adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

18316 Commits

Author SHA1 Message Date
Spencer McIntyre 811de07e7a Add logout functionality and cleanup HTTP session management 2020-12-07 10:41:42 -05:00
Spencer McIntyre b968cf9183 Cleanup the payload delivery mechanism 2020-12-07 09:40:29 -05:00
S3cur3Th1ssh1t 6c1ac7f9a2 Fix ssi template for some sharepoint versions 2020-12-07 14:34:09 +01:00
dwelch-r7 49a6b1b257 Remove requires that sneaked in while the PR was up 2020-12-07 11:02:10 +00:00
dwelch-r7 1617b3ec9b Use zeitwerk for lib/msf/core folder 2020-12-07 10:31:45 +00:00
William Vu c5d47532b0 Clarify sending username where password expected 2020-12-07 01:55:18 -06:00
William Vu d1f307324b Refactor exploit to use improved CheckModule 
And add AutoCheck.
 2020-12-07 01:35:13 -06:00
William Vu 4da3e37328 Remove unchanged offset 2020-12-07 01:35:13 -06:00
William Vu 4afb4562d9 Print on failure 2020-12-07 01:35:13 -06:00
William Vu 88f0fab6f4 Don't hardcode a stack address for the payload 2020-12-07 01:35:13 -06:00
William Vu 6b45552bda Swap target priority 2020-12-07 01:35:13 -06:00
William Vu bed3f9b41c Note VMware Player support 
Thanks to @bcoles for testing.
 2020-12-07 01:35:13 -06:00
William Vu 1cfcb9b351 Clarify Solaris version 
Hat tip @bcoles.
 2020-12-07 01:35:13 -06:00
William Vu d6c64865ea Add Solaris SunSSH PAM parse_user_name() exploit 
CVE-2020-14871
 2020-12-07 01:35:13 -06:00
alanfoster 835059f00c [CVE-2020-10977] Gitlab arbitrary file read to RCE 2020-12-07 01:26:54 +00:00
Grant Willcox a96a290d32 Land #14467, Add missing CheckCode::Unknown return code if the response object is empty to fix #14462 2020-12-06 01:25:17 -06:00
Grant Willcox 02ebe745d9 Improve the CheckCode::Unknown No Response error message to make it clearer to users 2020-12-06 01:24:51 -06:00
Brendan Coles eb7514d94d nimcontroller_bof: return CheckCode::Unknown if response is empty 2020-12-06 03:16:39 +00:00
cgranleese-r7 96c62aea20 Lands #14411 Fixes eternalblue-win8 to run only with python3 2020-12-05 14:22:32 +00:00
Brendan Coles 6cdb484d7c Add Aerospike Database UDF Lua Code Execution exploit 2020-12-05 14:15:22 +00:00
Brendan Coles 9bf532edd8 web_delivery: Add SyncAppvPublishingServer target 2020-12-05 06:24:55 +00:00
Spencer McIntyre 7612845714 Add the initial Ruby port for CVE-2020-8260 2020-12-04 17:56:38 -05:00
A Galway c83c21bcea additional string to byte conversions 2020-12-03 16:21:55 +00:00
Spencer McIntyre a322647913 Change the cookie to PHPSESSID from my_id for the Simple PHP blog exploit 2020-12-02 10:09:05 -05:00
Spencer McIntyre cea4c92781 Clarify the message by printing the actual path 2020-12-01 13:41:01 -05:00
Spencer McIntyre 0bf9dcfdb8 Check that additional success checks for the registry technique 2020-11-30 18:03:58 -05:00
C4ssandre 7d0c6c3b87 Applying rubocop. 2020-11-30 15:09:53 +00:00
C4ssandre 612096ce03 Passing default waiting time for module to complete from 20 to 120. 2020-11-30 15:02:16 +00:00
C4ssandre b894053efe Changing instance variables to local variables. 2020-11-30 14:31:45 +00:00
C4ssandre 71a33301b7 Removing outdated comment. 2020-11-30 14:27:40 +00:00
C4ssandre e6cffac948 Function check: changing if os =~ /Server/ to if os.include?('Server') to avoid compiling a regular expression. 2020-11-30 14:23:54 +00:00
C4ssandre 4c317fe359 Applying rubocop to ruby module file. 2020-11-30 14:21:41 +00:00
justinopatrny c200a274b2 Corrected headers check for retrieved cookie 
Previous get_cookies method not working properly
 2020-11-29 19:07:44 -06:00
James Lee bc3d41bbe8 Request json response 
For compatibility with older versions of Solr (I tested 5.3.0) where the
default is XML.
 2020-11-29 17:57:36 -06:00
James Lee 4b5dd7389c Cleanup debug prints 2020-11-29 13:15:14 -06:00
James Lee 4496fe0d82 Randomize the header name for commands 2020-11-29 11:32:35 -06:00
James Lee 1be51ded25 Use HTTP ClassLoader instead 2020-11-29 10:53:33 -06:00
Tim W 6de55b3d79 Land #14433, fix typo in exploits/windows/local/bypassuac_comhijack.rb 2020-11-26 20:13:42 +00:00
Tim W 87eba681e0 Land #14365, Update TP-Link AC1750 Pwn2Own 2019 module 2020-11-26 19:55:00 +00:00
Pedro Ribeiro a99ce581dd Update TP-Link AC1750 Pwn2Own 2019 module 2020-11-26 12:56:02 +00:00
Graeme Robinson f6f78d4710 Make changes suggested in code review 2020-11-26 13:46:02 +01:00
Graeme Robinson 7fa10a0684 Update modules/exploits/multi/http/apache_nifi_processor_rce.rb 
Co-authored-by: cdelafuente-r7 <56716719+cdelafuente-r7@users.noreply.github.com>
 2020-11-26 13:46:02 +01:00
Graeme Robinson 5dc7e8f04e Update modules/exploits/multi/http/apache_nifi_processor_rce.rb 
Co-authored-by: cdelafuente-r7 <56716719+cdelafuente-r7@users.noreply.github.com>
 2020-11-26 13:46:02 +01:00
Graeme Robinson 78c042cbb7 Update modules/exploits/multi/http/apache_nifi_processor_rce.rb 
Co-authored-by: cdelafuente-r7 <56716719+cdelafuente-r7@users.noreply.github.com>
 2020-11-26 13:46:01 +01:00
Graeme Robinson 7894f1eb9a Update modules/exploits/multi/http/apache_nifi_processor_rce.rb 
Co-authored-by: cdelafuente-r7 <56716719+cdelafuente-r7@users.noreply.github.com>
 2020-11-26 13:46:01 +01:00
Graeme Robinson fcde932e1b Update modules/exploits/multi/http/apache_nifi_processor_rce.rb 
Co-authored-by: cdelafuente-r7 <56716719+cdelafuente-r7@users.noreply.github.com>
 2020-11-26 13:46:01 +01:00
Graeme Robinson 2a9898df25 Update modules/exploits/multi/http/apache_nifi_processor_rce.rb 
Co-authored-by: cdelafuente-r7 <56716719+cdelafuente-r7@users.noreply.github.com>
 2020-11-26 13:46:01 +01:00
Graeme Robinson 9a35a5fdee Remove frozen_string_literal directive 
Remove directive that was added by `rubocop -A`, as suggested in review.

Note that this results in an additional offense being reported by rubocop
 2020-11-26 13:46:01 +01:00
Graeme Robinson e33a2ca463 Use cleanup method to perform cleanup 2020-11-26 13:46:01 +01:00
Graeme Robinson f6d39147af Removed pointless comment. 2020-11-26 13:46:01 +01:00