adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

1489 Commits

Author SHA1 Message Date
William Vu 0806e9ef42 Add CmdStager target back in so we can debug it 2020-03-13 11:17:37 -05:00
William Vu 4f6720f962 Add TARGETURI back in 2020-03-13 11:05:14 -05:00
William Vu 83387212a7 Update language to address different patches 2020-03-12 17:50:13 -05:00
William Vu 0b117849d0 Note specific patch versions 
Hat tip @sranjit-r7.
 2020-03-12 17:40:46 -05:00
William Vu a908ceb58a Add ManageEngine Desktop Central exploit 2020-03-12 17:36:53 -05:00
Christophe De La Fuente f7d8c43722 Land #13040, SQL Server Reporting Services ViewState deserialization RCE 2020-03-12 18:26:01 +01:00
Spencer McIntyre f3d38e147d Replace another use with the target type 2020-03-09 11:43:26 -04:00
Spencer McIntyre b148e9da30 Land #13042, use VHOST when creating the full URI 2020-03-09 10:40:03 -04:00
Brent Cook b19ed20d0a Land #12990, Add initial rubocop rules to consistently format modules 2020-03-09 09:24:46 -05:00
Spencer McIntyre 9bd6fb9e76 Update cve-2020-0618 based on feedback 2020-03-09 09:18:44 -04:00
t0-n1 fe8cd52c9d Use VHOST instead of RHOST 
The 'vhost_uri: true' enables the successfully exploitation of this vulnerability in environments where you can't use an IP address (RHOST) to access the OWA web page.
 2020-03-07 10:43:51 +01:00
Spencer McIntyre 4c004d51a7 Add an exploit for CVE-2020-0618 2020-03-06 16:21:37 -05:00
Alan Foster 3a046f01da Run rubocop -a on subset of files 2020-03-06 10:41:45 +00:00
dwelch-r7 4fe7678b01 Land #12910, Add exploit module for apache activemq traversal 2020-03-05 15:05:13 +00:00
dwelch-r7 c7ca43b585 reformat date to iso standard 2020-03-05 15:03:05 +00:00
kalba-security 633899402c Split up description 2020-03-04 17:02:34 +02:00
kalba-security a87a1ae1b4 Split up description 2020-03-04 16:57:36 +02:00
William Vu ba924b3047 Land #13014, Exchange ECP ViewState exploit 2020-03-03 17:23:17 -06:00
William Vu 4759f7d39d Check for nil res 2020-03-03 17:17:28 -06:00
William Vu 573b8302ec Fix missing var and change default target 2020-03-03 17:15:19 -06:00
Spencer McIntyre a4feaec188 Implement a check method for cve-2020-0688 2020-03-03 14:22:27 -05:00
kalba-security cd6c01ae9d Add suggestions from code review. 2020-03-03 20:17:13 +02:00
Spencer McIntyre 5574eaa591 Make a new .NET serialization lib 2020-03-03 10:41:59 -05:00
Spencer McIntyre 167f1027c4 Address initial PR feedback 2020-03-02 12:21:24 -05:00
Spencer McIntyre b3867dc200 Finish up the cve-2020-0688 module 2020-03-02 10:51:25 -05:00
Spencer McIntyre 203b2486ae Commit some work on the module for a milestone 2020-03-01 11:07:32 -05:00
Spencer McIntyre 29608d13bf Save some work before changing context 2020-02-28 08:30:59 -05:00
Spencer McIntyre c9d9d3af29 Figured out how to generate the viewstate 2020-02-27 21:57:08 -05:00
Alan Foster af9d2a28de Fix msftidy warnings 2020-02-26 14:56:08 +00:00
Brent Cook 8489bcdfd9 This fixes broken links to the community.rapid7.com blog 
Performed mechanically with sed, spot-checked that the new blog can consume these links.
 2020-02-18 09:06:11 -06:00
kalba-security 2360b0e2ff clean up module using msftidy 2020-02-04 13:14:03 +02:00
kalba-security 20386f1aa4 Add apache_activemq_traversal_upload module and documentation 2020-02-04 12:01:41 +02:00
Brendan Coles 326fd26219 Check for nil response due to connection failure 2020-01-05 21:39:34 +00:00
dwelch-r7 951fd7b93e Replace double quotes with single quotes 2019-10-08 11:44:41 +01:00
dwelch-r7 25937c9e35 Use uri param and clean up logging 2019-10-07 17:15:04 +01:00
dwelch-r7 4eb068c9b0 Update target 2019-10-07 15:25:27 +01:00
dwelch-r7 02376c88fe Use httpclient over tcpclient 2019-10-07 15:20:30 +01:00
dwelch-r7 b723d026ab Address code review comments 
Use strings in info hash, port is an integer, remove version number from
name
 2019-10-06 15:27:29 +01:00
dwelch-r7 06661df510 Make rubocop happy 2019-10-04 15:12:51 +01:00
dwelch-r7 938c3a0e76 Add module docs 2019-10-03 23:22:21 +01:00
dwelch-r7 e13463eb7c remove default exit func 2019-10-03 16:24:29 +01:00
dwelch-r7 c8c4d8ad77 Add new bad char 2019-10-03 15:46:26 +01:00
dwelch-r7 20d21b45de Move module location 2019-10-02 16:08:54 +01:00
holdonasec fc82d508d8 remove weird loop 2019-09-11 15:17:06 -04:00
William Vu 32334c2386 Update all module splats from http:// to https:// 2019-08-15 18:10:44 -05:00
Adam Cammack cf9b94a964 Set needs_cleanup flag for exploits that need it 
The `needs_cleanup` flag needs to be set per-module when an exploit
needs an interactive session to clean up. Some `FileDropper` exploits
need additional cleanup to what the mixin provides, but since all
`FileDropper`s already mark themselves as needing cleanup those are not
covered here. A few of these could potentially be refactored to use the
original exploitation method to clean up or to compile the list of
files/commands to clean up ahead of time, but that is out of the scope
of this fix.
 2019-08-02 10:23:53 -05:00
Adam Cammack 5e64f8560a Fix whitespace 2019-08-02 10:23:41 -05:00
Jacob Robles bbf0cb4d9d Land #11653, Apache Tika CVE-2018-1335 RCE 2019-08-01 17:43:57 -05:00
h00die 060183c034 tika 1.15-1.17 2019-07-30 16:55:06 -04:00
h00die f053768801 restrict tika versions 2019-07-30 07:32:30 -04:00