adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

3986 Commits

Author SHA1 Message Date
Spencer McIntyre 636b790acb Update to using the AutoCheck mixin 2021-07-08 09:03:42 -04:00
William Vu af986380d3 Fix CheckCode 
It's closer to CheckCode::Appears than CheckCode::Vulnerable.
 2021-07-06 22:22:27 -05:00
Christophe De La Fuente daa5b32393 Update from review 
- Remove `MeterpreterTryToFork` option logic
- Add `Prepend` code directly under `Payload` info
- Rebase to use the updated `PrependFork`
- Add logic to verify that shells specified in the options really exist
  on the remote host
 2021-06-30 18:13:35 +02:00
Christophe De La Fuente eca20bec92 Update from code review 
- Fix documentation typos
- Rename `MeterpreterBackground` Mettle option to `MeterpreterTryToFork`
 2021-06-30 11:02:11 +02:00
Christophe De La Fuente ccaedd6c9a Last additions and improvements 
- add binaries
- add documentation
- backup `runc` binary in the exploit C file
- add `MeterpreterBackground` options to set Mettle `background` option
- add `WsfDelay` logic
- refactor code
- add cleanup logic
- add restore `runc` binary logic
 2021-06-30 11:02:11 +02:00
Christophe De La Fuente 1b59b8c83e Rebase and fix conflicts in lib/msf/core/post/common.rb 2021-06-30 11:02:11 +02:00
Brendan Coles d40656b852 apport_abrt_chroot_priv_esc: check if apport-cli is in $PATH 2021-06-25 11:48:16 +00:00
Shelby Pace 3c7d96695e Land #15349, add rConfig vendors auth rce 2021-06-24 10:43:18 -05:00
Shelby Pace 9f864df5f1 use Rex::Version instead of Gem::Version 2021-06-24 10:14:17 -05:00
Shelby Pace df1faf85ff rename files, change version check, use cookie jar 2021-06-24 09:47:38 -05:00
Yann Castel 1d2e3212d3 using MIME + added some guards 2021-06-18 10:43:30 +02:00
Hakyac 7781d9ff1e Update modules/exploits/linux/http/rconfig_authenticated_rce.rb 
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com>
 2021-06-18 10:22:11 +02:00
Hakyac 1e7737f8b4 Update modules/exploits/linux/http/rconfig_authenticated_rce.rb 
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com>
 2021-06-18 10:17:52 +02:00
Hakyac f4bd18c5a3 Update modules/exploits/linux/http/rconfig_authenticated_rce.rb 
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com>
 2021-06-18 09:21:00 +02:00
Spencer McIntyre 397c9ef140 Land #15333, Cisco HyperFlex File Upload RCE 2021-06-17 13:40:39 -04:00
Jack Heysel 281fce0c94 Cisco HyperFlex File Upload RCE module 
beta draft

RCE working with linux/x64/meterpreter_reverse_tcp

rubocop

Updated title, removed newlines

Responded to comments

Rubo cop offenses

Update documentation/modules/exploit/linux/http/cisco_hyperflex_file_upload_rce.md

Co-authored-by: wvu <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/cisco_hyperflex_file_upload_rce.rb

Co-authored-by: wvu <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/cisco_hyperflex_file_upload_rce.rb

Co-authored-by: wvu <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/cisco_hyperflex_file_upload_rce.rb

Co-authored-by: wvu <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/cisco_hyperflex_file_upload_rce.rb

