adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

18316 Commits

Author SHA1 Message Date
vleminator f57bdabb41 Refine the check method to perform less-invasive exploit validation 2022-04-27 14:05:47 +02:00
Jack Heysel a941fea26a Removed unused import added target_uri 2022-04-26 14:11:10 -07:00
Jack Heysel a8ae08d138 Updated authors 2022-04-26 13:55:59 -07:00
Jack Heysel 86ff080d31 Merge branch 'wso2-file-upload-rce' of github.com:jheysel-r7/metasploit-framework into wso2-file-upload-rce 2022-04-26 13:53:17 -07:00
Jack Heysel 1879a7568f Updated authors 2022-04-26 13:52:59 -07:00
jheysel-r7 266d3bb9ca Apply suggestions from @bcoles code review 
Co-authored-by: bcoles <bcoles@gmail.com>
 2022-04-26 13:40:25 -07:00
Jack Heysel 691d9fe001 Added Reliability section to Notes 2022-04-26 13:19:34 -07:00
Jack Heysel 76c8e0b65f Added Notes section to module 2022-04-26 13:01:38 -07:00
Jack Heysel 37c8fff523 Rubocop offenses 2022-04-26 12:51:12 -07:00
Jake Baines 1b119a845c Fixed handling of victim response 2022-04-26 12:34:45 -07:00
Jack Heysel ca0be9c145 Add WSO2 file upload RCE module 2022-04-26 12:29:12 -07:00
Jake Baines ec37ebc617 Update modules/exploits/linux/redis/redis_debian_sandbox_escape.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2022-04-26 14:43:03 -04:00
Jake Baines d20fd996bd Fix spelling mistakes 2022-04-26 03:38:23 -07:00
Jake Baines 71a4023c0d Initial commit of Redis sandbox escape CVE-2022-0543 2022-04-26 03:32:11 -07:00
Brendan Coles 02d911e655 gdb_server_exec: Cleanup and add support for armle/aarch64 architectures 2022-04-25 19:25:06 +00:00
sjanusz 4ec4b89d00 Add upload of files to HttpClient & update a module to use it 2022-04-25 14:55:37 +01:00
Jack Heysel 74e69917c6 Land #16450 VNC Keyboard exec fast typing fix 
This PR adds small delays in the VNC Keyboard
Exec to avoid typing long commands too fast.
 2022-04-21 19:45:46 -07:00
Jack Heysel 1e40595c53 Fixed typo in TIME_KBD_THRESHOLD option 2022-04-21 19:32:57 -07:00
Jeff McJunkin d1034c8b57 s4u_persistence.rb: Allow all post-Vista builds 
Currently this module doesn't account for Server builds 2016 and above, nor Windows 10 builds. This PR fixes the `sysinfo` comparison to allow later builds.

Note: Many other modules have this problem, and it's probably worth Rapid7 staff time to standardize the usage of build comparisons inside modules.
 2022-04-21 15:33:42 -07:00
Grant Willcox e2c6c36b2b Land #1642, Add module for cve-2022-0995 2022-04-21 09:12:47 -05:00
bwatters 9cba9576cd Keep code reusable and fix some logical complexities 2022-04-21 07:44:40 -05:00
Grant Willcox 69b54c8448 Add in additional validation to check methods to address bcoles's comments and also to prevent issues with fail_with being used inside a check method 2022-04-20 19:50:08 -05:00
Grant Willcox f33e3f45c1 RuboCop compliance for PacketStorm 2022-04-20 19:09:14 -05:00
Grant Willcox 78d4ac8592 Update module reliability and also fix issues from bcoles's review 2022-04-20 19:04:27 -05:00
bwatters 26f9175816 Update c source with argc check and CRASH notes for module 2022-04-20 17:37:48 -05:00
bwatters d9a241defb Fix overzealous source code edit and some version copy/pasta errors 2022-04-20 14:31:32 -05:00
Spencer McIntyre 8e2bd3c5a9 Land #16475, ManageEngine ADSelfService Plus RCE 2022-04-20 15:22:36 -04:00
Spencer McIntyre bf1f786813 Title case the target name 2022-04-20 15:22:07 -04:00
Jake Baines aba48a6905 Improve JSON cleanup, fix jjs specific wording, and moved JJS_PATH to defaultoptions 2022-04-20 06:27:43 -07:00
Jack Heysel dd0be6cad5 Rubocop fix for arista_tacplus_shell 2022-04-19 22:38:50 -07:00
Jack Heysel 4417a335ff Land #16379, Make SSH defaults widely used 
Refactored a number of modules to use ssh_client_defaults
 2022-04-19 22:08:45 -07:00
Grant Willcox a756df5400 Add in missing RuboCop note sections 2022-04-19 16:40:57 -05:00
Brendan Coles 94ed9ae28b Modules: Prefer CVE references over cve.mitre.org URL references 2022-04-19 20:42:23 +00:00
Jake Baines ae54c8c3d9 Initial implementation of authenticated RCE against ManageEngine ADSelfService Plus (CVE-2022-28810) 2022-04-19 10:33:54 -07:00
ORelio 1fdedebacf Add settings to adjust delay and interval 
TIME_KBD_DELAY: Delay in milliseconds (0 to disable)
TIME_KBD_TRESHOLD: How many keys between each delay
 2022-04-19 17:40:14 +02:00
Heyder Andrade fd6c8aa3d5 Lint msftidy 2022-04-18 23:36:23 +02:00
Heyder Andrade b363a7e403 Merge branch 'fix/ssh_defaults_usage' of github.com:heyder/metasploit-framework into fix/ssh_defaults_usage 2022-04-18 20:19:36 +02:00
Heyder Andrade 4252fe01e6 Rubocop 2022-04-18 20:17:44 +02:00
Heyder Andrade 9e54830f93 Making SSH defaults widely used 2022-04-18 20:16:34 +02:00
Heyder Andrade bdc69d8399 Rubocop 2022-04-18 20:14:57 +02:00
Heyder Andrade 83793b6df7 Making SSH defaults widely used 2022-04-18 20:12:04 +02:00
Heyder Andrade 91c08b3fac Rubocop 2022-04-18 20:09:52 +02:00
Heyder Andrade 244d04fa4f Making SSH defaults widely used 2022-04-18 20:08:27 +02:00
Heyder Andrade 42d7e4f3b7 Rubocop 2022-04-18 20:05:46 +02:00
Heyder Andrade fcef6dd515 Making SSH defaults widely used 2022-04-18 19:46:51 +02:00
Heyder Andrade 0058a3aef0 Rubocop 2022-04-18 19:43:16 +02:00
Heyder Andrade 5388ac5613 Making SSH defaults widely used 2022-04-18 19:36:37 +02:00
Heyder Andrade 6f1a6ce712 Rubocop 2022-04-18 19:34:49 +02:00
Heyder Andrade e34bff1b85 Making SSH defaults widely used 2022-04-18 19:30:43 +02:00
Heyder Andrade 2f3710f91b Rubocop 2022-04-18 19:25:38 +02:00