adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

441 Commits

Author SHA1 Message Date
bcoles f6725dfc4e feedback_assistant_root: Check if OSX version is blank in check method 2023-04-28 19:52:15 +10:00
Jack Heysel f4ad778bd0 Added missing session types 2023-02-02 13:29:43 -05:00
Jack Heysel af2ef53462 Land #17415, macOS dirty cow priv esc 2023-02-02 12:15:19 -05:00
bcoles 6f4a17230d exploits/osx/local/vmware_fusion_lpe: Add notes 2023-02-02 18:46:08 +11:00
bcoles ef87a63bde modules: Check datastore ForceExploit before checking if session is root 2023-02-02 18:17:02 +11:00
Jack Heysel 3c7cbf62e6 Updated default payload 2023-02-01 16:56:28 -05:00
timwr ce260f53f3 Add CVE-2022-46689 macOS dirty cow 2022-12-28 22:46:08 +07:00
Shelby Pace 0596620de7 Update modules/exploits/osx/local/acronis_trueimage_xpc_privesc.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2022-12-13 09:49:59 -06:00
space-r7 13a557013c support 2021 version of software 
specifically, the exploit will now search
for com.acronis.helpertool in addtion to the
2020 helper tool name. This also updates the
check() method to return CheckCode::Detected
for when we find the vulnerable service but
can't detect the build number
 2022-12-12 15:53:35 -06:00
space-r7 9c7355388c add attackerkb link 2022-12-06 11:19:05 -06:00
space-r7 162b0daf3b add new options and usage of pre-compiled exploit 
also updates documentation with new option
descriptions
 2022-11-17 17:20:41 -06:00
space-r7 ea486169b4 use erb template for objective-c code 2022-11-17 11:55:19 -06:00
Shelby Pace f8dff82a78 Update modules/exploits/osx/local/acronis_trueimage_xpc_privesc.rb 
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com>
 2022-11-17 10:29:49 -06:00
space-r7 486e469682 add new reference 2022-11-16 10:32:08 -06:00
space-r7 383e121f20 add FileDropper usage and module description 2022-11-15 12:37:39 -06:00
space-r7 e0c693c5a8 add objective-c code and pid code 2022-11-14 17:57:39 -06:00
space-r7 8e59cac3a8 add check and exploit methods 2022-11-11 17:56:13 -06:00
space-r7 a43bfc9292 use safari version with specific cve 2022-04-05 10:31:51 -05:00
space-r7 4c8c32b3ff set file header to Contents dir, check safari vers 2022-04-05 10:16:59 -05:00
space-r7 e9e1e26def add support for CVE-2022-22616, update docs 2022-04-01 17:50:33 -05:00
Ashley Donaldson 9445c7824d Fix bug in safari file policy module: don't stop the service; just dereference it, and trust the service manager 2022-03-10 09:07:11 +11:00
Tim W 4e5cd8693d add notes section to placate msftidy 2022-02-16 11:48:55 +00:00
Tim W 480c44e9cb refactor DEBUG_EXPLOIT code into mixin 2022-02-16 11:38:04 +00:00
adfoster-r7 059e39a6f0 Specify meterpreter compatibility command requirements 2021-09-08 22:59:25 +01:00
adfoster-r7 4a9a15e638 Run Rubocop layout rules on modules 2021-08-27 17:19:43 +01:00
cgranleese-r7 56510a2e8e Updates some notes on modules that weren't passing tests due to new rubocop rule 2021-07-28 16:20:02 +01:00
Tim W 4192e175d2 fix osx-app exe attributes 2021-05-06 18:20:32 +01:00
Tim W f2f631aef0 fix metadata 2021-05-04 20:55:17 +01:00
Tim W 92a5a56d41 refactor check_useragent 2021-04-28 14:41:17 +01:00
Tim W bba6a230b7 add macOS gatekeeper bypass exploit 2021-04-26 22:59:14 +01:00
dwelch-r7 319f15d938 Handle nil versions for rubygems 4 2021-02-25 16:47:49 +00:00
Alan Foster b06c5c12aa Rubocop recently landed modules continued 2021-02-25 14:13:40 +00:00
agalway-r7 8a339f54c1 Land #14734, updates and runs rubocop against recent modules 
Rubocop recently landed modules
 2021-02-19 13:48:47 +00:00
agalway-r7 275e9c5454 Land #14696, Further Zeitwerk lands to improve boot speed 
Zeitwerk rex folder
 2021-02-19 10:33:37 +00:00
Alan Foster 5b3fde7735 Rubocop recently landed modules 2021-02-16 15:08:08 +00:00
Brendan Coles a1c316c679 msftidy: Fix exploit module checks for author and stack buffer overflow 2021-02-13 04:10:13 +00:00
Brendan Coles 9cbf25347e Land #14708, safari_proxy_object_type_confusion: Add offsets: 10.13.1 + 10.13.2 
Add offsets for OSX 10.13.1 and 10.13.2
 2021-02-11 13:17:53 +00:00
Tim W 40dd113d3b fix whitespace 2021-02-11 12:43:47 +00:00
dwelch-r7 7fbbe23426 Remove more requires that were missed before 2021-02-08 14:51:58 +00:00
cgranleese-r7 3a2932b798 Migrate old uses of manual autocheck to use the new prepend autocheck 2021-02-02 10:15:46 +00:00
Tim W 800a1cf5be add more offsets for safari_proxy_object_type_confusion 2021-01-29 12:23:13 +00:00
Brendan Coles b5d746cc44 msftidy: Add check for module description 2021-01-22 23:29:16 +00:00
dwelch-r7 1617b3ec9b Use zeitwerk for lib/msf/core folder 2020-12-07 10:31:45 +00:00
Alan Foster 30809787c4 Convert disclosure dates to iso8601 2020-10-02 21:00:37 +01:00
bwatters e24a81919a Land #13996, Add module for CVE-2020-9801, CVE-2020-9850 and CVE-2020-9856, 
RCE for Safari on macOS 10.15.3 (pwn2own2020)

Merge branch 'land-13996' into upstream-master
 2020-10-01 09:46:39 -05:00
Tim W 7b1f5c1728 add documentation 2020-09-04 17:42:30 +08:00
Tim W be2fe15116 fix pdfpath and uripath 2020-09-04 16:09:40 +08:00
Tim W 9150f0bc3a move int64.js and utils.js to javascript_utils folder 2020-09-01 16:14:31 +08:00
Tim W 806455abbc fix 2020-08-27 19:36:45 +08:00
Tim W 33fa4d1424 dynamic offsets 2020-08-27 19:36:45 +08:00