adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
61,763 Commits 27 Branches 1,043 Tags
3c9c057fc3c241c19c1be80787b7fc061663118c
Commit Graph

4434 Commits

Author SHA1 Message Date
Spencer McIntyre 8317a484a3 Land #15548, Overhaul SMB auth capture server 2021-08-30 10:01:55 -04:00
Tim W 6c0b90eabb Land #15532, add module for CVE-2021-21300 and git mixins 2021-08-26 18:26:04 +01:00
Spencer McIntyre 674628e600 Land #15384, Improve Windows RDLL injection 2021-08-26 12:11:44 -04:00
space-r7 17da80163c fix typo, set COUNT default to 3 as noted in docs 2021-08-25 14:17:47 -05:00
Grant Willcox 5a80e9678c Address Spencer's comments and remove changes that don't directly use the DLL injection library API change 2021-08-24 16:34:01 -05:00
h00die b9db47f873 wp_learnpress sqli 2021-08-23 19:45:45 -04:00
William Vu e480e868b9 Remove dead cisco_rv130_rmi_rce documentation 
It is now cve_2019_1663_cisco_rmi_rce.
 2021-08-20 05:06:00 -05:00
William Vu 31796c6236 Land #15561, ProxyShell exploit 2021-08-19 10:31:02 -05:00
Spencer McIntyre 1519aef539 Land #15570, Fix smb enum gpp module 2021-08-19 09:20:38 -04:00
wvu bcf00a0d3a Update exchange_proxyshell_rce.md 2021-08-18 14:38:56 -05:00
Spencer McIntyre 75e63992d6 Write an exploit for ProxyShell 2021-08-18 10:50:34 -04:00
adfoster-r7 d9baaed0ba Fix smb enum gpp module 2021-08-18 11:44:03 +01:00
A Galway 534ba9a7af splits jtr hash files, adds timeout & updates docs 2021-08-16 16:57:49 +01:00
William Vu 521ca14773 Add Lucee Administrator CVE-2021-21307 exploit 2021-08-16 10:09:34 -05:00
A Galway 89b7613d6a typos, errors handiling, & removes unused args 2021-08-16 13:27:00 +01:00
A Galway 08c732dbb5 improves documentation and placeholder comments 2021-08-13 17:53:00 +01:00
A Galway 8ce50af72d updates docs & adds in os reporting placeholder 2021-08-13 17:11:21 +01:00
space-r7 c9bdd96c76 remove GIT_HOOK option 
post-checkout is the only hook that will work
with this exploit, so no option is needed. Also update
the documentation to reflect that.
 2021-08-12 10:18:13 -05:00
Shelby Pace 0fe761b838 modify options and add documentation 2021-08-12 10:18:12 -05:00
Spencer McIntyre 82cc8526d4 Land #15501, Add CVE-2019-11580 (Atlassian Crowd) 2021-08-12 09:38:31 -04:00
Grant Willcox 85ef49a79c Land #15535, Update psexec module to use SMBSHARE option name for consistency 2021-08-11 17:41:38 -05:00
Grant Willcox 5fdf990f24 Land #15519, Lexmark Universal Print Driver Local Privilege Escalation 2021-08-11 15:03:53 -05:00
Grant Willcox 92327461d3 Add in driver installation instructions to documentation 2021-08-11 14:40:21 -05:00
Grant Willcox 7b25bd366f Update documentation and fix a few typos so that it reflects latest changes 2021-08-11 12:25:36 -05:00
Jacob Baines afa3d92774 Switched to upnp implementation 2021-08-10 18:17:18 -04:00
Grant Willcox 3ef2c0cf5a Land #15520, Canon TR150 Print Driver Local Privilege Escalation 2021-08-10 16:09:36 -05:00
adfoster-r7 b9d2f30bbd Update psexec module to use SMBSHARE option name for consistency 2021-08-10 13:17:57 +01:00
Grant Willcox 55404ff29f Further fixes from review and further touch up edits 2021-08-09 14:23:05 -05:00
Grant Willcox f8d838bba2 Fix first round of comments from the review process 2021-08-09 12:13:27 -05:00
Christophe De La Fuente 07c9350733 Land #15430, Support for SSH pivoting 2021-08-09 18:34:08 +02:00
Grant Willcox 838142362c Apply first round of updates from review comments to improve explanations of the vulnerability and fix some minor issues 2021-08-09 09:59:09 -05:00
Jacob Baines 0e41a0e81e Addressed all but one review items 2021-08-07 06:46:49 -04:00
Jacob Baines 8d699c0c4e Addressed various review comments 2021-08-06 14:55:50 -04:00
Grant Willcox ade653f0bf Final fixup edits to change the timeout value to be an advanced option and also to use send_req_cgi 2021-08-05 13:10:24 -05:00
Jacob Baines f851faf2e4 Initial commit for Canon driver exploit 2021-08-05 11:17:45 -04:00
Grant Willcox 00cfdc4f17 Use Faker to generate a fake app name, add in option to specify timeout to server, and also fix Alan's remaining review comments 2021-08-05 09:46:34 -05:00
Jacob Baines e6c48db072 Initial version of CVE-2021-35449 2021-08-04 16:08:43 -04:00
Grant Willcox 0d7d5ab93f Switch over to Rex::MIME::Message to use our built in mixins, and also fix last remaining review comments 2021-08-02 11:17:26 -05:00
Grant Willcox 27f70af1b3 Fix up some of the mistakes wvu pointed out 2021-07-30 15:28:10 -05:00
Grant Willcox 3427571887 Push up working CVE-2019-11580 exploit and associated documentation 2021-07-30 12:07:12 -05:00
Spencer McIntyre dba3db741a Land #15462, [CVE-2021-36934] HiveNightmare 2021-07-29 12:53:48 -04:00
space-r7 809081bc5f Land #15279, add Pi-Hole lpe 2021-07-29 11:15:17 -05:00
space-r7 0561ae978f fix typos, pihole version in docs 2021-07-29 11:13:58 -05:00
Spencer McIntyre 36cc2fd7e5 Rename an option and update docs for HiveNightmare 2021-07-29 12:07:56 -04:00
Yann Castel fb99af1152 Add post module for HiveNightmare 
correct CVE id

