adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

3986 Commits

Author SHA1 Message Date
Brendan Coles 45249d582d Add partition check 2018-02-09 16:15:04 -05:00
Brendan Coles 0ba37f8104 Add glibc $ORIGIN Expansion Privilege Escalation exploit 2018-02-09 16:15:04 -05:00
h00die cb1b59545b Land #9469 linux local exploit for glibc ld audit 2018-02-09 14:00:42 -05:00
Steve 361a999dd1 Use ARCH_X64 instead 2018-02-09 18:49:04 +00:00
Steve f17b9aed0c Use cmd_stager 2018-02-09 18:38:09 +00:00
Steve 7598a5801a Fix use of local var 2018-02-09 09:36:59 +00:00
Steve 829cfbab3b Replaced string concats with interpolation 2018-02-08 16:11:47 +00:00
Steve a415a82aa3 Shortened SNMPManager.open statements 2018-02-08 16:09:53 +00:00
Steve 60e3b7be1a Clarified printf string 2018-02-08 16:06:44 +00:00
Steve 9bea263805 Changed temporary filename to local variable 2018-02-08 16:04:49 +00:00
Steve 50a1a0ae6c Add comment to space limitation 2018-02-08 16:03:17 +00:00
Steve ba528c8d50 Indented description 2018-02-08 16:01:16 +00:00
Brendan Coles 5b251ae672 Support shell sessions on Debian 2018-02-08 11:29:09 +00:00
Brent Cook b1d0529161 prefer 'shell' channels over 'exec' channels for ssh 
If a command is not specified to CommandStream, request a "shell"
session rather than running exec. This allows targets that do not have a
true "shell" which supports exec to instead return a raw shell session.
 2018-02-08 02:21:16 -06:00
Brendan Coles d078ab8033 Use 'exit' CommandShellCleanupCommand 2018-02-06 13:36:36 +00:00
Brendan Coles 696817215b Update tested versions 2018-02-05 04:48:52 +00:00
Brendan Coles e158ccb20b Support cleanup for meterpreter sessions 2018-02-04 04:38:53 +00:00
Brendan Coles 74ab02f27b Support meterpreter sessions 2018-02-03 11:55:08 +00:00
Brendan Coles 686689afc0 Rename asus_infosvr_exec to asus_infosvr_auth_bypass_exec 2018-02-02 07:53:50 +00:00
h00die 7cb0a118c1 Land #9399 a linux priv esc against apport and abrt 2018-02-01 21:54:54 -05:00
Brendan Coles 3c21eb8111 Update documentation 2018-02-02 02:27:13 +00:00
Brendan Coles 0d80ca6f79 Change documentation extension from rb to md 2018-01-31 23:26:30 +00:00
Brendan Coles 092eb0cd11 Add glibc LD_AUDIT Arbitrary DSO Load Privilege Escalation exploit 2018-01-28 05:11:38 +00:00
Brendan Coles 23f4bf1583 Add documentation 2018-01-27 03:15:06 +00:00
Pedro Ribeiro 54c6aa7629 Add full disclosure URL 2018-01-26 15:35:18 +07:00
bwatters-r7 685a950077 Land #9114, Add module for Kaltura <= 13.1.0 RCE (CVE-2017-14143) 
Merge branch 'land-9114' into upstream-master
 2018-01-23 12:35:59 -06:00
Brent Cook aae77fc1a4 Land #9349, GoAhead LD_PRELOAD CGI Module 2018-01-22 23:10:36 -06:00
Pedro Ribeiro 621868b7fb Add CVE numbers 2018-01-23 11:26:39 +07:00
Pedro Ribeiro b734af4e79 Add my advisory URL 2018-01-22 22:00:48 +07:00
Pedro Ribeiro c1fe355329 Create exploit for AsusWRT LAN RCE 2018-01-22 21:44:02 +07:00
Brendan Coles 5e11d36351 Add ABRT raceabrt Privilege Escalation module 2018-01-16 14:52:33 +00:00
Brendan Coles 4ade798cef Fix check for juju-run path 2018-01-16 07:19:48 +00:00
Brendan Coles e1cbe4e906 Rename apport_chroot_priv_esc to apport_abrt_chroot_priv_esc 2018-01-14 08:33:43 +00:00
Brendan Coles c234d0523a Add support for abrt on Fedora 2018-01-14 08:33:10 +00:00
Brendan Coles c94763bfe0 Add Juju-run Agent Privilege Escalation module 2018-01-14 05:57:17 +00:00
Brendan Coles 2f3e3b486a Use cross-compiled exploit 2018-01-13 05:44:42 +00:00
Brendan Coles 842736f7b1 register_dir_for_cleanup 2018-01-12 14:21:43 +00:00
Brendan Coles 8bbffd20cd Add Apport chroot Privilege Escalation exploit 2018-01-12 07:25:35 +00:00
Wei Chen 6510ee53bc Land #9204, Add exploit for Samsung SRN-1670D (CVE-2017-16524) 
Land #9204
 2018-01-10 20:15:29 -06:00
Wei Chen 18c179a091 Update module and add documentation 
This updates the module to pass:

* msftidy
* Ruby style guidelines
* Proper usage of Metasploit API
* Mostly other cosmetic fixes

A documentation is also added.
 2018-01-10 20:13:42 -06:00
Brent Cook 520e890520 Land #8581, VMware Workstation ALSA Config File Local Privilege Escalation 2018-01-03 21:35:57 -06:00
William Vu c3f10c1d57 Land #9336, Linksys WVBR0-25 exploit 2018-01-03 18:13:44 -06:00
dmohanty-r7 a5fa63405f Land #9206, Add Xplico RCE exploit module 2018-01-03 16:02:51 -06:00
Steve Embling 1161787cbd Removed comma in payload -> space 2018-01-02 12:28:20 +00:00
Brendan Coles c153788424 Remove sleeps 2017-12-30 15:20:56 +00:00
HD Moore ece5528379 Small tweaks based on @bcoles feedback. Thanks! 2017-12-29 16:17:53 -06:00
HD Moore 68f4d4480e Remove unused DefaultOptions block 2017-12-28 17:07:04 -06:00
HD Moore eb696ee5cf Documentation update 2017-12-28 16:30:04 -06:00
HD Moore ebe57b9e1d Updated exploit module for GoAhead LD_PRELOAD, mostly fire-and-forget 2017-12-28 16:21:04 -06:00
Steve Embling be8538152c Added net_snmpd_rw_access exploit, authenticated remote code execution on Net-SNMPD for Linux systems 2017-12-22 16:42:03 +00:00