adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

33 Commits

Author SHA1 Message Date
William Vu a6f7c0c0de Backport miscellaneous fixes to my modules 2020-08-14 13:40:23 -05:00
Alan Foster b841246536 Update autocheck to use prepend instead of include, add ForceExploit functionality 2020-06-30 11:40:46 +01:00
William Vu 823c29a127 Update post-RuboCop style in my recent modules 
Mostly 80 columns (yeah, I know) and additional whitespace to complement
the lack of alignment.
 2020-04-22 10:52:00 -05:00
William Vu 7fe0d4ddad Add another blank line 2020-04-17 11:05:01 -05:00
William Vu 4952ec3e5b Fix RuboCop's mistakes in recently landed modules 2020-04-17 10:21:17 -05:00
Alan Foster f2c3fc5f00 Rubocop recently landed modules 2020-04-17 11:55:04 +01:00
William Vu a73a542399 Add a comment to appease the @gwillcox-r7 god 2020-04-14 23:10:28 -05:00
William Vu c02f74637f Update print and comments 2020-04-14 23:06:38 -05:00
William Vu 0dedf9225e s/for/of/ 2020-04-14 22:56:09 -05:00
William Vu c95823d71d Comment convenience method 2020-04-14 22:07:13 -05:00
William Vu 8f4aa7b761 Comment more comments 2020-04-14 22:04:25 -05:00
William Vu 99c5912cc7 Comment another comment and move stuff around 2020-04-14 21:59:43 -05:00
William Vu b9382230f6 Comment my comments to myself 2020-04-14 21:41:51 -05:00
William Vu c9c3f87203 Note tested version in module 2020-04-14 14:01:59 -05:00
William Vu 5fbaf87c96 Move ClassLoader to HTTP::ClassLoader 
Also note the SSL workaround.
 2020-04-14 14:01:18 -05:00
William Vu 9b59a8e194 Be more verbose and validate classloader server 2020-04-14 14:01:18 -05:00
William Vu 06f54765c3 Remove res.code == 200 check again 
It really isn't necessary when we're looking for just the header.
 2020-04-14 14:01:18 -05:00
William Vu 6f77f27ed5 Move deregister_options from module to mixin 
Whoops, forgot this.
 2020-04-14 14:01:18 -05:00
William Vu c21bb7e9dd Bump a CheckCode to Detected 
We get the Liferay-Portal header.
 2020-04-14 14:01:18 -05:00
William Vu 69e1714d9a Don't be lazy anymore and pack lengths as shorts 2020-04-14 14:01:18 -05:00
William Vu db15baa257 Rename to Msf::Exploit::Remote::Java::ClassLoader 2020-04-14 14:01:18 -05:00
William Vu 673e13d8cb Unzero the lengths I zeroed so it works 2020-04-14 14:01:18 -05:00
William Vu 950a0d57db Fix bad regex in Liferay module, too, duh 2020-04-14 14:01:18 -05:00
William Vu d7cf08d5f3 Convert Java classloading code into a mixin 2020-04-14 14:01:18 -05:00
William Vu d920bb4615 Fix bad regex on length of "Metasploit" string 
It won't match a char because it's a newline. While sticking "m" on the
end of the regex would work, there is zero reason we can't hardcode the
length, since the string is fixed.

irb(main):001:0> "\nhi" =~ /.hi/
=> nil
irb(main):002:0> "\nhi" =~ /.hi/m
=> 0
irb(main):003:0>
 2020-04-14 14:01:17 -05:00
William Vu 83d5a673ac Rename exploit_class to constructor_class 2020-04-14 14:01:17 -05:00
William Vu a98215d27e Relax regex in case of Enterprise Edition (EE) 
I don't know what the regex would be, since I don't have EE.
 2020-04-14 14:01:17 -05:00
William Vu 5e65bb2a6a Document remote classloading files 2020-04-14 14:01:17 -05:00
William Vu 96242a99a1 Document the magic 2020-04-14 14:01:17 -05:00
William Vu d220c1045e Refactor check for precision 2020-04-14 14:01:17 -05:00
William Vu 8297f77d0a Update vuln discoverer to Markus Wulftange 
Wasn't in the original blog post, but it's in the vendor advisory.
 2020-04-14 14:01:17 -05:00
William Vu c475ddac52 Add vendor advisory to references 2020-04-14 14:01:17 -05:00
William Vu 0c8ee27613 Add Liferay Portal Java Unmarshalling RCE 2020-04-14 14:01:17 -05:00