adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

18316 Commits

Author SHA1 Message Date
Grant Willcox 7b25bd366f Update documentation and fix a few typos so that it reflects latest changes 2021-08-11 12:25:36 -05:00
Jacob Baines afa3d92774 Switched to upnp implementation 2021-08-10 18:17:18 -04:00
Dimitrie-Toma Furdui 6dae595e4e fixed version check for cve_2018_8453_win32k_priv_esc 2021-08-10 21:49:42 +03:00
Alan Foster 03400991af Update uses of open ssl 2021-08-10 15:40:23 +01:00
adfoster-r7 b9d2f30bbd Update psexec module to use SMBSHARE option name for consistency 2021-08-10 13:17:57 +01:00
Jacob Baines b3dbf7c0e9 Altered the approach in check 2021-08-09 22:05:16 -04:00
Grant Willcox 55404ff29f Further fixes from review and further touch up edits 2021-08-09 14:23:05 -05:00
Grant Willcox c03ca1d39d Fix RuboCop error 2021-08-09 12:21:07 -05:00
Grant Willcox f8d838bba2 Fix first round of comments from the review process 2021-08-09 12:13:27 -05:00
Grant Willcox 8517286e89 RuboCop fix to description to make it happy 2021-08-09 10:05:21 -05:00
Grant Willcox 838142362c Apply first round of updates from review comments to improve explanations of the vulnerability and fix some minor issues 2021-08-09 09:59:09 -05:00
Jacob Baines 7703810c4a Fixed rubocop issue 2021-08-07 06:59:50 -04:00
Jacob Baines 0e41a0e81e Addressed all but one review items 2021-08-07 06:46:49 -04:00
Jacob Baines 8d699c0c4e Addressed various review comments 2021-08-06 14:55:50 -04:00
Grant Willcox ade653f0bf Final fixup edits to change the timeout value to be an advanced option and also to use send_req_cgi 2021-08-05 13:10:24 -05:00
Jacob Baines f851faf2e4 Initial commit for Canon driver exploit 2021-08-05 11:17:45 -04:00
Grant Willcox 00cfdc4f17 Use Faker to generate a fake app name, add in option to specify timeout to server, and also fix Alan's remaining review comments 2021-08-05 09:46:34 -05:00
Jacob Baines 4cff38b9c2 Fixed rubocop issues 2021-08-04 16:41:20 -04:00
Jacob Baines 699c53151b Fixed msftidy issues 2021-08-04 16:14:27 -04:00
Jacob Baines e6c48db072 Initial version of CVE-2021-35449 2021-08-04 16:08:43 -04:00
Grant Willcox 0d7d5ab93f Switch over to Rex::MIME::Message to use our built in mixins, and also fix last remaining review comments 2021-08-02 11:17:26 -05:00
Grant Willcox 27f70af1b3 Fix up some of the mistakes wvu pointed out 2021-07-30 15:28:10 -05:00
Jack Heysel 29b193406e Fix for file clean up in the Cisco Hyperflex file upload RCE module 2021-07-30 14:59:52 -04:00
Grant Willcox 5b3bbf7f36 Fix up tabs formatting issue that was causing RuboCop to complain. Silly RuboCop :) 2021-07-30 12:17:46 -05:00
Grant Willcox 3427571887 Push up working CVE-2019-11580 exploit and associated documentation 2021-07-30 12:07:12 -05:00
Spencer McIntyre 202f291d30 Land #15497, Add Pi-Hole DHCP Module Side Effects 2021-07-29 12:37:21 -04:00
adfoster-r7 951809e164 Land #15491, add module stability notes 2021-07-29 17:24:42 +01:00
space-r7 d69fb22699 add side effects to pihole dhcp module 2021-07-29 11:23:01 -05:00
space-r7 809081bc5f Land #15279, add Pi-Hole lpe 2021-07-29 11:15:17 -05:00
space-r7 0561ae978f fix typos, pihole version in docs 2021-07-29 11:13:58 -05:00
cgranleese-r7 56510a2e8e Updates some notes on modules that weren't passing tests due to new rubocop rule 2021-07-28 16:20:02 +01:00
Shelby Pace 183caff15c Land #15418, add modern events calendar rce 2021-07-26 09:45:05 -05:00
Shelby Pace 38ae82155e modify info, fix spacing 2021-07-26 09:43:34 -05:00
Shelby Pace 9e95eb7be1 Land #15408, add Wordpress sp doc file upload 2021-07-23 12:36:29 -05:00
Grant Willcox 31b82452ec Fix up Spencer's comments from review to correctly pass in parameters to execute_dll() as some calls were passing the wrong set of parameters 2021-07-23 12:34:25 -05:00
Grant Willcox 2fb379374f Update documentation where possible for changed exploits 2021-07-23 12:34:12 -05:00
Shelby Pace d207f994c0 modify doc description 
randomize form data, formatting
 2021-07-23 12:33:41 -05:00
Grant Willcox fabc566402 Improve process.rb's execute_dll to now automatically detect the architecture of the target and of the DLL and then appropriately decide if it needs to launch a WoW64 process to inject into. 2021-07-23 12:33:41 -05:00
Grant Willcox bc0439fc47 Improve the list of potential processes to spawn and inject into to be more believable 2021-07-23 12:33:16 -05:00
Grant Willcox 96b15c9650 Update process.rb to support injecting into a random process and not just notepad.exe all the time to improve signature evasion. Also support injecting into one's own Meterpreter process for further stealth. Finally update one module to showcase off how these changes look like on a real module. 2021-07-23 12:33:01 -05:00
Hakyac 0f8e256d52 Update modules/exploits/multi/http/wp_plugin_sp_project_document_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-07-23 10:12:57 +02:00
Hakyac 13678f5140 Update modules/exploits/multi/http/wp_plugin_sp_project_document_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-07-23 10:12:51 +02:00
Hakyac 9cdddac5cd Update modules/exploits/multi/http/wp_plugin_sp_project_document_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-07-23 10:11:26 +02:00
Hakyac 877ac006f8 Update modules/exploits/multi/http/wp_plugin_sp_project_document_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-07-23 10:11:21 +02:00
Hakyac 73995ac8d1 Update modules/exploits/multi/http/wp_plugin_modern_events_calendar_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-07-23 10:09:44 +02:00
Hakyac 5e2776411d Update modules/exploits/multi/http/wp_plugin_modern_events_calendar_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-07-23 10:09:25 +02:00
Hakyac 8a3f5affe8 Update modules/exploits/multi/http/wp_plugin_modern_events_calendar_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-07-23 10:09:13 +02:00
Yann Castel a3e5bd527b use of vars_get + delete payload after use 2021-07-21 09:59:05 +02:00
Hakyac 53214e8792 Update modules/exploits/multi/http/wp_plugin_modern_events_calendar_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-07-21 09:41:46 +02:00
Hakyac 09ca7751c0 Update modules/exploits/multi/http/wp_plugin_modern_events_calendar_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-07-21 09:41:38 +02:00