adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

18316 Commits

Author SHA1 Message Date
Grant Willcox 306e1979af First round of code adjustments per review comments 2021-03-04 12:38:11 -06:00
Berkan 1917d9620a Some exception code parts have fixed. 2021-03-04 20:47:52 +03:00
Grant Willcox 3ef8fcd996 Update module to fix an extra print statement and write documentation 2021-03-03 10:14:41 -06:00
Brendan Coles 3da8fce9cf Add Microsoft Windows RRAS Service MIBEntryGet Overflow 2021-03-03 02:50:42 +00:00
Grant Willcox f327d30e08 First attempt at CVE-2020-7200 module, with RuboCopped module 2021-03-02 16:38:19 -06:00
dwelch-r7 dc8fea2063 remove require 'faker' since we globally autoload it now 2021-03-02 13:59:32 +00:00
Berkan 45bfe40803 Refactored some code parts as mentioned. 2021-03-02 15:05:15 +03:00
Berkan 20f085fcaa Update fortilogger_arbitrary_fileupload.rb 2021-03-01 21:00:05 +03:00
Berkan bfecc5bf91 Update fortilogger_arbitrary_fileupload.rb 2021-03-01 20:53:27 +03:00
Berkan 97f6cac240 Update fortilogger_arbitrary_fileupload.rb 2021-03-01 20:42:28 +03:00
erberkan d3338e7380 fortilogger_arbitrary_fileupload 2021-03-01 19:30:39 +03:00
erberkan 648489cfe5 fortilogger_arbitrary_fileupdate 2021-03-01 17:55:55 +03:00
Grant Willcox 6d939c16ce Land #14783, Update KarjaSoft Sami FTP Server v2.0.2 USER Overflow module 2021-02-26 11:17:05 -06:00
Brendan Coles 743248d993 Update KarjaSoft Sami FTP Server v2.0.2 USER Overflow module 2021-02-25 20:53:30 +00:00
Brendan Coles f89d67df19 dup_scout_enterprise_login_bof: Add v9.9.14 target and auto targeting 2021-02-25 17:14:25 +00:00
Brendan Coles 1f00ad011c dupscts_bof: Add additional targets and auto targeting 2021-02-25 17:12:27 +00:00
dwelch-r7 319f15d938 Handle nil versions for rubygems 4 2021-02-25 16:47:49 +00:00
Alan Foster b06c5c12aa Rubocop recently landed modules continued 2021-02-25 14:13:40 +00:00
Spencer McIntyre 1d5a6e4a0b Land #14771, Add Apache Flink JAR Upload Java Code Execution 2021-02-23 09:19:56 -05:00
Grant Willcox f65b4155e5 Fix up modules to use more explicit reference to ARCH_X64 and to correctly check sysinfo['Architecture'] as per #14599 2021-02-22 18:47:46 -06:00
Brendan Coles 69031fa91f Add Apache Flink JAR Upload Java Code Execution 2021-02-22 23:00:57 +00:00
Tim W edea755096 Land #14740, CVE-2021-3156 Sudo LPE (AKA: Baron Samedit) Improvements 2021-02-22 17:48:33 +00:00
agalway-r7 8a339f54c1 Land #14734, updates and runs rubocop against recent modules 
Rubocop recently landed modules
 2021-02-19 13:48:47 +00:00
agalway-r7 275e9c5454 Land #14696, Further Zeitwerk lands to improve boot speed 
Zeitwerk rex folder
 2021-02-19 10:33:37 +00:00
kalba-security 68d4b197fa Add SrClient DLL Hijacking local exploit module and docs 2021-02-18 13:50:28 -05:00
Jeffrey Martin 158dd89e53 guard when spawn is used with TcpServer mixin 
added locations where the `super` from TcpServer could cause
deadlock waiting for a timeout when a thread is spawned
and fails to trigger the target make a request.
 2021-02-18 10:42:56 -06:00
Jeffrey Martin 2e1dba1af1 guard thread in ftp module 2021-02-17 15:27:44 -06:00
Alan Foster 5b3fde7735 Rubocop recently landed modules 2021-02-16 15:08:08 +00:00
A Galway f227e82600 Land #14730, OBM Local PrivEsc to SYSTEM 2021-02-15 10:24:34 +00:00
Brendan Coles a1c316c679 msftidy: Fix exploit module checks for author and stack buffer overflow 2021-02-13 04:10:13 +00:00
Shelby Pace c1e2cfd9e7 Land #14744, add Klog Server unauth cmd injection 2021-02-12 11:40:57 -06:00
Brendan Coles bdc2041c83 Add Klog Server authenticate.php user Unauthenticated Command Injection 2021-02-12 17:07:52 +00:00
dwelch-r7 f6c3de5732 Land #14733, Add latest Rubocop rules 2021-02-12 16:18:13 +00:00
Spencer McIntyre 01593f21b4 Add the Ubuntu 19.04 target for CVE-2021-3156 2021-02-12 10:06:47 -05:00
Spencer McIntyre 20067d183e Use single quotes for escaping arguments consistently 2021-02-12 08:59:38 -05:00
Alan Foster bed7ae2c78 Add latest rubocop rules 2021-02-12 13:31:51 +00:00
Spencer McIntyre f31c7846d2 Escape shell arguments even more thoroughly 2021-02-11 12:25:28 -05:00
Christophe De La Fuente 88eaf97e79 Land #14607, Updates for Exchange ECP DLP Policy Exploit 2021-02-11 15:15:34 +01:00
Brendan Coles 9cbf25347e Land #14708, safari_proxy_object_type_confusion: Add offsets: 10.13.1 + 10.13.2 
Add offsets for OSX 10.13.1 and 10.13.2
 2021-02-11 13:17:53 +00:00
Tim W 40dd113d3b fix whitespace 2021-02-11 12:43:47 +00:00
Spencer McIntyre 944e8d572d Register missing files for cleanup 2021-02-10 18:05:20 -05:00
Spencer McIntyre 6562f309ce Handle whitespace in the target path 2021-02-10 17:40:42 -05:00
Spencer McIntyre 8757eb33fe Add an automatic target that uses version fingerprinting 2021-02-10 16:16:33 -05:00
Spencer McIntyre 1f5f086c5e Updates for the Exchange ECP DLP Policy RCE module to randomize data 2021-02-10 15:00:39 -05:00
Spencer McIntyre b9dd1b927b Randomize the path to the library that's loaded 2021-02-10 08:45:52 -05:00
Christophe De La Fuente 85b7e85d0b Land #14671, Micro Focus Multiple Products Authenticated RCE (CVE-2020-11853) 2021-02-09 18:24:57 +01:00
Pedro Ribeiro 9881512833 Update modules/exploits/multi/http/microfocus_obm_auth_rce.rb 
Co-authored-by: cdelafuente-r7 <56716719+cdelafuente-r7@users.noreply.github.com>
 2021-02-09 14:18:47 +07:00
dwelch-r7 7fbbe23426 Remove more requires that were missed before 2021-02-08 14:51:58 +00:00
dwelch-r7 b95be3ed10 Zeitwerk rex folder 2021-02-08 12:24:12 +00:00
Spencer McIntyre b4dd46a8de Land #14721, sudo_baron_samedit: Add target: Debian 10 x64, sudo v1.8.27, libc v2.28 2021-02-05 16:01:58 -05:00