adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

844 Commits

Author SHA1 Message Date
adfoster-r7 1ba704b1cb Land #18398, Update deprecated report_auth_info in various modules 2024-01-16 19:30:56 +00:00
Christophe De La Fuente fb26c93291 Land #18541, Glibc Tunables Privilege Escalation CVE-2023-4911 (Looney Tunables) 2023-12-20 20:04:21 +01:00
Jack Heysel b86df4820c Responded to comments from jvoisin 2023-12-19 13:50:09 -05:00
Jack Heysel 2ed3b771ed Updated python exploit 2023-12-19 00:26:54 -05:00
Gaurav Jain e9ff2e55dc Remove useless include of Report mixin in psnuffle.rb 2023-12-17 22:53:19 +05:30
Gaurav Jain a58f7f0558 Minor fixes to modules to use report_cred 2023-12-16 23:40:30 +05:30
Jack Heysel d9aa7f914e Added newline to PoC and removed empty file 2023-12-14 18:42:09 -05:00
Jack Heysel df111afb06 Glibc Tunables Exploit 2023-12-14 18:28:43 -05:00
Jack Heysel 7b74b758ad Removed unnecessary files in zip backup 2023-12-11 18:23:22 -05:00
Jack Heysel c0be4c2f72 working end to end unix confluence 7.18 2023-11-22 19:49:38 -05:00
Jack Heysel e6e2106140 Auth bypass, auth, shell upload, working 2023-11-21 22:14:27 -05:00
h00die b3b1595ef4 vmware aria ssh keys exploit 2023-10-16 13:06:17 -04:00
Spencer McIntyre 5a6dc7f9a6 Initial commit of CVE-2023-43654 2023-10-12 09:27:26 -04:00
Christophe De La Fuente 1058291af9 Land #18314, Windows Error Reporting RCE (CVE-2023-36874) 2023-09-27 15:25:06 +02:00
errorxyz f5d5541e73 Update deprecated report_auth_info method call in various modules in data/exploits/psnuffle/ 2023-09-25 02:51:08 +05:30
errorxyz 9f10f9402c Update deprecated report_auth_info method call in data/exploits/psnuffle/smb.rb module 2023-09-25 02:06:48 +05:30
bwatters be731f330e Add error checking and randomize the report directory 2023-09-22 14:43:21 -05:00
bwatters b4a1bb8fa2 Add docs and support for shell sessions; update exe to work without runtime lib. 2023-09-19 17:50:18 -05:00
Simon Janusz 8b56dc0117 Land #18250, CVE-2023-28252: Windows CLFS Driver Privilege Escalation 2023-09-14 10:18:29 +01:00
bwatters 91e7af4370 Added check, some stealth, and cleaned code 2023-09-05 14:29:13 -05:00
bwatters ccba494e61 Exploit working, still needs to be cleaned up 2023-08-29 18:01:44 -05:00
bwatters c69e983b30 Add module to create directory structures and upload/run exploit 2023-08-25 15:41:25 -05:00
Jack Heysel 97dd22032c Responded to comments, improved stability 2023-08-21 19:20:25 -04:00
Jack Heysel bcfc892195 General code clean up 2023-08-04 14:27:14 -04:00
bwatters 59e3760509 First attempt at CVE-2023-34634 2023-08-03 10:58:07 -05:00
Jack Heysel 416124705f Working in metasploit 2023-07-28 03:43:37 -04:00
bwatters b15d595de2 Adjust files to be better shared 2023-07-14 12:47:04 -05:00
h00die-gr3y 8edbf73b6f first release exploit module 2023-07-08 09:48:17 +00:00
Grant Willcox 7ca7c6aee1 Slight efficiency improvements 2023-05-24 17:36:39 -05:00
Grant Willcox 9e8d1ed2ea Add in Java class file, raw source code, and tidy up the module a bit 2023-05-24 13:17:48 -05:00
Christophe De La Fuente 6d4ee0c071 Add exploit for CVE-2023-21768 2023-03-27 20:08:22 +02:00
h00die 34b1e66f90 tomcat 8 priv esc on ubuntu prebuilt so file 2023-02-04 18:17:41 -05:00
h00die 2b09af78e1 tomcat 8 priv esc on ubuntu 2023-02-04 18:17:41 -05:00
cgranleese-r7 80dbbca020 Land #17371, Lenovo Diagnostics Driver Privilege Escalation (CVE-2022-3699) 2023-02-03 13:43:04 +00:00
Jack Heysel 1f224fd2d3 Rapid7 compiled binary 2023-02-02 11:11:06 -05:00
Jack Heysel 690d22f759 Rapid7 compiled binary 2023-02-01 10:08:13 -05:00
h00die 2c72cc145a updates to module 2023-01-31 20:05:33 -05:00
h00die fa687d3614 argv instead of hardcoded payload path 2023-01-31 16:02:25 -05:00
h00die 8d58eb6279 cve-2022-1043 2023-01-31 16:02:25 -05:00
Jack Heysel e99407fe26 Updated pre_compiled binary 2023-01-31 13:37:45 -05:00
Jack Heysel 4da94325f3 Rubocop 2023-01-19 13:52:58 -05:00
Jack Heysel 63d9445911 Fix for Win Server 2022 and 2019 2023-01-19 00:52:38 -05:00
Jack Heysel 2c2bfec4a0 Tested on Windows Build 19044, 19045 and 22000 2023-01-18 01:41:30 -05:00
bwatters 0dbb0dc8c9 Fix margins for readability and delete file 2023-01-17 17:28:27 -05:00
h00die be7ca91a8f cve-2022-22942 2023-01-17 15:30:36 -05:00
Jack Heysel 145589f7a2 Add GetPteBaseW10 2023-01-12 01:15:23 -05:00
Christophe De La Fuente d6a5590c06 Land #17265, Add Exploit for CVE-2020-25736 2022-12-13 18:49:56 +01:00
Jack Heysel 2fa7e7b2d5 Lenovo Diagnostics Driver Privilege Escaltion (CVE-2022-3699) 2022-12-12 21:53:53 -05:00
space-r7 cf9e54909c use 2021 helper name in objective-c code too 2022-12-12 15:55:36 -06:00
Spencer McIntyre 96da805014 Fix enumerating emails via ProxyShell 
The ResolveNames endpoint used to gather emails addresses for targeting
only returns 100 at a time. This updates the module to check if the
search result contains all entries and when it does, it recurses into
itself with a refined search prefix. All results are returned to match
the original functionality instead of enumerating and halting once one
that's suitable for exploitation has been found.
 2022-12-02 15:58:50 -05:00