adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

6278 Commits

Author SHA1 Message Date
Christophe De La Fuente 7f667fab4e Update documentation 2021-05-04 14:12:48 +02:00
Ashley Donaldson a055e9a8b7 Land #11130, Added modules to steal Active Directory credentials 2021-05-04 11:35:38 +10:00
Mehmet INCE e3662034ea Update documentation/modules/exploit/linux/http/gravcms_exec.md 
Making consistent with documentation template.

Co-authored-by: cdelafuente-r7 <56716719+cdelafuente-r7@users.noreply.github.com>
 2021-05-03 20:38:17 +03:00
Mehmet INCE 686f8c309a Fix the module documentation 2021-05-03 12:17:24 +03:00
Mehmet INCE 9e04805c0e Adding check method to gravcms exec 2021-05-03 11:14:43 +03:00
Mehmet INCE e3d05395de Add GravCMS exec 2021-05-03 11:14:42 +03:00
Ashley Donaldson 0435e281d9 Updated CVE-2021-3156 documentation to reflect code changes. 2021-05-03 16:45:50 +10:00
Ashley Donaldson 14f9414e94 Added instructions to help understand how to use the extracted data 2021-05-03 13:22:19 +10:00
Ashley Donaldson f0a442b77d Retrieve configured kerberos ticket location before retrieving tickets 
Rather than assume that file-configured kerberos tickets will be at /tmp/krb5_*, let's check the config file.
Also allows us to give more meaningful error messages and point people in the direction of where to look if it doesn't work.
 2021-05-03 13:07:45 +10:00
William Vu a2047071e2 Refine vmware_vrops_mgr_ssrf_rce module doc again 
I've used this Markdown trick before, but I wasn't sure it'd work here.
 2021-05-02 21:18:53 -05:00
William Vu 8b4a763eb1 Add words to vmware_vrops_mgr_ssrf_rce module doc 
I had dropped this sentence for brevity, but now I realize it's useful.
 2021-05-02 17:24:58 -05:00
h00die 2c76671436 add windows minion file 2021-05-02 10:01:06 -04:00
h00die 33727ef664 idrac docs and cleanup 2021-05-02 08:52:11 -04:00
h00die 2c0c7791a0 more error handling, updated docs 2021-05-02 08:19:43 -04:00
Brendan Coles 4a93f15c80 Land #15136, Set microfocus_ucmdb_unauth_deser default payload to reverse_python 2021-05-02 10:27:05 +00:00
Pedro Ribeiro e6b605369e UCMDB: remove warning from docs and change Linux target to reverse_python 2021-05-02 16:53:02 +07:00
Ashley Donaldson 86a7b7b915 Forked a long time ago, so let's get it closer to the main branch 2021-05-02 14:23:56 +10:00
William Vu a79ddb5b3c Fix "apache_ofbiz_deserialiation" typo in its doc 2021-05-01 17:23:52 -05:00
h00die fde1696ae2 windows and osx updates 2021-04-30 20:59:54 -04:00
Tim W 14e22bee37 Land #15105, CVE-2021-21220 - Chrome V8 XOR typer mismatch OOB access RCE 2021-04-30 22:56:07 +01:00
Tim W 165b25275a minor documentation fix 2021-04-30 22:32:47 +01:00
Shelby Pace 0535489703 Land #14947, add IGEL OS RCE 2021-04-30 15:49:11 -05:00
Shelby Pace a59eebc937 remove systemd limit modification info 2021-04-30 15:44:22 -05:00
Shelby Pace de22236902 add AutoCheck and update docs output 2021-04-30 15:38:57 -05:00
Grant Willcox f267f0866c Fix up documentation typos and improve JavaScript using comments from @timwr's review. 2021-04-30 10:54:09 -05:00
Shelby Pace 45a8e1f49f Land #15087, Operations Bridge Reporter support 2021-04-30 08:41:35 -05:00
Spencer McIntyre 994825dcc9 Land #15090, Add exploit for CVE-2021-22502 2021-04-29 14:09:28 -04:00
Spencer McIntyre b2142aada7 Land #15086, Add exploit for CVE-2020-11857 2021-04-29 11:47:17 -04:00
Spencer McIntyre 4373b464ce Update the markdown module docs a bit 2021-04-29 11:46:40 -04:00
Ashley Donaldson 78295b654b Land #14702, Add module Redis extractor 2021-04-29 11:02:38 +10:00
btnz-k 9d23121fa0 Updated documentation content. 2021-04-28 14:02:06 -07:00
btnz-k a223baf0a3 Updated emby_version_ssrf to include timeout. Updated documentation filenames and content. 2021-04-28 13:07:51 -07:00
btnz-k b3b9d89bd1 changes to meet r7 reqs 2021-04-28 12:41:41 -07:00
Ashley Donaldson dc24800407 Robustness improvements to Redis extractor module 
* Use RESP's information about bulk string and array lengths
* Iterative rather than recursive approach
 2021-04-28 11:17:48 +10:00
Grant Willcox 9b528645b1 Fix minor typo on the Pwn2Own year 2021-04-27 13:26:27 -05:00
Grant Willcox 5541988d10 Upload working exploit and documentation for CVE-2021-21220 2021-04-27 13:23:35 -05:00
Shelby Pace a4af80d3e1 Land #15005, add VMware vRealize SSRF RCE 2021-04-27 09:19:55 -05:00
Ashley Donaldson a640443cab Land #15014, Added string PKey support for ssh module 
Able to specify an individual private key as a string parameter into the module
 2021-04-27 15:42:37 +10:00
Shelby Pace 363db0e271 Land #14977, add Apache Druid js rce 2021-04-26 12:01:19 -05:00
Li Hua 9b984ddbed Update microfocus_obr_cmd_injection.md 2021-04-25 11:02:54 +08:00
Grant Willcox 6b4e5a7e4d Land PR #15088, Fix a typo in Eclipse Equinox product name 2021-04-23 17:07:37 -05:00
Cooper Travis 6cc800e0fc Updated logging and documentation 2021-04-23 10:26:46 -05:00
Pedro Ribeiro 651a34af53 add sploit for MF OBR cmd injection 2021-04-23 21:04:36 +07:00
Spencer McIntyre 95e59f514c Land #15021, add KOFFEE exploit for CVE-2020-8539 2021-04-23 09:25:16 -04:00
Spencer McIntyre 50873d3d88 Fix some typos and markdown formatting 2021-04-23 09:24:38 -04:00
Pedro Ribeiro 02656a2c31 add clarification - it's for linux only 2021-04-23 19:23:18 +07:00
Erran Carey dcf457f7e9 Fix a typo in Eclipse Equinox product name 
The osgi_console_exec module docs had a few stray characters for the
product name and description. The product name confused me when
googling for this module.
 2021-04-23 11:57:48 +01:00
Pedro Ribeiro 62ba64375c fix typos and add default rport 2021-04-23 17:38:06 +07:00
Pedro Ribeiro 8b3687b9e6 update privesc sploit 2021-04-23 16:38:25 +07:00
Pedro Ribeiro 30c333b30d fix typo in shrboadmin 2021-04-23 15:03:34 +07:00