adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

1489 Commits

Author SHA1 Message Date
Spencer McIntyre b58ed7f909 Update the Telerik RAU module metadata and add the TARGETURI option 2020-10-20 13:48:59 -04:00
Spencer McIntyre 57aef4367c Adjust the exploit timeout and set the default RPORT for Telerik RAU 2020-10-19 19:31:14 -04:00
William Vu 253928570b Update module doc 2020-10-19 11:18:00 -05:00
Spencer McIntyre a05f8a721b Print what the web.config loot path is 2020-10-19 10:27:41 -04:00
William Vu 4cb08f7426 Address outstanding issues 2020-10-15 13:24:08 -05:00
William Vu 1a341ae931 Add SharePoint SSI and ViewState RCE 
CVE-2020-16952
 2020-10-14 17:45:15 -05:00
Grant Willcox 443f26410e Fix up disclosure date 2020-10-08 15:30:56 -05:00
Spencer McIntyre 99bd146428 Fix version-related logic for the Telerik RAU module 2020-10-07 15:03:11 -04:00
Spencer McIntyre fb569a24ee Add module documentation for Telerik RAU Deserialization 2020-10-07 13:40:10 -04:00
Grant Willcox a2675c13e8 Land #14213, Add disclosure date rubocop linting rule - enforce iso8601 disclosure dates 2020-10-07 12:09:59 -05:00
Spencer McIntyre 2edf0390f7 Apply rubocop fixes 2020-10-07 11:11:25 -04:00
Spencer McIntyre adfc8f89c4 Implement version enumeration and report CVE-2017-11317 for Telerik 2020-10-07 10:27:50 -04:00
Spencer McIntyre efc8485c86 Fill out module metadata and improve the check method 2020-10-06 18:00:13 -04:00
Spencer McIntyre 4e2093d860 Initial Telerik UI RAU module 2020-10-05 16:42:05 -04:00
bwatters 3a6293357e Land #14190, Add the DOMAIN option to the CVE-2020-0688 Exploit 
Merge branch 'land-14190' into upstream-master
 2020-10-05 12:12:21 -05:00
Alan Foster 30809787c4 Convert disclosure dates to iso8601 2020-10-02 21:00:37 +01:00
Spencer McIntyre e7d2b73600 Add a DOMAIN option to CVE-2020-0688 for consistency with other modules 2020-09-28 09:24:39 -04:00
William Vu 5bda3b4b9d Revert "Make User-Agent consistent across requests" 
This reverts commit 0ec97aa447.
 2020-09-16 13:24:18 -05:00
William Vu da4e960eb0 Revert "Fix HttpUserAgent to UserAgent" 
This reverts commit 3c8390a1c7.
 2020-09-16 13:24:14 -05:00
William Vu 3c8390a1c7 Fix HttpUserAgent to UserAgent 
Payload vs. HttpClient. Whoops.
 2020-09-16 13:03:55 -05:00
William Vu 0ec97aa447 Make User-Agent consistent across requests 2020-09-16 12:59:17 -05:00
William Vu 03e0b9098c Add more words about Exchange role groups 2020-09-16 12:55:08 -05:00
William Vu e118ff1509 Add Microsoft Exchange Server DLP Policy RCE 
CVE-2020-16875
 2020-09-16 02:41:08 -05:00
Shelby Pace 6e2a7001a9 Land #13994, add Dlink Wifi manager rce 2020-08-18 09:34:19 -05:00
Shelby Pace d79ad5efca minor rubocop fix 2020-08-18 09:33:32 -05:00
Niboucha Redouane 0a20a217dc Fix description of the vulnerability 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-08-17 21:06:46 +02:00
Niboucha Redouane 602865ef70 refactor if in check method 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-08-17 21:01:34 +02:00
William Vu a6f7c0c0de Backport miscellaneous fixes to my modules 2020-08-14 13:40:23 -05:00
Niboucha Redouane 1a468fa210 remove unneeded include, left from an attempt to execute native payloads 2020-08-13 15:51:09 +02:00
Niboucha Redouane 66d3b1cd59 Add exploit for CVE-2019-13372 2020-08-13 15:07:11 +02:00
gwillcox-r7 17c26b098b Ninja edit to make sure that if we fail to authenticate to the server, we return CheckCode::Unknown rather than CheckCode::Safe 2020-07-29 16:08:51 -05:00
Spencer McIntyre 4fa657d6eb Fix a bunch of documentation typos and minor code cleanups 2020-07-29 16:30:44 -04:00
Spencer McIntyre 7af4297e86 Add the exploit for CVE-2020-1147 2020-07-29 11:58:38 -04:00
h00die 5a40c6dc00 move config_changes 2020-07-27 15:35:05 -04:00
Shelby Pace bf4d0bf6ee Land #13828, add Zentao Pro rce 2020-07-22 09:42:11 -05:00
Shelby Pace be95c0e17e include autocheck 2020-07-22 09:40:25 -05:00
Shelby Pace 6c066a97ed add bcoles suggestions 2020-07-22 09:39:17 -05:00
Erik Wynter 368adc26ef Update zentao_pro_rce.rb 2020-07-17 18:12:27 -04:00
bwatters eb863048f0 Land #13741, CVE-2020-5741: Plex rce on Windows 
Merge branch 'land-13741' into upstream-master
 2020-07-16 10:20:50 -05:00
Shelby Pace 9c32b45ca2 remove CheckCode returns in login 2020-07-15 20:06:15 -05:00
Tod Beardsley 637b9ab51d Add CVE-2020-7361 reference 2020-07-15 15:40:51 -05:00
kalba-security 2d3588c0ad Add suggestions from code review 2020-07-13 12:51:57 -04:00
kalba-security 1f631e20ad Add zentao_pro_rce Windows exploit and docs 2020-07-08 15:13:45 -04:00
h00die 456bf6b948 update escapes 2020-07-07 01:17:26 -04:00
h00die 89332d0056 native python for plex unpickle 2020-07-03 19:37:18 -04:00
Alan Foster b841246536 Update autocheck to use prepend instead of include, add ForceExploit functionality 2020-06-30 11:40:46 +01:00
h00die a99a3c2d75 working albumn_name length thanks to acammack 2020-06-30 00:28:57 -04:00
h00die 94cc286689 update docs and 401 handling code 2020-06-24 21:05:23 -04:00
adfoster-r7 fceb96e659 Land #13608, update elog calls to be consistent across 2020-06-23 09:47:01 +01:00
Adam Galway 1a2bf98222 creates standard elog & updates exisiting usages 2020-06-22 12:48:39 +01:00