2018-08-28 15:35:16 -05:00
William Vu 3dec79da23 Add Windows ARCH_CMD target and refactor again 
Must have been an oversight that I didn't add the target.
 2018-08-28 15:03:41 -05:00
Ben Schmeckpeper 6335d867ec Add CVE reference to office_ms17_11882 exploit 
The CVE identifier appears in a  GitHub URI but is not referenced separately.
 2018-08-28 13:44:01 -05:00
Ben Schmeckpeper ed60b767a7 Correct claymore_dos.py's CVE reference 
The CVE reference shouldn't include the `CVE-` prefix
 2018-08-28 13:34:02 -05:00
Jacob Robles 94e8cdac37 Move files to correct location 2018-08-28 12:38:54 -05:00
Jacob Robles 2986a9538d Whitespace fix 2018-08-28 11:53:08 -05:00
Jacob Robles 49c5a91fa7 Add linux target to weblogic_deserialize module 2018-08-28 11:51:04 -05:00
bwatters-r7 20daba6e2d fix line endings 2018-08-28 11:33:17 -05:00
alpiste f1e4079641 move add_thread code to lib/rex/post/meterpreter/extensions/peinjector/peinjector.rb 2018-08-28 09:02:21 -05:00
alpiste 015abca8af MSFTidy module 2018-08-28 09:02:21 -05:00
alpiste bb151bb727 MSFTidy module 2018-08-28 09:02:21 -05:00
alpiste 2251c4a712 Add peinjector post module 2018-08-28 09:02:21 -05:00
Jacob Robles 12e9cf6af7 Version output 2018-08-28 08:20:02 -05:00
Jacob Robles f92d2263d0 Add check to weblogic_deserialize module 2018-08-28 08:09:30 -05:00
Christian Mehlmauer 7431ae401b fix more errors 2018-08-28 13:49:31 +02:00
Christian Mehlmauer a66556b436 fix msftidy errors 2018-08-28 13:12:43 +02:00
William Vu 7d21c2094e Improve PSH target and refactor check code 2018-08-27 20:18:35 -05:00
William Vu df5f4caaae Uncomment PSH target in struts2_rest_xstream 
I'm full of shit. It works.

msf5 exploit(multi/http/struts2_rest_xstream) > run

[*] Started reverse TCP handler on 192.168.56.1:4444
[*] Powershell command length: 2467
[*] Sending stage (206403 bytes) to 192.168.56.101
[*] Meterpreter session 1 opened (192.168.56.1:4444 -> 192.168.56.101:49691) at 2018-08-27 20:00:47 -0500

meterpreter > getuid
Server username: MSEDGEWIN10\IEUser
meterpreter > sysinfo
Computer        : MSEDGEWIN10
OS              : Windows 10 (Build 17134).
Architecture    : x64
System Language : en_US
Domain          : WORKGROUP
Logged On Users : 3
Meterpreter     : x64/windows
meterpreter >
 2018-08-27 20:01:00 -05:00
Brent Cook 53b369d702 avoid inserting a float into instruction generation randomly 2018-08-27 11:24:38 -05:00
Brent Cook 47ca6c6a14 Land #10527, Fix msftdiy EDB link check, enable HTTPS 2018-08-27 10:49:20 -05:00
Jacob Robles 79b3e4564a Land #10487, add php5 session file target 2018-08-27 06:22:28 -05:00
Brendan Coles 9725e90ba7 Fix msftdiy EDB link check 2018-08-26 04:18:38 +00:00
Brent Cook cb07ba2b6c Land #10516, Add brace expansion encoder and update ${IFS} encoder 2018-08-25 22:23:07 -05:00
William Vu 6df235062b Land #10505, post-auth and default creds info 2018-08-24 18:08:15 -05:00