Update modules/exploits/multi/http/wp_plugin_modern_events_calendar_rce.rb

Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>

Update modules/exploits/multi/http/wp_plugin_modern_events_calendar_rce.rb

Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>

Update modules/exploits/multi/http/wp_plugin_modern_events_calendar_rce.rb

Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>

Update modules/exploits/multi/http/wp_plugin_modern_events_calendar_rce.rb

Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>

use of vars_get + delete payload after use

initial commit

Update hivenightmare_windows_sam_leak.rb

using railgun to read files + specific index option

Update hivenightmare_windows_sam_leak.rb

post module + add description + add documentation

Delete wp_plugin_modern_events_calendar_rce.rb

Delete wp_plugin_modern_events_calendar_rce.md

add scenario in doc

Update windows_sam_hivenightmare.md

Update windows_sam_hivenightmare.rb

Update modules/post/windows/gather/credentials/windows_sam_hivenightmare.rb

Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>

minor changes

msftidy

Update modules/post/windows/gather/credentials/windows_sam_hivenightmare.rb

Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2021-07-29 11:54:31 -04:00
Grant Willcox a518fcac98 Add in timeout to 10th and final request to prevent module from throwing errors like it isn't working when it really is 2021-07-28 11:32:47 -05:00
Grant Willcox a53411229f Move files over to start work on converting this into an auxiliary module 2021-07-27 13:00:17 -05:00
Grant Willcox 8954dd5d2d Add in documentation and update module description to match 2021-07-27 13:00:15 -05:00
Shelby Pace 183caff15c Land #15418, add modern events calendar rce 2021-07-26 09:45:05 -05:00
Shelby Pace 38ae82155e modify info, fix spacing 2021-07-26 09:43:34 -05:00