adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

75 Commits

Author SHA1 Message Date
h00die 8beb6255cb fix spelling in aux modules 2024-01-07 15:02:53 -05:00
adfoster-r7 433bafdccf Add missing module notes for stability reliability and side effects 2023-02-08 11:45:17 +00:00
adfoster-r7 4a9a15e638 Run Rubocop layout rules on modules 2021-08-27 17:19:43 +01:00
Alan Foster 100da2f1b1 Enforce Style/RedundantBegin for new modules 2021-05-13 04:01:03 +01:00
Vladimir Ivanov 690e687e7e Updates from code review 
Update modules/post/multi/sap/smdagent_get_properties.rb
Update modules/auxiliary/admin/sap/cve_2020_6207_solman_rce.rb
Update documentation for auxiliary module cve_2020_6207_solman_rce.md
Update documentation for post module smdagent_get_properties.md
Move setup_xml_and_variables to `run` method in auxiliary module cve_2020_6207_solman_rce.rb
Delete list_dir, read_file, file_exist in post module smdagent_get_properties.rb
 2021-04-06 21:23:39 +02:00
Ivanov Vladimir a803d7a0d1 CVE-2019-0307 
Add post module smdagent_get_properties.rb
Add lib sap_smd_agent_unencrypted_property.rb
Update auxiliary module cve_2020_6207_solman_rce.rb
Update lib sap_sol_man_eem_miss_auth.rb
 2021-03-29 20:29:30 +03:00
Vladimir Ivanov 3b8f3620d2 Minor updates 
Updated action_exec in auxiliary module cve_2020_6207_solman_rce.rb
Updated execute_command in exploit module cve_2020_6207_solman_rs.rb
 2021-03-25 15:37:29 +03:00
Vladimir Ivanov 0487e451cf Updated payload 
Updated make_rce_payload, renamed get_agent_os to check_agent in lib sap_sol_man_eem_miss_auth.rb
Updated action_ssrf, action_exec in auxiliary module cve_2020_6207_solman_rce.rb
Updated execute_command, exploit in exploit module cve_2020_6207_solman_rs.rb
 2021-03-25 14:20:54 +03:00
Vladimir Ivanov d28bcdc821 Updated action_ssrf, action_exec in auxiliary cve_2020_6207_solman_rce.rb 2021-03-24 16:05:34 +03:00
Vladimir Ivanov 567f78c532 Update PAYLOAD_XML, check_response in lib sap_sol_man_eem_miss_auth.rb 
Delete class var agents in auxiliary and exploit modules
 2021-03-24 11:21:57 +03:00
Vladimir Ivanov 6aba44c4d5 Delete analyze_error in auxiliary module cve_2020_6207_solman_rce.rb 2021-03-23 23:59:20 +03:00
Vladimir Ivanov 2c18435e6e Update pretty_agents_table in lib sap_sol_man_eem_miss_auth.rb 
Change output in auxiliary and exploit modules
 2021-03-23 23:00:34 +03:00
Vladimir Ivanov 4399fa73fc Update make_rce_payload, make_soap_body in lib sap_sol_man_eem_miss_auth.rb 
Update rce command in auxiliary module cve_2020_6207_solman_rce.rb
 2021-03-23 19:02:59 +03:00
Vladimir Ivanov 0fae3f4805 Added conditions in options in auxiliary module cve_2020_6207_solman_rce.rb 2021-03-23 14:02:12 +03:00
Vladimir Ivanov d76224066f Rename option URIPATH to TARGETURI 2021-03-23 13:33:39 +03:00
Vladimir Ivanov 113dce79de Move lib/metasploit/framework/sap_solman/client.rb to lib/msf/core/exploit/remote/http/sap_sol_man_eem_miss_auth.rb 2021-03-23 13:20:27 +03:00
Vladimir Ivanov 2a48dd265d Replace class var @@agents with a class instance var in auxiliary and exploit modules. 2021-03-22 12:13:04 +03:00
Vladimir Ivanov 42726a70c0 client.rb - library for auxiliary and exploit modules 
cve_2020_6207_solman_rce.rb - auxiliary module
cve_2020_6207_solman_rce.md - documentation for auxiliary module
cve_2020_6207_solman_rs.rb - exploit module
cve_2020_6207_solman_rs.md - documentation for exploit module
 2021-03-21 16:51:21 +03:00
Alan Foster b06c5c12aa Rubocop recently landed modules continued 2021-02-25 14:13:40 +00:00
Alan Foster 5b3fde7735 Rubocop recently landed modules 2021-02-16 15:08:08 +00:00
Grant Willcox a2675c13e8 Land #14213, Add disclosure date rubocop linting rule - enforce iso8601 disclosure dates 2020-10-07 12:09:59 -05:00
Ivanov Vladimir fa7b711d60 Change ltype in loot 2020-10-07 10:12:09 -05:00
