adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

31 Commits

Author SHA1 Message Date
adfoster-r7 25ee41df68 Run rubocop on exploit modules 2023-02-08 15:20:32 +00:00
adfoster-r7 4a9a15e638 Run Rubocop layout rules on modules 2021-08-27 17:19:43 +01:00
cgranleese-r7 56510a2e8e Updates some notes on modules that weren't passing tests due to new rubocop rule 2021-07-28 16:20:02 +01:00
Grant Willcox 69690ef09e Fix RuboCop issues with sudo_baron_samedit.rb that were causing failures in some builds 2021-06-04 12:03:13 -05:00
Spencer McIntyre a8a1cf75b8 Reorder the Fedora targets to be descending 2021-05-18 18:02:12 -04:00
Ashley Donaldson 5dc8d0e684 Added automatic cleanup for exploit scripts that modify /etc/passwd 2021-05-06 21:50:03 +10:00
Ashley Donaldson 832813f057 If the exploit is completed but no session is created, tell the user if they have alternative exploits they could try. 2021-05-06 12:37:18 +10:00
Ashley Donaldson 000546e551 Rubocop changes 2021-05-04 16:24:00 +10:00
Ashley Donaldson fbc291bc22 Tested on various other Fedora's 2021-05-04 14:18:16 +10:00
Ashley Donaldson 7f89ac44ce Tested module on Fedora 25 
Also verify user does not already exist when adding a new user
 2021-05-04 10:38:28 +10:00
Ashley Donaldson 0435e281d9 Updated CVE-2021-3156 documentation to reflect code changes. 2021-05-03 16:45:50 +10:00
Ashley Donaldson 3722435a25 Tested and verified exploitability of second CVE-2021-3156 exploit on three platforms 2021-04-30 18:51:06 +10:00
Ashley Donaldson b1d2c39c98 Added second CentOS 7 exploit 2021-04-30 18:30:19 +10:00
Ashley Donaldson 124d157a1c Added CVE-2021-3156 exploits for CentOS 7 and 8 2021-04-30 17:25:59 +10:00
Ashley Donaldson 79152cafe6 Added support for Ubuntu 14.04.3 for CVE-2021-3156 2021-04-29 20:48:51 +10:00
Ashley Donaldson 9d9d3ce061 Added Ubuntu 16.04-specific exploit script to CVE-2021-3156 module 
The generic approach used for other targets doesn't work for 16.04, as that one relies on tcache bins, which are not present in glibc 2.23.
 2021-04-29 18:28:13 +10:00
Ashley Donaldson fcd17ed3b1 Port sudoedit exploit to Python 
It's assumed that Python is more likely to be present on the target system
than gcc, so is better as a dependency.
 2021-04-29 13:17:32 +10:00
dwelch-r7 319f15d938 Handle nil versions for rubygems 4 2021-02-25 16:47:49 +00:00
Alan Foster b06c5c12aa Rubocop recently landed modules continued 2021-02-25 14:13:40 +00:00
Tim W edea755096 Land #14740, CVE-2021-3156 Sudo LPE (AKA: Baron Samedit) Improvements 2021-02-22 17:48:33 +00:00
Alan Foster 5b3fde7735 Rubocop recently landed modules 2021-02-16 15:08:08 +00:00
Spencer McIntyre 01593f21b4 Add the Ubuntu 19.04 target for CVE-2021-3156 2021-02-12 10:06:47 -05:00
Spencer McIntyre 20067d183e Use single quotes for escaping arguments consistently 2021-02-12 08:59:38 -05:00
Spencer McIntyre f31c7846d2 Escape shell arguments even more thoroughly 2021-02-11 12:25:28 -05:00
Spencer McIntyre 944e8d572d Register missing files for cleanup 2021-02-10 18:05:20 -05:00
Spencer McIntyre 6562f309ce Handle whitespace in the target path 2021-02-10 17:40:42 -05:00
Spencer McIntyre 8757eb33fe Add an automatic target that uses version fingerprinting 2021-02-10 16:16:33 -05:00
Spencer McIntyre b9dd1b927b Randomize the path to the library that's loaded 2021-02-10 08:45:52 -05:00
Brendan Coles cfda83df99 sudo_baron_samedit: Add target: Debian 10 x64, sudo v1.8.27, libc v2.28 2021-02-05 07:54:34 +00:00
Spencer McIntyre 504865d507 Add a target for Ubuntu 18.04 and setgid and setuid by default 2021-02-04 10:45:00 -05:00
Spencer McIntyre 7281d00938 Implement feedback from PR review 2021-02-04 09:25:40 -05:00