adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

844 Commits

Author SHA1 Message Date
bwatters a72769909b Change exe to take destination and source files for copy 2020-09-16 11:17:39 -05:00
bwatters 17272209cc First try at CVE-2020-1048, needs lots of work 2020-09-16 11:17:38 -05:00
Shelby Pace ff500dd9fb add poc 2020-09-11 12:00:16 -05:00
bwatters e592736833 Land #13992, Add module for CVE-2020-9839, LPE for macOS <= 10.15.4 
Merge branch 'land-13992' into upstream-master
 2020-09-04 15:53:17 -05:00
bwatters 5e2a3a6f65 Recompiled binary exploit file to match source 2020-09-04 15:46:52 -05:00
Tim W 1693a3c787 add exploit binaries 2020-09-01 17:14:21 +08:00
Tim W 9150f0bc3a move int64.js and utils.js to javascript_utils folder 2020-09-01 16:14:31 +08:00
Tim W 46db23c35e fix int64.js and utils.js 2020-09-01 16:14:30 +08:00
Tim W c23cb63c6e exploit binary 2020-09-01 14:10:34 +08:00
C4ssandre 85ccac215b Removing precompiled binaries (dll exploits). 2020-08-28 17:37:34 +02:00
C4ssandre 3336040f2d Adding a new privilege escalation exploit for windows. 
New files and folders:

- metasploit-framework/modules/exploits/windows/local/bits_ntlm_token_impersonation.rb

- metasploit-framework/data/exploits/drunkpotato/

- metasploit-framework/external/source/exploits/drunkpotato/
 2020-08-25 14:27:41 +02:00
h00die cd41d9c3c9 Land #13911, iphone 4 on ios 7.1.2 safari jit for root 2020-08-14 16:01:14 -04:00
Tim W 1eaf66dab1 CVE-2020-9850 2020-08-14 16:10:34 +08:00
Tim W 0b513d6c51 remove debug logging from the kernel exploit 2020-07-30 18:10:26 +08:00
Tim W 79adcf7904 Add module for iOS 7.1.2 2020-07-27 15:05:31 +08:00
Brendan Coles cbbd4fc517 Add CVE-2020-7457 exploit.c 2020-07-26 08:04:37 +00:00
gwillcox-r7 586971428a Recompile everything so we don't have the messagebox calls 2020-06-11 00:18:45 -05:00
gwillcox-r7 93b28e662e Change out template_dll solution files so that it generates the DLL with the correct name and in the correct location 2020-06-10 11:41:34 -05:00
gwillcox-r7 7711cecee9 Final tweaks to make this more reliable, should be good now 2020-06-10 11:02:53 -05:00
gwillcox-r7 4a9c878132 Finally fix up the hanging issue via new template DLLs and associated code 2020-06-10 11:02:53 -05:00
gwillcox-r7 cb20eaf6f9 Finally fix the issue with the cleanup of the files within the exploit 2020-06-10 11:02:51 -05:00
gwillcox-r7 401feb3e53 Change code so that we automatically exit Notepad upon DLL completing its work. Should help tidy things up more 2020-06-10 11:02:50 -05:00
gwillcox-r7 cf17b2065c Updated module with some output corrections, recompiled DLLs 2020-06-10 11:02:50 -05:00
gwillcox-r7 ae2b40bf99 Update the output of the module to be more correct. Also upload updated DLLs 2020-06-10 11:02:49 -05:00
gwillcox-r7 1607b8c342 Add initial files for CVE-2020-0787 2020-06-10 11:02:35 -05:00
Shelby Pace c8ab30a40a add poc code 2020-06-02 14:29:02 -05:00
William Vu 8473662e32 Land #13463, Oracle WebLogic CVE-2020-2555 exploit 2020-05-20 23:21:07 -05:00
Brendan Coles 8631babcbb Update CVE-2019-13272 pre-compiled exploit 2020-05-11 13:36:41 +00:00
Brendan Coles dbc2b8b006 Update CVE-2019-13272 exploit C code to prefer auto targeting 
Previously, the exploit would attempt to use a hardcoded list of
known useful helpers and fall back to automatic targeting. This
logic has been reversed, preferring automatic targeting first.
 2020-05-09 03:59:31 +00:00
Spencer McIntyre 9769e04b6e Land #13322, CVE-2020-0668 Service tracing file junction overwrite 2020-05-07 09:47:20 -04:00
gwillcox-r7 a1275845ec Land #13200, CVE-2019-0808 LPE for Windows 7 x86 SP0 and SP1 2020-05-06 17:23:52 -05:00
gwillcox-r7 1c79674620 Recompile DLL and alter vcxproj file to automatically place generated DLL in right folder 2020-05-06 16:33:01 -05:00
Shelby Pace 587fc0ff09 add PoC 2020-05-04 11:08:38 -05:00
Tim W b8dc843b48 add binary 2020-05-01 19:02:54 +08:00
bwatters-r7 7213d379ec Add Uso dll 2020-04-23 15:18:22 -05:00
bwatters-r7 0bbb822fe4 Working through mountpoint issues 2020-04-21 09:54:45 -05:00
h00die e1f1ad45bc working exploit 2020-04-19 15:19:19 -04:00
h00die 58074dc6bb waiting on metasm question 2020-04-18 20:26:45 -04:00
Spencer McIntyre 3392fa18d4 Add the x64 LPE exploit for CVE-2020-0796 2020-04-02 17:22:00 -04:00
Brent Cook f59ec03c42 Land #12465, add Android Binder UAF (CVE-2019-2215) 2020-02-23 01:06:33 -08:00
Christophe De La Fuente 394e99fbe9 Land #12568, Fix exploit/windows/local/ms16_032_secondary_logon_handle_privesc 2020-01-30 11:57:56 +01:00
cdelafuente-r7 3491da7da0 Add a random sentinel to close channel when terminates (#1) 
* Add a random sentinel to close channel when terminates

* Replace spaces with tabs to be consistent

* Remove unnecessary escaped quotes and use include? instead of regex
 2020-01-25 23:30:49 +01:00
Tim W cfffb65a21 Land #12859, update AF_PACKET chocobo_root linux LPE 2020-01-24 17:30:13 +08:00
Brent Cook 6f6cc00871 Land #12751, add Linux RDS socket NP deref privesc 2020-01-22 07:08:47 -06:00
Brendan Coles 19b1f567b2 Update AF_PACKET chocobo_root Privilege Escalation module 2020-01-19 11:51:01 +00:00
Brendan Coles 36b6ceb56f Add rds_atomic_free_op_null_pointer_deref_priv_esc (CVE-2018-5333) 2020-01-18 08:34:52 +00:00
Shelby Pace 894927d960 Land #12693, add Comahawk privilege escalation 2019-12-18 15:40:51 -06:00
bwatters-r7 7e05642a1b Randomize container name 2019-12-12 07:48:01 -06:00
bwatters-r7 0257861c4f Remove debug statements and extra c/ruby libraries 2019-12-11 18:42:36 -06:00
bwatters-r7 942d1e3962 Trim exploit code and de-pasta-fy module 
Better check for build number
 2019-12-10 18:09:08 -06:00