adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

18316 Commits

Author SHA1 Message Date
Jack Heysel 51f255127e Land #16531, Fix login crash for pihole modules 
Fixes a crash in various Pi-hole modules when login
authentication is required
 2022-05-06 14:08:22 -06:00
sjanusz 2e59f17439 Rename files to form_data 2022-05-06 16:41:19 +01:00
Spencer McIntyre ece5e2699a Automatically identify the HTTP method 2022-05-05 10:24:04 -04:00
space-r7 e2cefe0750 Land #16514, add ZoneMinder exploit module 2022-05-04 17:37:08 -05:00
space-r7 dd0b124e84 fix typo in docs, check some responses 2022-05-04 17:28:37 -05:00
Jack Heysel 481699ed8f Land #16530, PiHole module to not wait for sudo 
Update PiHole pihole_remove_commands_lpe module
to no wait for sudo input
 2022-05-04 14:57:29 -07:00
adfoster-r7 53052af988 Fix login crash for pihole modules 2022-05-04 19:42:39 +01:00
sjanusz bc489fef91 Update PiHole module to not wait for sudo input 2022-05-04 17:24:43 +01:00
krastanoel 115dad7193 Why do i keep forgeting that res can be nil 2022-05-04 20:23:42 +07:00
krastanoel 10c1c75337 Fail the exploit when the target is not Zoneminder but the user enable the ForceExploit 2022-05-04 20:13:40 +07:00
krastanoel 54f6e270fe Make sure the target is a Zoneminder before parse the version, and check if the version is not nil 2022-05-04 20:02:37 +07:00
krastanoel 4c231ba226 Apply suggestions from code review 
Remove unnecessary check for content-type response

Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2022-05-04 16:37:20 +07:00
William Vu 6532365dc8 Deregister VHOST 2022-05-03 11:52:50 -05:00
William Vu 8c0cd40a19 Fix VMware Workspace ONE Access CVE-2022-22954 2022-05-03 10:39:58 -05:00
dwelch-r7 a76600f4a9 Land #16462, add support for armle/aarch64 architectures 2022-05-03 15:48:50 +01:00
krastanoel 8408f28967 checking status code response for successful exploitation 2022-05-03 20:47:36 +07:00
krastanoel c582f4277f res can be nil due to a timeout or other reason 2022-05-03 20:09:58 +07:00
krastanoel 4e6dddd735 Fail if the response is nil or the body is blank 2022-05-03 19:41:06 +07:00
krastanoel a1dcbb8004 Make sure the response content-type is json before parsing 2022-05-03 19:31:38 +07:00
krastanoel b4733afe2c Modify cookie jar, login and responses 
- use keep_cookies instead of grabbing and set manually
- separate login code to its own method
- check response is not nil before calling get_html_document method
- clear cookie jar in exploit method and authenticate if user disable AutoCheck option
 2022-05-03 17:54:59 +07:00
William Vu b2994aa8d8 Add words 2022-05-03 01:13:45 -05:00
William Vu 9a980d068d Link to freemarker.template.utility.Execute docs 2022-05-03 01:00:46 -05:00
William Vu 612e3d6f13 Add another tested SSTI param 2022-05-03 00:30:12 -05:00
William Vu 333681b6da Add other tested SSTI URIs 2022-05-03 00:02:21 -05:00
William Vu a71ded0da8 Update PoC credit 2022-05-02 23:41:43 -05:00
William Vu fa09487ee1 Refactor code, once more with feeling 2022-05-02 22:27:52 -05:00
William Vu 135a81ebc2 Refactor code 2022-05-02 21:53:17 -05:00
William Vu bf7d3e1c32 Add VMware Workspace ONE Access CVE-2022-22954 2022-05-02 18:51:46 -05:00
Spencer McIntyre 7faac7faa4 Update the JSP file to delete itself 2022-05-02 14:34:51 -04:00
Spencer McIntyre 3bdb8e02e2 Use an exponential backoff to retry 2022-05-02 12:30:43 -04:00
Spencer McIntyre 0f8a35e4d3 Whitespace, grammar and timing changes 2022-05-02 10:45:21 -04:00
krastanoel 4e2328fc89 Return safe checkcode when authentication failed to benefit from autocheck module 2022-04-30 03:45:06 +07:00
krastanoel dbc49c67e6 Use nokogiri over regex to parse csrf_magic value 2022-04-30 03:16:37 +07:00
krastanoel 538e3569f4 No need to use rescue block on check method for supported ruby version 2022-04-30 03:12:27 +07:00
krastanoel a7670b1bfe Fix Inconsistent indentation detected. 2022-04-30 01:46:13 +07:00
krastanoel f1f0ec5435 Apply suggestions from code review 
Remove RPORT option and rescue block

Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com>
 2022-04-30 01:18:56 +07:00
krastanoel e27627fbbf Assign check result to an instance variable 2022-04-29 23:01:15 +07:00
krastanoel ae23be355b Remove rand method 2022-04-29 22:34:34 +07:00
Spencer McIntyre c994f8e933 Land #16507, Add WSO2 file upload RCE module 2022-04-29 09:58:55 -04:00
krastanoel 328448e8d4 Get current language before resetting it 2022-04-29 20:52:58 +07:00
krastanoel 7816ffb7c3 Remove checkcode in exploit method and use fail_with instead, no need to use rand method 2022-04-29 19:45:51 +07:00
krastanoel e58fff1ac3 Remove fail_with in check method and return both checkcode and message instead of print 2022-04-29 19:36:36 +07:00
Jack Heysel 2b8ea72e51 Added autocheck fixed execute_payload method 2022-04-28 08:55:17 -07:00
krastanoel 7c371b65ee Add Zoneminder Language rce module 2022-04-28 20:59:53 +07:00
vleminator 1185cfd99f Add support for payload dropper with windows path (backslash) 2022-04-28 00:02:19 +02:00
vleminator 6c75b7efcb Add WriteableDir as an advanced module option 2022-04-27 23:38:51 +02:00
vleminator 868d35a1ed bugfix encoding of the jsp payload dropper 2022-04-27 23:35:31 +02:00
vleminator 71eb6e6fb6 Refactor code to improve readability and remove unused code 2022-04-27 23:32:36 +02:00
Jack Heysel 5b82a978ea Added reference removed default payload 2022-04-27 09:48:21 -07:00
Jack Heysel 253cb8580a Responded to comments added retry_until_true 2022-04-27 09:45:18 -07:00