adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

2936 Commits

Author SHA1 Message Date
Pflegusch 887551bf2c Use UnexptectedReply instead of Unknown 2023-03-14 22:29:38 +01:00
Pflegusch 8db10af8c0 check if res is not nil in addition to res.code 2023-03-14 22:28:52 +01:00
Pflegusch dff139d6d7 remove fail_with in check_connection as suggested 2023-03-14 22:24:08 +01:00
Pflegusch 2ce3aeed2b Add CONFIG_CHANGES to the side effects 2023-03-14 22:16:10 +01:00
Pflegusch c0ee250b6b Add some more URL references 2023-03-14 22:14:16 +01:00
Pflegusch cfaad7fb84 prepend AutoCheck 2023-03-14 22:10:44 +01:00
Pflegusch 9e64f02742 Use default values in option declaration instead of DefaultOptions 2023-03-14 22:08:05 +01:00
Pflegusch ac6e94770e use Failure::Unreachable and use unless instead of if/else 2023-03-14 22:03:31 +01:00
Pflegusch 311314984f Remove base64 requirement 2023-03-14 21:47:29 +01:00
Pflegusch cc4e455530 Remove directory datastore option and make username and password required 2023-03-14 21:46:45 +01:00
space-r7 1eeaff255e make username / password opts required 2023-03-13 16:45:48 -05:00
space-r7 4bb843fe70 add documentation, adjust method of getting ids 2023-03-13 15:31:41 -05:00
space-r7 4eef052fcd add usage of linux cmdstager, cleanup, description 2023-03-13 13:24:15 -05:00
h00die-gr3y 07d7248de8 initial module commit 2023-03-13 13:32:14 +00:00
Pflegusch 94e9504727 Use metasploit payload instead of hardcoded one 2023-03-11 14:47:32 +01:00
Pflegusch 3f7f28dd4f make use of full_uri and change regex 2023-03-11 14:25:04 +01:00
space-r7 2fbc80a44f add base cmdstager support for windows target 2023-03-09 16:24:12 -06:00
Pflegusch 38511f4d89 Rename establish_connection function 2023-03-09 17:06:07 +01:00
Pflegusch e66fd8f5ae Use rand_text_alphanumeric function 2023-03-09 17:03:48 +01:00
Pflegusch 69839d1924 Remove get_proxy_protocol function 2023-03-09 17:02:10 +01:00
Pflegusch 614f4b6d89 Make installation path of owa configurable 2023-03-09 16:32:28 +01:00
h00die-gr3y fc711131a2 added MIME, added break in mixin and added link with installation instructions 2023-03-09 09:28:46 -06:00
Grant Willcox deafceed00 Update documentation, library, and Gemspec from review 2023-03-09 09:28:27 -06:00
h00die-gr3y d3f84af790 Included mixin for PHP code injection at PNGs 2023-03-09 09:28:14 -06:00
h00die-gr3y dc8ebb722a Added support for native PHP payloads and reengineered webshells 2023-03-09 09:28:03 -06:00
Pflegusch 2de53712bd Use Rex::Version for version comparison 2023-03-09 15:59:42 +01:00
Pflegusch 94ceeb075a Redirect is not necessary - replace with simple send_request_cgi request 2023-03-09 15:41:15 +01:00
Pflegusch ee95eb2883 fix typo: establish_connection 2023-03-09 15:09:32 +01:00
Pflegusch 14b5c08a62 Fix the double slash in the shell url 2023-03-09 14:28:15 +01:00
Pflegusch d59175a463 make it work for https and http and remove the tmp self signed cert bypass 2023-03-09 13:58:56 +01:00
Pflegusch f0dbf54c69 use fail_with in get_cache_content function 2023-03-09 11:04:00 +01:00
Pflegusch 7068d4c3f1 remove LPORT, RPORT and SSL from DefaultOptions 2023-03-09 11:03:24 +01:00
space-r7 c69b5c9363 add creation of projects and multiple commits 2023-03-08 17:46:25 -06:00
Pflegusch 76b05a7092 Change DisclosureDate according to nvd.nist.gov 2023-03-08 21:52:13 +01:00
Pflegusch b37be28191 Working module open web analytics 1.7.3 rce 2023-03-08 21:30:52 +01:00
space-r7 99fb35fe84 refs/heads instead of refs/head 2023-03-03 17:24:39 -06:00
Spencer McIntyre a418bd9c65 Land #17638, Lucee Scheduled Job RCE 2023-03-02 08:57:19 -05:00
Spencer McIntyre 3fabcc3421 Use coldfusion to decode base64 data 
This means we don't need to rely on base64 being in the path. Also
invoke ARCH_CMD payloads on Windows through cmd.exe and not
powershell.exe.
 2023-02-28 17:32:56 -05:00
Spencer McIntyre c8aa491378 Fail with Unreachable when res is nil 2023-02-28 17:05:59 -05:00
Spencer McIntyre a916163b49 Cleanup files and fixup messages 2023-02-28 16:41:57 -05:00
JBince 8b03f2fda8 Reworked payload execution logic 2023-02-27 11:09:34 -06:00
Imran E. Dawoodjee 3f1119c69e Attempt fix for NoMethodError when exploiting 2023-02-26 22:02:08 +08:00
JBince 75fb5e883d Exploit update based on feedback 2023-02-19 09:16:56 -06:00
space-r7 871c9c57f3 add logic to retrieve email address 2023-02-17 14:13:29 -06:00
JBince ce9933fc4c Feedback changes + rubocop & msftidy changes 2023-02-17 08:16:49 -06:00
space-r7 197124dd76 add Git usage, repository creation 2023-02-16 17:38:02 -06:00
JBince a3a6ae9c4a feedback fixes 2023-02-16 14:33:03 -06:00
Spencer McIntyre ac9d60ce9e Land #17281, Added module for CVE-2022-2992 
Added module for CVE-2022-2992 - Gitlab Remote Command Execution via Github import
 2023-02-14 16:57:29 -05:00
space-r7 78ae5f49ce add gitlab prefix back to methods 2023-02-14 15:26:01 -06:00
space-r7 304b90ecc8 split mixins between forms and v4 api used 2023-02-14 12:37:43 -06:00