adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

1489 Commits

Author SHA1 Message Date
bwatters a7d99ebbfc Land # 15611, ProxyShell Improvements 
Merge branch 'land-15611' into upstream-master
 2021-09-07 11:47:13 -05:00
Jack Heysel 99352ad107 Move methods from lfs.rb, fix fail_with types 2021-09-03 16:17:35 -05:00
jheysel-r7 93aea73939 Update modules/exploits/windows/http/git_lfs_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-09-03 16:17:35 -05:00
Jack Heysel 5294c714aa Fix spacing 2021-09-03 16:17:35 -05:00
Jack Heysel f9c4c35431 Update the target_suitable? method 2021-09-03 16:17:35 -05:00
Jack Heysel ba64dce5b7 Rubocop offenses 2021-09-03 16:17:30 -05:00
Jack Heysel 3c43bd409d Added docs an Git User-Agent FP 2021-09-03 16:15:39 -05:00
Jack Heysel 514a37ef2f Removed unecessary gem file + rubocop 2021-09-03 16:15:39 -05:00
Jack Heysel 21d99a74fb beta commit 2021-09-03 16:15:38 -05:00
Spencer McIntyre 33da289a9c Print stderr when it's not blank 2021-08-31 09:18:11 -04:00
Spencer McIntyre 95015f0c2b Update the ProxyShell module docs 2021-08-27 17:50:28 -04:00
Spencer McIntyre 425dcf1f81 Cleanup and refactor the exploit logic 2021-08-27 17:26:40 -04:00
Spencer McIntyre 965dec43ae Delete the draft email 2021-08-27 16:59:17 -04:00
Spencer McIntyre 0b3b0aab7d Fix the UNC path conversion regex 2021-08-27 15:56:58 -04:00
Spencer McIntyre 5e32ca9f56 Improve error checks and dont use whoami 2021-08-27 15:52:34 -04:00
Spencer McIntyre c4cf99795e Remove the requirement on knowing an email address 2021-08-27 15:34:51 -04:00
Spencer McIntyre 845c01f27f Store the enumerated mailbox email addresses 2021-08-27 15:07:13 -04:00
Spencer McIntyre 6c01a0dbea Work off of the system mailbox 2021-08-27 14:32:26 -04:00
adfoster-r7 4a9a15e638 Run Rubocop layout rules on modules 2021-08-27 17:19:43 +01:00
Spencer McIntyre d5fdcb8fcb Add the plumbing to enumerate email addresses 2021-08-27 11:44:27 -04:00
William Vu 0a06730802 Update contributors 2021-08-19 10:30:21 -05:00
Spencer McIntyre 84f8c44e69 Write to the targeted backend server 2021-08-18 12:34:40 -04:00
Spencer McIntyre 75e63992d6 Write an exploit for ProxyShell 2021-08-18 10:50:34 -04:00
William Vu 6fbaecf919 Backport print changes to recent modules 2021-07-08 21:26:35 -05:00
Grant Willcox 62f9d15ba3 Land #15314, Add Exploit for CVE-2021-31181 (SharePoint RCE) 2021-06-16 10:39:49 -05:00
Spencer McIntyre d1be69eae6 Implement changes based on PR feedback 2021-06-14 10:15:27 -04:00
Spencer McIntyre edee95bbb2 Update the check to not fail if a COOKIE is used 2021-06-10 11:29:07 -04:00
agalway-r7 1858b574ec Land #15305, Authenticated RCE module for NSClient++ 2021-06-09 15:38:34 +01:00
Yann Castel c7b7b871c9 missing variable e for rescue 2021-06-09 11:13:39 +02:00
Yann Castel 674eb51f86 add scenario + small changes 2021-06-09 08:59:35 +02:00
Spencer McIntyre 3afe3ebfa3 Add the module docs 2021-06-08 15:23:24 -04:00
Spencer McIntyre 325ecfedff Add some error handling while extracting the key 2021-06-08 14:58:58 -04:00
Hakyac dc40cddb04 Update modules/exploits/windows/http/nscp_authenticated_rce.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2021-06-08 16:38:01 +02:00
Hakyac d2bf8ae912 Update modules/exploits/windows/http/nscp_authenticated_rce.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2021-06-08 16:34:40 +02:00
Yann Castel 2df710158e conflict fixed 2021-06-08 15:29:38 +02:00
Yann Castel 31515faccb various changes 2021-06-08 15:26:50 +02:00
Hakyac ce0c699213 Update modules/exploits/windows/http/nscp_authenticated_rce.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2021-06-08 15:11:25 +02:00
Hakyac 1f2f04b0d0 Update modules/exploits/windows/http/nscp_authenticated_rce.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2021-06-08 15:10:08 +02:00
Yann Castel cf5848ab3e add comment for second token generation 2021-06-08 14:31:03 +02:00
Hakyac 9e0b7cb171 Update modules/exploits/windows/http/nscp_authenticated_rce.rb 
Co-authored-by: agalway-r7 <agalway@rapid7.com>
 2021-06-08 14:21:04 +02:00
Hakyac 21bfa629d0 Update modules/exploits/windows/http/nscp_authenticated_rce.rb 
Co-authored-by: agalway-r7 <agalway@rapid7.com>
 2021-06-08 14:20:52 +02:00
Hakyac 38c63a6966 Update modules/exploits/windows/http/nscp_authenticated_rce.rb 
Co-authored-by: agalway-r7 <agalway@rapid7.com>
 2021-06-08 14:20:32 +02:00
Yann Castel e9305dc622 rubocop ok 2021-06-08 09:32:51 +02:00
Spencer McIntyre 64077e1395 Add and use a new sharepoint mixin 2021-06-07 15:25:07 -04:00
Spencer McIntyre 8cc220ccbc Initial commit of CVE-2021-31181 2021-06-07 13:37:28 -04:00
Yann Castel bf96b88446 add default port + set ssl to true 2021-06-07 16:48:16 +02:00
Yann Castel 212039fa6b rubocop ok 2021-06-07 16:30:42 +02:00
Yann Castel 6a7e30749d initial commit 2021-06-07 14:39:10 +02:00
William Vu 6498554084 Clean up NetMotion Mobility exploit and docs 
Refactor target selection once again.
 2021-06-02 23:47:01 -05:00
William Vu aad4ea8e09 Add check 
Thanks to @adfoster-r7 for the round of golf!
 2021-05-17 13:58:03 -05:00