adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

18316 Commits

Author SHA1 Message Date
Spencer McIntyre 0b3b0aab7d Fix the UNC path conversion regex 2021-08-27 15:56:58 -04:00
Spencer McIntyre 5e32ca9f56 Improve error checks and dont use whoami 2021-08-27 15:52:34 -04:00
Spencer McIntyre c4cf99795e Remove the requirement on knowing an email address 2021-08-27 15:34:51 -04:00
Spencer McIntyre 845c01f27f Store the enumerated mailbox email addresses 2021-08-27 15:07:13 -04:00
Spencer McIntyre 6c01a0dbea Work off of the system mailbox 2021-08-27 14:32:26 -04:00
adfoster-r7 4a9a15e638 Run Rubocop layout rules on modules 2021-08-27 17:19:43 +01:00
Spencer McIntyre d5fdcb8fcb Add the plumbing to enumerate email addresses 2021-08-27 11:44:27 -04:00
Your Name 8d28dece69 Added Notes 2021-08-27 16:42:54 +01:00
Your Name 6a501a37ff Add CVE-2021-33549 exploit for Geutebruck G-CAM 2021-08-27 01:28:26 +01:00
Grant Willcox 7cf2e66085 Fix up regex to properly match results and not include the 'version' part of the string, which was causing Rex::Version to return incorrect results and therefore make the 'check' method fail 2021-08-26 17:41:41 -05:00
Grant Willcox 415b46d9a7 Fix Rubocop errors 2021-08-26 16:52:58 -05:00
Dimitrie-Toma Furdui 63aaa8f438 fixed version check for docker_credential_wincred 2021-08-26 16:33:45 -05:00
Tim W 6c0b90eabb Land #15532, add module for CVE-2021-21300 and git mixins 2021-08-26 18:26:04 +01:00
Spencer McIntyre 674628e600 Land #15384, Improve Windows RDLL injection 2021-08-26 12:11:44 -04:00
Grant Willcox be9a7bc9b9 Fix up error in alpc_taskscheduler.rb where it expected a DLL but we passed it shellcode instead 2021-08-26 09:27:21 -05:00
Grant Willcox 7652a2240e Add in missing import for modules/exploits/windows/local/ntapphelpcachecontrol.rb to prevent crashes due to execute_dll not being defined 2021-08-25 18:19:58 -05:00
Grant Willcox 6f9b06fb4b Add in Manfred Paul's original blog post and chompie1337's original PoC to the list of links. Also add in a relatively detailed description of how to add in new targets to this exploit to the documentation in case that helps anyone down the line 2021-08-25 18:09:07 -05:00
Grant Willcox 29a230ec72 Improve error handling for module 2021-08-24 17:36:37 -05:00
Grant Willcox 5a80e9678c Address Spencer's comments and remove changes that don't directly use the DLL injection library API change 2021-08-24 16:34:01 -05:00
Grant Willcox bd490d35ed Add support for Linux 5.11.x on Fedora 2021-08-23 15:09:10 -05:00
Grant Willcox db5ac81ecf Fix up mistakes bcoles pointed out and also add in a check to ensure we are only targetting x64 systems 2021-08-23 13:23:40 -05:00
Grant Willcox e46611cffb Add in support for exploiting Fedora 32 with Linux kernel 5.10.12 2021-08-20 18:04:59 -05:00
Grant Willcox 75ae2b76f5 Add support for Fedora 32 Linux Kernel 5.9.8-100 and also fix an error where the wrong file was being used for Fedora 32 Linux Kernel 5.8.8. 2021-08-20 16:50:20 -05:00
Grant Willcox 5abf407228 Add support for Fedora 32 with Linux Kernel 5.8.8-200 2021-08-20 15:42:34 -05:00
Grant Willcox dd806a9d61 Add in support for Fedora 32 running kernel 5.7.11-200 2021-08-20 13:37:52 -05:00
sjanusz 8e00c5a188 Add default payload option to targets 2021-08-20 16:38:22 +01:00
Grant Willcox b479cb61a4 Add in scenario for Ubuntu 20.04.02 LTS and show that its still working as expected 2021-08-19 15:05:03 -05:00
Grant Willcox 945004ed97 Fix up typo that was breaking the code and also fix RuboCop errors 2021-08-19 14:12:03 -05:00
Grant Willcox b60ad3ee26 Fix up mistakes I noticed whilst doing edits on the code as well as some mistakes identified during peer review 2021-08-19 13:55:54 -05:00
William Vu 31796c6236 Land #15561, ProxyShell exploit 2021-08-19 10:31:02 -05:00
William Vu 0a06730802 Update contributors 2021-08-19 10:30:21 -05:00
Spencer McIntyre 84f8c44e69 Write to the targeted backend server 2021-08-18 12:34:40 -04:00
Spencer McIntyre 75e63992d6 Write an exploit for ProxyShell 2021-08-18 10:50:34 -04:00
Grant Willcox d5df47692c Add in first copy of the exploit along with the supporting source code and binaries. Documentation to come 2021-08-17 18:01:14 -05:00
William Vu 521ca14773 Add Lucee Administrator CVE-2021-21307 exploit 2021-08-16 10:09:34 -05:00
Jack Heysel 5aa56b303a Land #15539, Fix cve_2018_8453_win32k_priv_esc 
Fixes the check method for the above module, prior
to this change the module was not running against 1703.
 2021-08-13 11:01:58 -04:00
space-r7 c9bdd96c76 remove GIT_HOOK option 
post-checkout is the only hook that will work
with this exploit, so no option is needed. Also update
the documentation to reflect that.
 2021-08-12 10:18:13 -05:00
space-r7 31cbcb7774 add notes to updated modules 2021-08-12 10:18:13 -05:00
space-r7 70f304a548 change modules to use hash in build_commit_object 2021-08-12 10:18:13 -05:00
Shelby Pace d0c0372596 add request / response classes 2021-08-12 10:18:12 -05:00
Shelby Pace a4cc95448f remove namespace 2021-08-12 10:18:12 -05:00
Shelby Pace 0fe761b838 modify options and add documentation 2021-08-12 10:18:12 -05:00
Shelby Pace 98ef499351 add git lfs and smart http changes 2021-08-12 10:18:11 -05:00
Shelby Pace 53187648c1 add module 
also includes packfile obj metadata changes
 2021-08-12 10:18:11 -05:00
Shelby Pace d7161d0b90 add packfile, pkt line, and module code 2021-08-12 10:18:11 -05:00
Shelby Pace d89554e995 add git mixin changes and usage in git exploits 2021-08-12 10:18:11 -05:00
Shelby Pace 3fb225c9c6 add wrapper methods for creating git objects 
use methods in git_submodule_command_exec
 2021-08-12 10:18:11 -05:00
Spencer McIntyre 82cc8526d4 Land #15501, Add CVE-2019-11580 (Atlassian Crowd) 2021-08-12 09:38:31 -04:00
Grant Willcox 85ef49a79c Land #15535, Update psexec module to use SMBSHARE option name for consistency 2021-08-11 17:41:38 -05:00
Grant Willcox 5fdf990f24 Land #15519, Lexmark Universal Print Driver Local Privilege Escalation 2021-08-11 15:03:53 -05:00