adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

7658 Commits

Author SHA1 Message Date
Grant Willcox 23bab9405a Land #15175, Change depreciated URI::encode call to URI::encode_www_form_component within rejetto_hfs_exec 2021-05-11 11:21:50 -05:00
Debjeet Banerjee 54dbedf181 URI.escape is obsolete and needs to be updated 
The current code results in the following error :
```
[*] Started reverse TCP handler on 192.168.1.105:4444 
[*] Using URL: http://0.0.0.0:8080/o6wYorU
[*] Local IP: http://192.168.1.105:8080/o6wYorU
[*] Server started.
[*] Sending a malicious request to /
/usr/share/metasploit-framework/modules/exploits/windows/http/rejetto_hfs_exec.rb:110: warning: URI.escape is obsolete
/usr/share/metasploit-framework/modules/exploits/windows/http/rejetto_hfs_exec.rb:110: warning: URI.escape is obsolete
[*] Server stopped.
[!] This exploit may require manual cleanup of '%TEMP%\jsywNguEzNXZF.vbs' on the target
[*] Exploit completed, but no session was created.
```

This minor edit should fix it.
 2021-05-09 12:40:48 +05:30
Alan Foster 48697625da Ensure adobe sandbox collab sync session types is an array 2021-05-07 18:51:06 +01:00
Shelby Pace 45a8e1f49f Land #15087, Operations Bridge Reporter support 2021-04-30 08:41:35 -05:00
Alan Foster 04ff0f6bd7 Update exchange ecp dlp policy to work with new cookie jar 2021-04-29 21:26:02 +01:00
Pedro Ribeiro 83329cc8de clarify it's only for winblows 2021-04-23 19:24:49 +07:00
Pedro Ribeiro 62ba64375c fix typos and add default rport 2021-04-23 17:38:06 +07:00
Pedro Ribeiro 092c22ab4e fix typo in URL 2021-04-23 16:47:46 +07:00
Pedro Ribeiro 8b3687b9e6 update privesc sploit 2021-04-23 16:38:25 +07:00
Spencer McIntyre 00db3767b1 Fix a bug when restoring corrupted memory 2021-04-20 18:18:42 -04:00
Spencer McIntyre cc1aa34534 Tweak what is restored to avoid a bugcheck 2021-04-16 09:16:38 -04:00
adfoster-r7 4c37e35d82 Land #14770, guard when spawn is used with TcpServer mixin 2021-04-14 11:34:25 +01:00
Spencer McIntyre 6176f6fd16 Avoid a CRITICAL_STRUCTURE_CORRUPTION bugcheck from patch guard 2021-04-13 17:39:32 -04:00
Spencer McIntyre ba9674ca69 Search a wider range of the hal heap and remove an irrelevant sentence 2021-04-13 14:44:24 -04:00
Spencer McIntyre ec962cf2be Adjust the hal heap base address calculation 2021-04-13 13:11:24 -04:00
Spencer McIntyre 63e438e992 Bump RubySMB and add a simple check method 2021-04-09 14:44:27 -04:00
Spencer McIntyre f9e632231b Update module metadata for SMBGhost 2021-04-09 14:15:11 -04:00
Spencer McIntyre dd9936ae84 Add SMBGhost RCE module docs 2021-04-09 14:15:11 -04:00
Spencer McIntyre d8bed16d4d Refactor constants into a proper target hash 2021-04-09 14:15:11 -04:00
Spencer McIntyre c4055f348c Restructure and refactor the kernel mode shellcode 2021-04-09 14:15:11 -04:00
Spencer McIntyre 8b3381a901 Initial commit of the CVE-20202-0796 exploit 2021-04-09 14:15:05 -04:00
Adam Cammack 6096d0f135 Remove superfluous default_cred? methods 2021-04-07 06:12:25 -05:00
