adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
61,763 Commits 27 Branches 1,043 Tags
3c9c057fc3c241c19c1be80787b7fc061663118c
Commit Graph

15696 Commits

Author SHA1 Message Date
h00die a5674683f0 remove duplicate autocheck 2021-08-27 20:08:58 -04:00
adfoster-r7 4a9a15e638 Run Rubocop layout rules on modules 2021-08-27 17:19:43 +01:00
Grant Willcox 7cf2e66085 Fix up regex to properly match results and not include the 'version' part of the string, which was causing Rex::Version to return incorrect results and therefore make the 'check' method fail 2021-08-26 17:41:41 -05:00
Grant Willcox 415b46d9a7 Fix Rubocop errors 2021-08-26 16:52:58 -05:00
Dimitrie-Toma Furdui 63aaa8f438 fixed version check for docker_credential_wincred 2021-08-26 16:33:45 -05:00
Tim W 6c0b90eabb Land #15532, add module for CVE-2021-21300 and git mixins 2021-08-26 18:26:04 +01:00
Spencer McIntyre 674628e600 Land #15384, Improve Windows RDLL injection 2021-08-26 12:11:44 -04:00
Grant Willcox be9a7bc9b9 Fix up error in alpc_taskscheduler.rb where it expected a DLL but we passed it shellcode instead 2021-08-26 09:27:21 -05:00
Grant Willcox 7652a2240e Add in missing import for modules/exploits/windows/local/ntapphelpcachecontrol.rb to prevent crashes due to execute_dll not being defined 2021-08-25 18:19:58 -05:00
Grant Willcox 5a80e9678c Address Spencer's comments and remove changes that don't directly use the DLL injection library API change 2021-08-24 16:34:01 -05:00
sjanusz 8e00c5a188 Add default payload option to targets 2021-08-20 16:38:22 +01:00
William Vu 31796c6236 Land #15561, ProxyShell exploit 2021-08-19 10:31:02 -05:00
William Vu 0a06730802 Update contributors 2021-08-19 10:30:21 -05:00
Spencer McIntyre 84f8c44e69 Write to the targeted backend server 2021-08-18 12:34:40 -04:00
Spencer McIntyre 75e63992d6 Write an exploit for ProxyShell 2021-08-18 10:50:34 -04:00
William Vu 521ca14773 Add Lucee Administrator CVE-2021-21307 exploit 2021-08-16 10:09:34 -05:00
Jack Heysel 5aa56b303a Land #15539, Fix cve_2018_8453_win32k_priv_esc 
Fixes the check method for the above module, prior
to this change the module was not running against 1703.
 2021-08-13 11:01:58 -04:00
space-r7 c9bdd96c76 remove GIT_HOOK option 
post-checkout is the only hook that will work
with this exploit, so no option is needed. Also update
the documentation to reflect that.
 2021-08-12 10:18:13 -05:00
space-r7 31cbcb7774 add notes to updated modules 2021-08-12 10:18:13 -05:00
space-r7 70f304a548 change modules to use hash in build_commit_object 2021-08-12 10:18:13 -05:00
Shelby Pace d0c0372596 add request / response classes 2021-08-12 10:18:12 -05:00
Shelby Pace a4cc95448f remove namespace 2021-08-12 10:18:12 -05:00
Shelby Pace 0fe761b838 modify options and add documentation 2021-08-12 10:18:12 -05:00
Shelby Pace 98ef499351 add git lfs and smart http changes 2021-08-12 10:18:11 -05:00
Shelby Pace 53187648c1 add module 
also includes packfile obj metadata changes
 2021-08-12 10:18:11 -05:00
Shelby Pace d7161d0b90 add packfile, pkt line, and module code 2021-08-12 10:18:11 -05:00
Shelby Pace d89554e995 add git mixin changes and usage in git exploits 2021-08-12 10:18:11 -05:00
Shelby Pace 3fb225c9c6 add wrapper methods for creating git objects 
use methods in git_submodule_command_exec
 2021-08-12 10:18:11 -05:00
Spencer McIntyre 82cc8526d4 Land #15501, Add CVE-2019-11580 (Atlassian Crowd) 2021-08-12 09:38:31 -04:00
Grant Willcox 85ef49a79c Land #15535, Update psexec module to use SMBSHARE option name for consistency 2021-08-11 17:41:38 -05:00
Grant Willcox 5fdf990f24 Land #15519, Lexmark Universal Print Driver Local Privilege Escalation 2021-08-11 15:03:53 -05:00
Grant Willcox 7b25bd366f Update documentation and fix a few typos so that it reflects latest changes 2021-08-11 12:25:36 -05:00
Jacob Baines afa3d92774 Switched to upnp implementation 2021-08-10 18:17:18 -04:00
Dimitrie-Toma Furdui 6dae595e4e fixed version check for cve_2018_8453_win32k_priv_esc 2021-08-10 21:49:42 +03:00
adfoster-r7 b9d2f30bbd Update psexec module to use SMBSHARE option name for consistency 2021-08-10 13:17:57 +01:00
Jacob Baines b3dbf7c0e9 Altered the approach in check 2021-08-09 22:05:16 -04:00
Grant Willcox 55404ff29f Further fixes from review and further touch up edits 2021-08-09 14:23:05 -05:00
Grant Willcox c03ca1d39d Fix RuboCop error 2021-08-09 12:21:07 -05:00
Grant Willcox f8d838bba2 Fix first round of comments from the review process 2021-08-09 12:13:27 -05:00
Grant Willcox 8517286e89 RuboCop fix to description to make it happy 2021-08-09 10:05:21 -05:00
Grant Willcox 838142362c Apply first round of updates from review comments to improve explanations of the vulnerability and fix some minor issues 2021-08-09 09:59:09 -05:00
Jacob Baines 7703810c4a Fixed rubocop issue 2021-08-07 06:59:50 -04:00
Jacob Baines 0e41a0e81e Addressed all but one review items 2021-08-07 06:46:49 -04:00
Jacob Baines 8d699c0c4e Addressed various review comments 2021-08-06 14:55:50 -04:00
Grant Willcox ade653f0bf Final fixup edits to change the timeout value to be an advanced option and also to use send_req_cgi 2021-08-05 13:10:24 -05:00
Jacob Baines f851faf2e4 Initial commit for Canon driver exploit 2021-08-05 11:17:45 -04:00
Grant Willcox 00cfdc4f17 Use Faker to generate a fake app name, add in option to specify timeout to server, and also fix Alan's remaining review comments 2021-08-05 09:46:34 -05:00
Jacob Baines 4cff38b9c2 Fixed rubocop issues 2021-08-04 16:41:20 -04:00
Jacob Baines 699c53151b Fixed msftidy issues 2021-08-04 16:14:27 -04:00
Jacob Baines e6c48db072 Initial version of CVE-2021-35449 2021-08-04 16:08:43 -04:00