Grant Willcox 12095f9174 Make minor updates to the error messages 2020-10-07 10:12:09 -05:00
Ivanov Vladimir df86b0c7c2 Update script to ensure action_file_read will correctly use fail_with, and to update the return types of send_first_request. 2020-10-07 10:11:12 -05:00
Grant Willcox 5ad2190c40 Apply updates to the module from the review process and a minor update to the documentation to note the renaming of the PATH option to URIPATH. Also update the check method so that it now works correctly and so that other functions return errors appropriately. 2020-10-07 10:08:57 -05:00
Ivanov Vladimir cc721fd64f Update several functions to apply review edits and also update the documentation accordingly. 2020-10-07 10:07:48 -05:00
Ivanov Vladimir 9ce3dc45f7 Delete default option: VERBOSE 2020-10-07 10:07:46 -05:00
Ivanov Vladimir 24d14f8816 Rename URN to PATH in several functions. Also change check function. 2020-10-07 10:04:55 -05:00
Grant Willcox 8a8dfafcc3 Rename the files and update some descriptions as there may be more XXE bugs in SAP in the future. Also update the documentation accordingly. 2020-10-07 10:04:03 -05:00
Grant Willcox fc462d2465 Clean up code to remove some extra options and to make the match() calls a bit cleaner, as well as make some of the explanations a bit neater. Also remove duplicate code from a few places 2020-10-07 10:04:02 -05:00
Grant Willcox a70cb25824 Remove all verbose options and tidy up one extra instance variable that was only used once 2020-10-07 10:04:02 -05:00
Vladimir Ivanov 7c682af98b Create sap_igs_xxe.rb and its associated documentation, and apply RuboCop fixes. 2020-10-07 10:03:09 -05:00
Alan Foster 30809787c4 Convert disclosure dates to iso8601 2020-10-02 21:00:37 +01:00
Spencer McIntyre 13d7c5445a Address rubocop complaints 2020-07-23 18:10:07 -04:00
Spencer McIntyre ff4db5daea Add the REMOVE action to the exploit for CVE-2020-6287 2020-07-23 17:59:40 -04:00
Spencer McIntyre 68614bcc3b Add check functionality for CVE-20220-6287 2020-07-23 14:46:06 -04:00
Spencer McIntyre e0046ef8f2 Randomize unnecessary values and set the secure attribute 2020-07-23 10:47:53 -04:00
Spencer McIntyre d108cd0da9 Address feedback for consistency within CVE-2020-6287 2020-07-23 10:31:46 -04:00
Spencer McIntyre 593ddd8ac4 Add module docs for CVE-2020-6287 2020-07-23 09:47:22 -04:00
Spencer McIntyre 2364b3f46c Fix the remaining rubocop issues for CVE-2020-6287 2020-07-22 19:18:42 -04:00
Spencer McIntyre 7b781ca12f Report a vuln in the CVE-2020-6287 module and fix xpath comparisons 2020-07-22 18:29:55 -04:00
Spencer McIntyre 2d43da2a39 Apply rubocop fixes for CVE-2020-6287 2020-07-22 18:04:11 -04:00
Spencer McIntyre ec9ee2baa7 Complete the exploit with privilege escalation through a role 2020-07-22 17:57:39 -04:00
Spencer McIntyre d1e2c75b3e Initial PoC of CVE-2020-6287 that adds a user 2020-07-17 02:03:43 -04:00
Brent Cook 6300758c46 use https for metaploit.com links 2017-07-24 06:26:21 -07:00
g0tmi1k 524373bb48 OCD - Removed un-needed full stop 2017-07-21 07:41:51 -07:00
g0tmi1k 4720d1a31e OCD fixes - Spaces 2017-07-14 08:46:59 +01:00
William Vu 64452de06d Fix msf/core and self.class msftidy warnings 
Also fixed rex requires.
 2017-05-03 15:44:51 -05:00
wchen-r7 61f9cc360b Correct casing - should be HttpUsername and HttpPassword 2016-05-27 18:31:54 -05:00
wchen-r7 4dcddb2399 Fix #4885, Support basic and form auth at the same time 
When a module uses the HttpClient mixin but registers the USERNAME
and PASSWORD datastore options in order to perform a form auth,
it ruins the ability to also perform a basic auth (sometimes it's
possible to see both). To avoid option naming conflicts, basic auth
options are now HTTPUSERNAME and HTTPPASSWORD.

Fix #4885
 2016-05-27 16:25:42 -05:00