William Vu 4020813b42 Correct broken or redundant CVE references 2021-04-05 13:06:50 -05:00
Christophe De La Fuente 401a4ff8c7 Land #14975, Fix uninitialized constant in cve_2020_1054_drawiconex_lpe 2021-04-02 17:23:03 +02:00
Shelby Pace 71914a1ddb Land #14813, additional dup scout bof targets 2021-04-01 13:03:57 -05:00
William Vu 51200c4b22 Remove CmdStagerFlavor from a couple modules 
Not strictly necessary. We need a better way to limit by platform.
 2021-03-31 12:08:46 -05:00
Tim W 70c8e802d8 Fix #14974, fix uninitialized constant in cve_2020_1054_drawiconex_lpe 2021-03-31 12:06:15 +01:00
ryanpohlner d92d0e59d8 Fixed generic cmd payload not echoing 2021-03-29 20:06:12 -04:00
ryanpohlner c55303863a Fixed payload triggering twice 2021-03-29 18:27:25 -04:00
Spencer McIntyre 9d85af51cb Land #14945, Proxylogon RCE (Praetorian update) 2021-03-29 12:04:19 -04:00
Spencer McIntyre 11f4946817 Tweak some ProxyLogon verbiage for clarity 2021-03-29 10:07:43 -04:00
RAMELLA Sébastien 02b240b22a code review 2021-03-29 14:23:39 +04:00
RAMELLA Sébastien c64b1b200e remove ClientID, seem useless 2021-03-26 16:37:08 +04:00
William Vu b517372e4d Fix sharepoint_ssi_viewstate, too 2021-03-26 01:32:46 -05:00
William Vu a6df15c8c2 Fix the rest of the optional method 2021-03-26 01:29:47 -05:00
William Vu 0b8ac121d4 Fix fail_with usage in advantech_iview_unauth_rce 
Brain fart. Should be print_warning so as not to fail the session.
 2021-03-25 11:33:41 -05:00
Grant Willcox 784927a389 Land #14941, Force smb_relay module to use the Rex SMB client over ruby_smb 2021-03-25 10:55:07 -05:00
RAMELLA Sébastien 75041c5837 update proxylogon rce 2021-03-25 19:46:58 +04:00
bwatters 6505f9ccbd Land #14830, Adding FortiLogger 4.4.2.2 - Unauthenticated Arbitrary File Upload (CVE-2021-3378) 
Merge branch 'land-14830' into upstream-master
 2021-03-24 17:41:10 -05:00
bwatters 5394464932 Fix rubocop complaint 2021-03-24 17:38:11 -05:00
dwelch-r7 a69d76d7b5 Force smb_relay module to use the Rex SMB client over ruby_smb 2021-03-24 17:36:50 +00:00
Christophe De La Fuente 2dcd0fad04 Land #14860, Auxiliary/Exploit Scanner/Gather/RCE for Exchange ProxyLogon (CVE-2021-26855) 2021-03-23 13:10:15 +01:00
Christophe De La Fuente a6cd7c9b30 Rubocop update - JSON Unnecessary symbol conversion 2021-03-23 10:58:03 +01:00
RAMELLA Sébastien 37b0552803 last code review before land 2021-03-22 23:20:40 +04:00
William Vu 4dc860cce3 Update Spencer credit 2021-03-22 14:14:12 -05:00
Spencer McIntyre 8605fe4529 Use POST for the check method and write the module docs 2021-03-22 15:04:21 -04:00
RAMELLA Sébastien 09b844653b remove DisablePayloadHandler and add x86 support 2021-03-22 00:30:01 +04:00
RAMELLA Sébastien c543b44fc2 fix: CmdStagerFlavor, add: Powershell target, ... 2021-03-21 22:47:27 +04:00
William Vu 30629c2405 Remove JSP stub to-do 
Spencer looked into this more thoroughly. The JSP stub is good.
 2021-03-19 17:17:01 -05:00
William Vu 66d9cab44d Fix some things 2021-03-19 16:52:24 -05:00