adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
61,763 Commits 27 Branches 1,043 Tags
3c9c057fc3c241c19c1be80787b7fc061663118c
Commit Graph

31366 Commits

Author SHA1 Message Date
Spencer McIntyre 8317a484a3 Land #15548, Overhaul SMB auth capture server 2021-08-30 10:01:55 -04:00
h00die a5674683f0 remove duplicate autocheck 2021-08-27 20:08:58 -04:00
sjanusz ab596dc13d Adds realm, host and service for core credentials 2021-08-27 17:33:17 +01:00
adfoster-r7 4a9a15e638 Run Rubocop layout rules on modules 2021-08-27 17:19:43 +01:00
adfoster-r7 7daec4ab39 Update metasploit payloads version 2021-08-27 12:55:19 +01:00
Grant Willcox 7cf2e66085 Fix up regex to properly match results and not include the 'version' part of the string, which was causing Rex::Version to return incorrect results and therefore make the 'check' method fail 2021-08-26 17:41:41 -05:00
Grant Willcox 415b46d9a7 Fix Rubocop errors 2021-08-26 16:52:58 -05:00
Dimitrie-Toma Furdui 63aaa8f438 fixed version check for docker_credential_wincred 2021-08-26 16:33:45 -05:00
Tim W 6c0b90eabb Land #15532, add module for CVE-2021-21300 and git mixins 2021-08-26 18:26:04 +01:00
Spencer McIntyre 674628e600 Land #15384, Improve Windows RDLL injection 2021-08-26 12:11:44 -04:00
Grant Willcox be9a7bc9b9 Fix up error in alpc_taskscheduler.rb where it expected a DLL but we passed it shellcode instead 2021-08-26 09:27:21 -05:00
Grant Willcox 7652a2240e Add in missing import for modules/exploits/windows/local/ntapphelpcachecontrol.rb to prevent crashes due to execute_dll not being defined 2021-08-25 18:19:58 -05:00
space-r7 ab622405de Land #15593, add WP Learnpress SQLi module 2021-08-25 14:18:51 -05:00
space-r7 17da80163c fix typo, set COUNT default to 3 as noted in docs 2021-08-25 14:17:47 -05:00
agalway-r7 4bcfe81ddb replace magic value with constant 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2021-08-25 14:35:16 +01:00
Grant Willcox 5a80e9678c Address Spencer's comments and remove changes that don't directly use the DLL injection library API change 2021-08-24 16:34:01 -05:00
A Galway 8f77c6ff8a adds JTR NTLM constant & improves module options 2021-08-24 12:18:27 +01:00
h00die b9db47f873 wp_learnpress sqli 2021-08-23 19:45:45 -04:00
sjanusz 8e00c5a188 Add default payload option to targets 2021-08-20 16:38:22 +01:00
Spencer McIntyre c47efcabfc Land #15556, Add shell support to enum_unattended 2021-08-19 17:40:51 -04:00
pingport80 406b152752 add shell support to enum_unattend module 
update registry operations

guard against nil when the unattendfile registry key is not present
 2021-08-19 23:39:18 +05:30
William Vu 31796c6236 Land #15561, ProxyShell exploit 2021-08-19 10:31:02 -05:00
William Vu 0a06730802 Update contributors 2021-08-19 10:30:21 -05:00
Spencer McIntyre 1519aef539 Land #15570, Fix smb enum gpp module 2021-08-19 09:20:38 -04:00
space-r7 a75b649cf3 Land #15546, properly store UUID URLs 2021-08-18 17:15:14 -05:00
Spencer McIntyre 84f8c44e69 Write to the targeted backend server 2021-08-18 12:34:40 -04:00
Spencer McIntyre 75e63992d6 Write an exploit for ProxyShell 2021-08-18 10:50:34 -04:00
adfoster-r7 d9baaed0ba Fix smb enum gpp module 2021-08-18 11:44:03 +01:00
A Galway 534ba9a7af splits jtr hash files, adds timeout & updates docs 2021-08-16 16:57:49 +01:00
William Vu 521ca14773 Add Lucee Administrator CVE-2021-21307 exploit 2021-08-16 10:09:34 -05:00
A Galway 89b7613d6a typos, errors handiling, & removes unused args 2021-08-16 13:27:00 +01:00
A Galway 9d20fbe014 msftidy 2021-08-16 12:29:48 +01:00
A Galway 08c732dbb5 improves documentation and placeholder comments 2021-08-13 17:53:00 +01:00
A Galway eb10ce8a3f rubocop cleanup 2021-08-13 17:22:37 +01:00
A Galway 8ce50af72d updates docs & adds in os reporting placeholder 2021-08-13 17:11:21 +01:00
Tim W 5acd0ee5d6 Fix #15480, fix IgnoreUnknownPayloads for stageless reverse_http payloads 2021-08-13 16:57:04 +01:00
Jack Heysel 5aa56b303a Land #15539, Fix cve_2018_8453_win32k_priv_esc 
Fixes the check method for the above module, prior
to this change the module was not running against 1703.
 2021-08-13 11:01:58 -04:00
A Galway 71bfb630d6 replaces smb capture server code with RubySMB 2021-08-13 15:01:56 +01:00
space-r7 c9bdd96c76 remove GIT_HOOK option 
post-checkout is the only hook that will work
with this exploit, so no option is needed. Also update
the documentation to reflect that.
 2021-08-12 10:18:13 -05:00
space-r7 31cbcb7774 add notes to updated modules 2021-08-12 10:18:13 -05:00
space-r7 70f304a548 change modules to use hash in build_commit_object 2021-08-12 10:18:13 -05:00
Shelby Pace d0c0372596 add request / response classes 2021-08-12 10:18:12 -05:00
Shelby Pace a4cc95448f remove namespace 2021-08-12 10:18:12 -05:00
Shelby Pace 0fe761b838 modify options and add documentation 2021-08-12 10:18:12 -05:00
Shelby Pace 98ef499351 add git lfs and smart http changes 2021-08-12 10:18:11 -05:00
Shelby Pace 53187648c1 add module 
also includes packfile obj metadata changes
 2021-08-12 10:18:11 -05:00
Shelby Pace d7161d0b90 add packfile, pkt line, and module code 2021-08-12 10:18:11 -05:00
Shelby Pace d89554e995 add git mixin changes and usage in git exploits 2021-08-12 10:18:11 -05:00
Shelby Pace 3fb225c9c6 add wrapper methods for creating git objects 
use methods in git_submodule_command_exec
 2021-08-12 10:18:11 -05:00
Spencer McIntyre 82cc8526d4 Land #15501, Add CVE-2019-11580 (Atlassian Crowd) 2021-08-12 09:38:31 -04:00