adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
59,390 Commits 27 Branches 1,043 Tags
3d3155c8b69a046378d04fbc369cc40e0d52c19d
Commit Graph

4298 Commits

Author SHA1 Message Date
Brian Halbach f9a4bac0ff updated jira_user_enum with msftidy_docs 2021-03-09 12:00:39 -06:00
Brian Halbach a8685f2ab0 Added Documentation for jira_user_enum module 2021-01-18 10:46:02 -06:00
Shelby Pace 560327deba Land #14616, fix typo in autoroute.md 2021-01-15 15:43:50 -06:00
Christophe De La Fuente c8819259ae Land #14414, CVE-2020-1337 - patch bypass for CVE-2020-1048 2021-01-15 19:13:14 +01:00
chenxiaotian e2e3cc12b0 Update autoroute.md 2021-01-15 16:22:33 +08:00
bwatters d8e68e6487 Specify you must be SYSTEM for dll removal in docs and removed unused variable in the module 2021-01-12 11:45:53 -06:00
Spencer McIntyre 33bd712e0a Land #14585, Create module for CVE-2020-17136: Cloud Filter Arbitrary File Creation EoP 2021-01-11 17:16:40 -05:00
bwatters 50e115b414 Cleanup and edits per review from Christophe 
Removed unused method from ps script
Cleaned up some code in the module
Added removal instructions to the documentation
 2021-01-11 16:02:58 -06:00
Shelby Pace 7aef731267 Land #14572, add AIT CSV import rce 2021-01-11 15:37:05 -06:00
h00die 7d7263cf1f spelling 2021-01-09 08:13:19 -05:00
Grant Willcox 3072391d00 Make second round of review edits to fix Spencer's comments 2021-01-08 12:50:52 -06:00
Christophe De La Fuente 2886ee0448 Land #14582, Support command actions for post modules and consolidate VSS modules 2021-01-08 16:54:04 +01:00
Grant Willcox 3e52debd8b Update the exploit a bit more to remove excess options and also update the documentation accordingly. 2021-01-06 12:16:06 -06:00
Christophe De La Fuente 17c393f101 Land #14046, Adding juicypotato-like privilege escalation exploit for windows 2021-01-06 16:02:05 +01:00
Grant Willcox 863417fca7 Second round of updates and some rubocop changes to conform to standards. 2021-01-06 01:30:40 -06:00
Grant Willcox 81ee149ea2 Add check code support to module and update the documentation accordingly, plus rework the module description 2021-01-06 01:06:08 -06:00
Shelby Pace 7cab5568ab Land #14568, add total upkeep backup download 2021-01-05 14:01:04 -06:00
bwatters 54f5e565fa Land #14330, SpamTitan Gateway Remote Code Execution 
Merge branch 'land-14330' into upstream-master
 2021-01-04 12:14:12 -06:00
Spencer McIntyre 2f58d246e7 Add documentation for the new VSS module 2021-01-04 12:25:41 -05:00
h00die d8c55501a5 ait csv improter exploit 2021-01-01 12:14:52 -05:00
h00die c64d0038ab review step 1 2020-12-31 12:54:33 -05:00
h00die ff3dd7b73a first go of wp_total_upkeep 2020-12-30 16:34:12 -05:00
Spencer McIntyre 8701a2e6e8 Remove the deprecated SOCKS modules in favor of the new unified one 2020-12-29 13:33:06 -05:00
Grant Willcox 7de662c807 Land #14521, Struts2 Multi Eval OGNL RCE 2020-12-23 11:40:16 -06:00
Grant Willcox 70f8ff31f8 Update documentation to include missing extra options I forgot to document, edit the wording on the module to match the documentation, and do final touch ups. 2020-12-23 10:50:22 -06:00
Grant Willcox 799b451324 Add in updates to documentation to fix spelling mistakes and to also add in missing documentation for some options, plus to make some explanations a bit clearer. 2020-12-22 17:33:40 -06:00
bwatters d2ca5d331d Add documentation 2020-12-22 14:14:20 -06:00
Grant Willcox 4a449f97d3 Land #14522, Replace hard-coded Shiro default key with ENC_KEY 2020-12-22 09:26:49 -06:00
Grant Willcox 24e8aeffe5 Incorporate review feedback and update the associated documentation. 2020-12-21 17:29:21 -06:00
Grant Willcox 2c66beac17 Land #14429, Create shodan_host.rb, a module to grab ports from a given IP using Shodan 2020-12-21 15:58:17 -06:00
Grant Willcox 12277d3020 Apply RuboCop changes to the exploit module and also make final adjustments to the exploit code to handle some edge cases and fix review comments 2020-12-21 15:26:48 -06:00
William Vu 39110d04f0 Add note about needing an Oracle account 2020-12-18 21:20:29 -06:00
William Vu 4d85602fae Fix incorrect scenario header in module doc 
I retested in VirtualBox and updated the output but not the header.
 2020-12-18 21:15:05 -06:00
C4ssandre 57c57a398d Adding new check to filter out Windows 7 and Windows XP. Indeed, lab experiments has shown that BITS does not attempt to connect to WinRM port, making those systems not vulnerable. 2020-12-19 02:51:48 +01:00
Spencer McIntyre 11faafa4e9 Land #14474, Wordpress 2-day: easy-wp-smtp arbitrary wordpress user password reset 2020-12-18 17:07:46 -05:00
Spencer McIntyre 764efbeac3 Fixup a typo, an unnecessary statement and clarify a statement 2020-12-18 17:07:16 -05:00
h00die 3cb39c2fca Land #14497, wordpress uplicator plugin arbitrary file read 2020-12-18 17:05:40 -05:00
Christophe De La Fuente dc6b67f4c6 Land #14509, Fixes for Solr RCE 2020-12-18 21:51:06 +01:00
h00die 9e6d20a83c create aggressive mode and some review 2020-12-18 15:30:45 -05:00
Spencer McIntyre 9b8b4621df Land #14368, Pulse Connect Secure gzip RCE: cve-2020-8260 2020-12-17 17:43:55 -05:00
h00die a1702e8b53 rubocop and minor adjustments 2020-12-17 06:39:43 -05:00
Spencer McIntyre 87dacce2cd Land #14446, Add Oracle Solaris SunSSH PAM parse_user_name() exploit (CVE-2020-14871) 2020-12-16 16:01:32 -05:00
Christophe De La Fuente c586bde50d Update documentation to add SNMPPORT option description 2020-12-16 15:20:10 +01:00
Christophe De La Fuente 60bcc95edc Fix documentation 2020-12-16 15:15:27 +01:00
Christophe De La Fuente 298deae709 Add documentation 2020-12-16 15:15:27 +01:00
Spencer McIntyre 3d7ed70cec Tweak the check method and add module docs 2020-12-15 19:49:29 -05:00
Spencer McIntyre 246c455c96 Reformat the struts2_namespace_ognl module docs 2020-12-15 09:13:06 -05:00
Natto fc96ae0583 Create shodan_host.md 2020-12-15 10:30:58 +08:00
Tim W a30cdfc892 Fix #14254, Add CVE-2020-1054, win32k DrawIconEx OOB Write LPE 2020-12-14 14:54:54 +00:00
Christophe De La Fuente 98d6364248 Land #14482, Use CVE-2020-5752 path traversal bypass for CVE-2019-3999 2020-12-14 15:10:09 +01:00