adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

18316 Commits

Author SHA1 Message Date
Spencer McIntyre 6fe0933c1e Add exploit for CVE-2022-44877 2023-01-20 09:04:24 -05:00
Jack Heysel 6ac0d9ba27 Trailing whitespace corrected 2023-01-19 22:16:54 -05:00
h00die 633c58a0ff tomcat on rhel priv esc 2023-01-19 15:28:10 -05:00
Jack Heysel 0e0f62c002 Removed 22621 2023-01-19 14:47:20 -05:00
Jack Heysel 4da94325f3 Rubocop 2023-01-19 13:52:58 -05:00
Jack Heysel 63d9445911 Fix for Win Server 2022 and 2019 2023-01-19 00:52:38 -05:00
h00die 3a0b694790 better engrish 2023-01-18 20:12:49 -05:00
h00die c823295915 cleanup better 2023-01-18 16:19:48 -05:00
bwatters 158c557d58 Update LICENSE file and location of source file 2023-01-17 17:28:22 -05:00
h00die e28ff3b160 minor fixes 2023-01-17 15:30:36 -05:00
h00die be7ca91a8f cve-2022-22942 2023-01-17 15:30:36 -05:00
Grant Willcox 7e23c34e6c Apply fixes per code review 2023-01-17 12:44:22 -06:00
h00die-gr3y 541dab9365 simplified messaging 2023-01-17 12:44:20 -06:00
h00die-gr3y 77687bff3f init module 2023-01-17 12:44:20 -06:00
Spencer McIntyre 3ddcf73c2b Remove the QUICK option altogether 
Use blocks to check whether each service is exploitable as they are
enumerated. With this change, it is the service and path enumeration
halts once an exploitable one is found that yields a session.

Also all files are registered for cleanup.
 2023-01-13 17:06:42 -05:00
h00die f98d1d838b unquoted service path tweaks to check 2023-01-13 17:06:42 -05:00
h00die 90a12cf3b0 unquoted service path tweaks 2023-01-13 17:06:42 -05:00
h00die a6ec7762ea unquoted service path tweaks 2023-01-13 17:06:42 -05:00
h00die c52eb09cbb unquoted service path tweaks 2023-01-13 17:06:42 -05:00
adfoster-r7 eddac9321c Merge 6.2.36 master into kerberos feature branch 2023-01-13 17:31:02 +00:00
ErikWynter 8472efed02 fix typos, add reference, don't use methods to wrap datastore options 2023-01-13 14:53:29 +02:00
Steve E b67f001e2a post-testing typo fix 2023-01-12 20:02:20 +00:00
Steve E 1afecd0884 force t3 over ssl option 2023-01-12 19:42:55 +00:00
Jack Heysel 145589f7a2 Add GetPteBaseW10 2023-01-12 01:15:23 -05:00
Steve E 990d5ccfad Action linter warnings in changes 2023-01-09 21:17:22 +00:00
Steve Embling 16c176dbe0 Accept protocol option change to optenum from optstring 
Co-authored-by: bcoles <bcoles@gmail.com>
 2023-01-10 12:54:28 +00:00
Steve Embling a368f76a2a Update weblogic_deserialize_badattrval.rb 2023-01-10 10:47:31 +00:00
Steve E 60bfa329fa Add t3s protocol support to weblogic_deserialize_badattrval 2023-01-09 18:47:43 +00:00
Grant Willcox 98b3b29cc2 Land #17439, Removing Rex::ConnectionError exception handler from module template 2023-01-05 14:24:58 -06:00
Christophe De La Fuente 25f4c023b4 Removing Rex::ConnectionError exception handler 2023-01-05 20:26:11 +01:00
Grant Willcox 725f83601f Land #17435, Restore raw_send_recv for module using SMTP mixin 2023-01-05 11:29:53 -06:00
Grant Willcox f39973de86 Fix up missing option in documentation and also add some additional validation on server response. 2023-01-04 17:02:05 -06:00
h00die-gr3y 11b95b2094 added additional response check 2023-01-04 17:02:04 -06:00
h00die-gr3y c7b59b4815 updates based on gwillcox-r7 review comments 2023-01-04 17:02:04 -06:00
h00die-gr3y f9ecaa92ae updated references section 2023-01-04 17:02:03 -06:00
h00die-gr3y 4db15346e1 init commit module 2023-01-04 17:01:58 -06:00
Jeffrey Martin 6b5948a69d restore raw_send_recv for module using SMTP mixin 
changes in #16153 adjusted modules that were not utilizing
`Exploit::Remote::SMTPDeliver` in error restore calls to `raw_send_recv`
that is no longer shadowed by in `SMTPDeliver`.
 2023-01-04 14:45:58 -06:00
Christophe De La Fuente 868072e6c8 Land #17317, Fix various WinRM modules 2023-01-03 19:57:07 +01:00
Ashley Donaldson 45c0af48c2 Suggested changes from code review 2023-01-03 11:26:07 +11:00
timwr ce260f53f3 Add CVE-2022-46689 macOS dirty cow 2022-12-28 22:46:08 +07:00
adfoster-r7 95d361754f Merge branch 'upstream-master' into merge-6.2.33-master-into-kerberos-feature-branch 2022-12-28 13:59:42 +00:00
Christophe De La Fuente 20d70799a7 Land #17298, Add opentsdb_yrange_cmd_injection module and docs 2022-12-23 13:38:58 +01:00
Christophe De La Fuente 83b11a69a8 Make rubocop happy 2022-12-23 13:38:16 +01:00
ErikWynter 7fa557805e add final code review suggestions 2022-12-23 11:29:29 +02:00
ErikWynter 8f96746551 fix typo and add credit for discovery 2022-12-23 11:11:31 +02:00
ErikWynter 4c2dfe0279 add cacti_unauthenticated_cmd_injection 2022-12-22 17:55:45 +02:00
Jack Heysel 63583af153 Land #17389, Log4shell_header_injection bug fix 
prevent .keys call on nil
 2022-12-21 16:26:55 -05:00
Ron Bowes 2ec77e6d95 Merge branch 'master' into f5-createuser-privesc 2022-12-15 13:11:26 -08:00
Steffen Robertz cc5c405941 Unauthenticated RCE for multiple Zyxel Router changes 2022-12-15 21:44:57 +01:00
Jack Heysel 3204caf618 Make use of session platform 2022-12-15 14:28:19 -05:00