adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

21 Commits

Author SHA1 Message Date
C4ssandre 4bfd9e4b2a Fixing a little error. 2020-12-10 05:15:37 -05:00
C4ssandre 4883050f7f Adding new options to module. Now it is possible to choose which process to launch as SYSTEM, as well as the port the exploit will listen (because on some Windows configuration, WinRM should listen on port 47001). 2020-12-10 03:53:06 -05:00
C4ssandre 43b49672d3 Removing old commented code. 2020-12-08 13:16:10 -05:00
C4ssandre b903595443 Improving function in charge of isolate B64 negotiate token from NTLM1 request. 2020-12-08 13:14:45 -05:00
C4ssandre b39eb0658a Reorganizing code in order to free allocated memory space. 2020-12-08 00:11:49 -05:00
C4ssandre 6821e52095 Adding a calloc check. 2020-12-07 23:45:12 -05:00
C4ssandre 669e668b65 Fixing potential buffer overflow. 2020-12-07 23:42:04 -05:00
C4ssandre c7d9d02490 Initializing service at zero. 2020-12-07 23:26:36 -05:00
C4ssandre e58c14add7 Removing old and weird commented code. 2020-12-07 23:25:59 -05:00
C4ssandre 46f59a76f0 Removing powershell payload serving method, and replacing it by just writing and executing in remote SYSTEM process. 2020-12-07 21:37:35 -05:00
C4ssandre d05bffdab3 Adding more detailed debug messages. 2020-12-07 21:36:34 -05:00
C4ssandre c7f832526d Fixing unfree-ed allocated memory space. 2020-11-30 14:54:19 +00:00
C4ssandre f9b0aecc8f Changing debug system. Now, dprintf prints readable and filterable output logs. Debug boolean defined in entry point was removed. 2020-10-28 15:52:18 +00:00
C4ssandre d93c2d03fb Fixing a bug preventing to serve very large powershell payloads. 2020-10-25 19:00:39 +00:00
C4ssandre 64cbd7de49 Fixing typos in comments. 2020-10-25 18:57:56 +00:00
C4ssandre 868f406c2d Improvement by setting all buffers explicitly to 0 at initialization. 2020-10-25 18:52:12 +00:00
C4ssandre 03b7c00fce Replacing a malloc by a calloc for more reliability. 2020-09-29 00:07:37 +00:00
C4ssandre cbb07ec208 Replacing old base64 encoding and decoding "homemade" function by wincrypt.h functions (CryptBinaryToStringA and CryptStringToBinaryA). Adding some little adjustments in calling functions of elevator server. 2020-09-29 00:05:49 +00:00
C4ssandre 1b68a41c9a Formatting code by removing whitespaces. 2020-08-28 17:34:49 +02:00
C4ssandre 995d6a7fc9 Changing all printf and wprintf to dprintf macro, defined in pch.h 2020-08-28 15:27:23 +02:00
C4ssandre 3336040f2d Adding a new privilege escalation exploit for windows. 
New files and folders:

- metasploit-framework/modules/exploits/windows/local/bits_ntlm_token_impersonation.rb

- metasploit-framework/data/exploits/drunkpotato/

- metasploit-framework/external/source/exploits/drunkpotato/
 2020-08-25 14:27:41 +02:00