Co-authored-by: wvu <wvu-r7@users.noreply.github.com>

Responded to comments

Rubocop offenses

Added support for Java Dropper

Made changes to Linux Dropper

Rubocop

Improved check method, changed to default staged paylod, removed TODO

Switched to single-quoted strings
 2021-06-17 12:38:47 -04:00
Yann Castel dca4f3f471 fix download link 2021-06-17 15:19:42 +02:00
Yann Castel 0fda6b348d initial commit 2021-06-17 15:15:59 +02:00
Grant Willcox e3a0228f79 Adjust exploit module title for rubocop compliance 2021-06-10 16:54:35 -05:00
Grant Willcox de8180b666 Update module title to correct state affected versions 2021-06-10 09:42:26 -05:00
MucahitSaratar ea7eaba7a9 added cve 
Signed-off-by: MucahitSaratar <trregen222@gmail.com>
 2021-06-10 09:35:42 -05:00
MucahitSaratar 4796779a29 Add more fixes to the module and documentation 2021-06-10 09:35:10 -05:00
Grant Willcox 038d0b1334 Add in autocheck compatability, update the documentation and output to be clearer, minimize traffic sent, fix up invalid scoping of variables, randomize data where possible, and add in exploit notes 2021-06-10 09:34:52 -05:00
MucahitSaratar 83caaccc6a adding backup 
Signed-off-by: MucahitSaratar <trregen222@gmail.com>
 2021-06-10 09:34:47 -05:00
MucahitSaratar 8e16d4a1c7 ipfire 2.25 core 156 remote code execution 
Signed-off-by: MucahitSaratar <trregen222@gmail.com>
 2021-06-10 09:34:13 -05:00
h00die eb4170678b use faker 2021-06-06 11:57:23 -04:00
Grant Willcox 69690ef09e Fix RuboCop issues with sudo_baron_samedit.rb that were causing failures in some builds 2021-06-04 12:03:13 -05:00
Spencer McIntyre 78f97d2fa7 Land #15281, Add Cisco HyperFlex exploit 2021-06-03 17:24:27 -04:00
Shelby Pace 8b737c2c60 Land #15231, add SuiteCRM log file rce 2021-06-03 09:11:00 -05:00
William Vu 6efd312430 Add Cisco HyperFlex HX Data Platform exploit 
CVE-2021-1497
CVE-2021-1498
 2021-06-03 00:43:56 -05:00
William Vu 37a7ee2e28 Clean up f5_icontrol_rest_ssrf_rce 
Escalate a warning and prefer a variable.
 2021-06-02 20:32:47 -05:00
mcorybillington d2b539e3c9 authentication fix from add cookie jar merge 2021-06-02 16:54:09 -05:00
Shelby Pace 3056e8f946 add cookie jar and AutoCheck 2021-06-02 13:09:33 -05:00
pingport80 fe8e586b22 fall to shell when meterpreter fails get_processes 
shift `pidof` to `Msf::Post::Process`
 2021-06-01 18:51:39 +05:30
h00die 3f1bb4b51e rename module, add docs 2021-05-30 14:48:39 -04:00
h00die 0c3a693bef working exploit and docs 2021-05-30 14:37:11 -04:00
mcorybillington dea7f50d36 Cover log file restoriation in all failure cases 2021-05-29 09:25:10 -05:00
M. Cory Billington 1451e9b56b Update modules/exploits/linux/http/suitecrm_log_file_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-05-27 11:59:32 -05:00
M. Cory Billington fa1ad1b32e Update modules/exploits/linux/http/suitecrm_log_file_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-05-27 11:59:28 -05:00
M. Cory Billington b4f699fb15 Update modules/exploits/linux/http/suitecrm_log_file_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-05-27 11:59:23 -05:00
mcorybillington 2d9fdb97ad Check that initial request is valid 2021-05-26 12:23:36 -05:00
mcorybillington 57ef94cfdf Remove non boolean return from authentication 2021-05-25 22:55:28 -05:00
mcorybillington 91284db05d Check returned responses on each stage and output status info 2021-05-25 22:49:27 -05:00
mcorybillington ed1f5db48d Check method and authentication fixes 2021-05-25 20:38:32 -05:00
M. Cory Billington 01a8a6ab30 Remove unrequired reference to msfcore 2021-05-23 12:12:35 -05:00
M. Cory Billington 2757e7163c Remove trailing white space found during msftidy 2021-05-22 18:44:15 -05:00
M. Cory Billington 81c056df3b Removed unused return value 2021-05-22 01:32:17 -05:00
M. Cory Billington 963cea939f Changed request method to preferred method 2021-05-22 01:29:24 -05:00
M. Cory Billington ab5256a106 Use more robust version checking and add missing return statements. 2021-05-22 01:26:28 -05:00
M. Cory Billington 64f9ea0848 Update modules/exploits/linux/http/suitecrm_log_file_rce.rb 
Change Metasploit download link to https

Co-authored-by: bcoles <bcoles@gmail.com>
 2021-05-22 00:59:23 -05:00