adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

1489 Commits

Author SHA1 Message Date
Grant Willcox 2e45962cc0 Change gsub! to gsub so that we don't end up with nil errors when a match isn't found 2021-03-08 15:11:58 -06:00
Berkan f9ac1acabc Target check code part has been improved. 2021-03-06 23:46:55 +03:00
Grant Willcox 02e89947c7 Update check method to fix an incorrect check code, change from Appears to Detected 2021-03-05 11:16:24 -06:00
Grant Willcox 2b488800e6 Update the check method to eliminate potential false positives by searching for the presence of three strings that together should only be returned by HPE SIM web servers. 2021-03-05 11:14:30 -06:00
Grant Willcox 59d7288773 RuboCop module and fix small spelling mistake in documentation 2021-03-04 18:48:19 -06:00
Grant Willcox f193caa48e Also make sure that the default option is to use Windows Powershell since this supports Meterpreter and is generally a lot more reliable 2021-03-04 18:40:21 -06:00
Grant Willcox d739bf7809 Fix up payload_template_adjustments function to use a simpler loop like structure as per space-r7 
's recommendations
 2021-03-04 18:34:45 -06:00
Grant Willcox 306e1979af First round of code adjustments per review comments 2021-03-04 12:38:11 -06:00
Berkan 1917d9620a Some exception code parts have fixed. 2021-03-04 20:47:52 +03:00
Grant Willcox 3ef8fcd996 Update module to fix an extra print statement and write documentation 2021-03-03 10:14:41 -06:00
Grant Willcox f327d30e08 First attempt at CVE-2020-7200 module, with RuboCopped module 2021-03-02 16:38:19 -06:00
dwelch-r7 dc8fea2063 remove require 'faker' since we globally autoload it now 2021-03-02 13:59:32 +00:00
Berkan 45bfe40803 Refactored some code parts as mentioned. 2021-03-02 15:05:15 +03:00
Berkan 20f085fcaa Update fortilogger_arbitrary_fileupload.rb 2021-03-01 21:00:05 +03:00
Berkan bfecc5bf91 Update fortilogger_arbitrary_fileupload.rb 2021-03-01 20:53:27 +03:00
Berkan 97f6cac240 Update fortilogger_arbitrary_fileupload.rb 2021-03-01 20:42:28 +03:00
erberkan d3338e7380 fortilogger_arbitrary_fileupload 2021-03-01 19:30:39 +03:00
erberkan 648489cfe5 fortilogger_arbitrary_fileupdate 2021-03-01 17:55:55 +03:00
Brendan Coles f89d67df19 dup_scout_enterprise_login_bof: Add v9.9.14 target and auto targeting 2021-02-25 17:14:25 +00:00
Brendan Coles 1f00ad011c dupscts_bof: Add additional targets and auto targeting 2021-02-25 17:12:27 +00:00
dwelch-r7 319f15d938 Handle nil versions for rubygems 4 2021-02-25 16:47:49 +00:00
Alan Foster b06c5c12aa Rubocop recently landed modules continued 2021-02-25 14:13:40 +00:00
Jeffrey Martin 158dd89e53 guard when spawn is used with TcpServer mixin 
added locations where the `super` from TcpServer could cause
deadlock waiting for a timeout when a thread is spawned
and fails to trigger the target make a request.
 2021-02-18 10:42:56 -06:00
Alan Foster 5b3fde7735 Rubocop recently landed modules 2021-02-16 15:08:08 +00:00
Christophe De La Fuente 88eaf97e79 Land #14607, Updates for Exchange ECP DLP Policy Exploit 2021-02-11 15:15:34 +01:00
Spencer McIntyre 1f5f086c5e Updates for the Exchange ECP DLP Policy RCE module to randomize data 2021-02-10 15:00:39 -05:00
cgranleese-r7 3a2932b798 Migrate old uses of manual autocheck to use the new prepend autocheck 2021-02-02 10:15:46 +00:00
Julien Bedel b9800b087f Change notification name 
From "Exploit" to a random alphanumeric String in order to make it less fingerprintable.

Co-authored-by: acammack-r7 <adam_cammack@rapid7.com>
 2021-01-21 18:32:05 +01:00
JulienBedel 14f24b258d Add PRTG Network Monitor RCE (CVE-2018-9276) 2021-01-18 12:01:44 +01:00
Spencer McIntyre f5b5624b81 Update Exchange DLP check method, add authors and a source 2021-01-12 18:00:27 -05:00
Spencer McIntyre 652e4eaf60 Update the exchange ECP DLP Policy exploit for the latest bypass 2021-01-12 17:45:09 -05:00
Spencer McIntyre 367c5e747f Land #14470, Fix ssi template for some sharepoint versions 2020-12-09 16:23:34 -05:00
adfoster-r7 85a9accbee Land #14202, Add initial zeitwerk autoloader approach for lib/msf/core 2020-12-08 12:53:02 +00:00
Shelby Pace 8e1cab0131 Land #14339, add flexdotnetcms rce 2020-12-07 14:28:01 -06:00
Shelby Pace cd900a0507 fix comment 2020-12-07 14:27:07 -06:00
S3cur3Th1ssh1t 6c1ac7f9a2 Fix ssi template for some sharepoint versions 2020-12-07 14:34:09 +01:00
dwelch-r7 1617b3ec9b Use zeitwerk for lib/msf/core folder 2020-12-07 10:31:45 +00:00
kalba-security 9417266d21 replace Checkcode:Unknown with Detected in check(), skip cleanup unless required 2020-11-23 08:17:44 -05:00
William Vu d3f16c7061 Land #14361, COOKIE for sharepoint_ssi_viewstate 2020-11-18 15:55:19 -06:00
chmod750 5ec0556abd Update modules/exploits/windows/http/sharepoint_ssi_viewstate.rb 
CamelCase update

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>
 2020-11-06 23:26:40 +01:00
chmod750 7a968fcd39 Update modules/exploits/windows/http/sharepoint_ssi_viewstate.rb 
CamelCase update

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>
 2020-11-06 23:20:12 +01:00
chmod750 22b0fae73c Update sharepoint_ssi_viewstate.rb 2020-11-06 16:40:16 +01:00
chmod750 8356b44892 Add cookie header functionnality 2020-11-06 16:16:59 +01:00
Alan Foster 5b438fd933 Preference target values when registering options 2020-11-05 23:16:37 +00:00
kalba-security 31237258e5 Add Rubocop changes 2020-11-05 07:27:51 -05:00
kalba-security 0a9589166f Add CVE ID 2020-11-05 06:55:37 -05:00
kalba-security ea70c15b56 Implement suggestions from code review 2020-11-04 09:49:27 -05:00
kalba-security 8aceea1872 Add flexdotnetcms_upload_exec module and docs 2020-11-03 09:50:28 -05:00
William Vu e4fb76d74f Add version check to exchange_ecp_dlp_policy 
And update modules/exploits/windows/http/sharepoint_ssi_viewstate.rb.
 2020-10-20 14:32:43 -05:00
William Vu 3970b69734 Land #14229, Telerik UI for ASP.NET AJAX exploit 
CVE-2017-11317 && CVE-2019-18935
 2020-10-20 13:24:35 -05:00