adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

125 Commits

Author SHA1 Message Date
cgranleese-r7 40e6917b7f tests passing 2023-04-04 10:24:09 +01:00
Grant Willcox a756df5400 Add in missing RuboCop note sections 2022-04-19 16:40:57 -05:00
Brendan Coles 94ed9ae28b Modules: Prefer CVE references over cve.mitre.org URL references 2022-04-19 20:42:23 +00:00
sjanusz bbf9e3163a Fix file reads on Windows for binary files 2022-03-21 12:47:39 +00:00
h00die d5ba1afbec fix URLs not resolving 
fix URLs not resolving

add csv export to references

fix URLs not resolving

pdf not pd

missed a url change

remove extra recirectedfrom fields

remove extra file

fix ovftool url accidental replacement
 2022-02-16 17:22:40 -06:00
adfoster-r7 4a9a15e638 Run Rubocop layout rules on modules 2021-08-27 17:19:43 +01:00
dwelch-r7 7fbbe23426 Remove more requires that were missed before 2021-02-08 14:51:58 +00:00
Alan Foster e0ab259880 Remove < character from Archive_Tar exploit module 2021-01-29 11:20:50 +00:00
Grant Willcox 6e326d6a60 Fix up confusing variable name and a typo as pointed out during review 2021-01-19 09:25:56 -06:00
Grant Willcox 95d3bd98ac Do msftidy_docs and rubocop changes 2021-01-15 18:10:23 -06:00
Grant Willcox 2f0abe4900 Add in documentation and fix up small issues with module 2021-01-15 18:06:07 -06:00
Grant Willcox 65370a6b47 Initial module code 2021-01-15 16:20:06 -06:00
dwelch-r7 1617b3ec9b Use zeitwerk for lib/msf/core folder 2020-12-07 10:31:45 +00:00
Grant Willcox 2c391e9edc Fix up last of the module that had incorrect disclosure dates 2020-10-07 12:09:35 -05:00
Alan Foster 30809787c4 Convert disclosure dates to iso8601 2020-10-02 21:00:37 +01:00
bwatters 149566b30e Run rubocop 2020-09-02 17:14:30 -05:00
ggkitsas 62d3d9bc9a fix: reverts misuse of in zip_slip exploit 2020-09-01 21:49:55 +01:00
ggkitsas 788244150c Add support for zip generation in zip_slip exploit 2020-08-31 13:18:14 +01:00
Brent Cook 8489bcdfd9 This fixes broken links to the community.rapid7.com blog 
Performed mechanically with sed, spot-checked that the new blog can consume these links.
 2020-02-18 09:06:11 -06:00
Shelby Pace 644988750e change permission on payload 2019-09-12 07:43:54 -05:00
Wei Chen 8fe1f9d172 Rephrase 2019-09-10 12:12:46 -05:00
Wei Chen 2cd8125a40 Add zip skip 2019-09-09 12:00:53 -05:00
Shelby Pace 8fd5c1e0c1 remove PrependMigrate option 2019-08-19 13:12:54 -05:00
Load b0a531982e Adds default options 
- Changes target to Automatic
- Set default options instead of default target for options
- Adds links for the two vulnerabilities exploited by this module
- Removes unnecessary double encoding+eval
 2019-08-18 14:42:48 +02:00
Shelby Pace 409b3c9c4b using python payload for platform independence 2019-08-16 15:36:42 -05:00
Load 3838fc2164 Adds references to the next CVE 
This new CVE explains this exploit (global events are used)
 2019-08-16 12:59:23 +02:00
LoadLow c3b6e33f2e Adds suggested modifications 2019-08-03 06:10:11 +02:00
Load ce552ab88b Removes double quotes in libreoffice_logo_exec 
Co-Authored-By: Carter Brainerd <0xCB@protonmail.com>
 2019-08-03 05:52:12 +02:00
LoadLow 8e8e6a2cf7 Fixes indent 2019-07-31 00:14:08 +02:00
LoadLow 88f3ff9d59 Updates references 2019-07-31 00:00:30 +02:00
LoadLow 5f478b7fd6 Adds exploit module for CVE-2019-9848 
uses on dom-loaded event (triggered just after opening the document) and still working on 6.2.5
 2019-07-30 23:07:20 +02:00
William Vu e6300bfd63 Fix cmd_psh_payload requiring an arch string 
We may want to update Rex::Powershell to take the first in an array.
 2019-07-09 17:43:23 -05:00
William Vu 94994aa519 Update modules with RelatedModules and realign 2019-04-24 11:34:42 -05:00
William Vu 30b8625885 Update Ghostscript/ImageMagick modules 2019-04-23 16:31:40 -05:00
Shelby Pace 392078990c added x64 arch for targets 2019-04-17 08:29:58 -05:00
Shelby Pace 8dc8a18d2b added documentation and changes for module 2019-04-15 08:26:11 -05:00
Shelby Pace 391e7cf8ef adjusted font size and color 2019-04-12 14:01:29 -05:00
Shelby Pace d7f77fdcee getting session on linux 2019-04-12 14:01:29 -05:00
Shelby Pace 700562594c getting session on windows 2019-04-12 14:01:29 -05:00
Shelby Pace 4873b7c3e6 using a path for both Windows and Linux 2019-04-12 14:01:29 -05:00
Shelby Pace 9d0c045b0d added erb file and base for module 2019-04-12 14:01:29 -05:00
Brendan Coles 6f31b1a110 Change default payload to reverse_bash 2019-02-03 06:18:31 +00:00
Brendan Coles 9c3368f325 Add Evince CBT File Command Injection module 2019-02-03 05:38:56 +00:00
William Vu 90b9204703 Update DisclosureDate to ISO 8601 in my modules 
Basic msftidy fixer:

diff --git a/tools/dev/msftidy.rb b/tools/dev/msftidy.rb
index 9a21b9e398..e9ff2b21e5 100755
--- a/tools/dev/msftidy.rb
+++ b/tools/dev/msftidy.rb
@@ -442,6 +442,8 @@ class Msftidy
     # Check disclosure date format
     if @source =~ /["']DisclosureDate["'].*\=\>[\x0d\x20]*['\"](.+?)['\"]/
       d = $1  #Captured date
+      File.write(@full_filepath, @source.sub(d, Date.parse(d).to_s))
+      fixed('Probably updated traditional DisclosureDate to ISO 8601')
       # Flag if overall format is wrong
       if d =~ /^... (?:\d{1,2},? )?\d{4}$/
         # Flag if month format is wrong
 2018-11-16 12:18:28 -06:00
William Vu 7bc98e0ea8 Fix formatting and convert a missed AKA reference 2018-10-05 03:22:08 -05:00
William Vu 4c036e70c1 Fix http://seclists.org links to https:// 
I have no idea how this happened in my own code. I was seeing https://.
 2018-09-15 18:54:45 -05:00
William Vu b3cd4a89ad Move CVE ref to top as per ~standard~ 2018-09-07 14:33:25 -05:00
Adam Cammack 68ca771764 Add CVE reference to ghostscript_failed_restore.rb 2018-09-07 14:24:15 -05:00
William Vu 243267b2f5 Add Linux dropper target 2018-09-05 19:57:12 -05:00
William Vu 61044e8bca Refactor targets to align with current style 2018-09-05 19:56:32 -05:00