adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

18316 Commits

Author SHA1 Message Date
Tod Beardsley 19618d9bd2 Add CVE-2020-7373 in the references 2020-08-11 14:22:11 -05:00
Zenofex 0dab52ef35 A few last changes from msftidy and msftidy_docs. 2020-08-09 18:25:13 -05:00
Zenofex 661e2a680b Initial push of exploit and module for vbulletin_widget_template_rce vulnerability. 2020-08-09 17:38:52 -05:00
gwillcox-r7 d2b1d97b62 Land #13940, Compliance and Typo Edits for baldr_upload_exec 2020-08-06 11:25:31 -05:00
gwillcox-r7 2ca508c08e Further edits for RuboCop and msftidy_docs.rb compliance 2020-08-06 11:18:39 -05:00
gwillcox-r7 5c6530d9e5 Update module description and documentation to have a better description of what is going on and to also fix further copies of the typos that were pointed out. 2020-08-06 10:50:47 -05:00
Jeffrey Martin 35017886b8 Land #13935, Preliminary Version 6 2020-08-06 10:19:34 -05:00
bwatters ba7f1ea486 Land #13897, Fix dangling reference issue in cve_2020_0688_service_tracing.rb 
and filesystem.rb

Merge branch 'land-13897' into upstream-master
 2020-08-05 17:04:15 -05:00
Jericho 41e22992ff typo and touch-ups to desc 
typo and touch-ups to desc
 2020-08-04 16:59:57 -06:00
bwatters fade2c76b5 Land #13904, Added Module: priviledged docker container escape 
Merge branch 'land-13904' into upstream-master
 2020-08-04 14:39:17 -05:00
gwillcox-r7 6ed05df308 Land #13517, Documalis Free PDF Editor and Free PDF Scanner JPEG PDF Stack Buffer Overflow 2020-08-03 14:11:50 -05:00
gwillcox-r7 b64e843d9f Remove CVE reference for now until we can add in a proper CVE reference, fix some alignment issues for Notes section 2020-08-03 13:06:45 -05:00
Jeffrey Martin 9aa26d1208 Merge upstream into 6.x 2020-08-03 11:43:47 -05:00
gwillcox-r7 513f2dac9b Add in Notes section to exploit 2020-08-03 11:00:17 -05:00
gwillcox-r7 b13b3b3d77 Add in a temp valid CVE number to see if that will get builds to pass or not 2020-07-31 17:49:14 -05:00
gwillcox-r7 8ad94e5484 Remove trailing new line at end of the line that was causing the last commit to fail for reasons other than the CVE being missing 2020-07-31 17:47:58 -05:00
gwillcox-r7 2d5fa912c3 Apply fixes to documentation to fix some errors and make it msftidy_docs.rb compliant. Also apply RuboCop updates to the module 2020-07-31 17:36:51 -05:00
gwillcox-r7 e355bc783c Update the module's description and title to be more accurate, and also remove the EDB field and replace it with a temporary CVE field 2020-07-31 16:07:33 -05:00
gwillcox-r7 96859ba492 Add in the proper instructions corresponding to the gadgets that we use for the SEH handler overwrite within the exploit 2020-07-31 15:50:49 -05:00
gwillcox-r7 907bedca34 Edit up the exploit to correct the size calculation logic so it correctly calculates the maximum size of the payload and ensures we don't overrun this. 2020-07-31 15:36:37 -05:00
Spencer McIntyre a32d4c2a20 Land #13875, CVE-2020-8010 & CVE-2020-8012 2020-07-31 09:08:36 -04:00
stealthcopter 10e591ae24 Randomized exploit filenames 2020-07-30 17:35:30 +01:00
stealthcopter f424887536 Using upload_and_chmodx function and linting 2020-07-30 17:04:45 +01:00
gwillcox-r7 b6bce114ea Add in further edits to the library code to remove the possiblity of dangling handles and also update the module code accordingly. 2020-07-30 10:45:19 -05:00
Spencer McIntyre a7274afd46 Add an optional delay when executing PSExec commands 2020-07-30 09:45:22 -04:00
Tim W 0b513d6c51 remove debug logging from the kernel exploit 2020-07-30 18:10:26 +08:00
Tim W 277d7dcff2 add debug logging to javascript exploit 2020-07-30 17:38:59 +08:00
gwillcox-r7 2ef43ab7d0 Land #13920, CVE-2020-1147 SharePoint Deserialization RCE 2020-07-29 16:10:32 -05:00
gwillcox-r7 17c26b098b Ninja edit to make sure that if we fail to authenticate to the server, we return CheckCode::Unknown rather than CheckCode::Safe 2020-07-29 16:08:51 -05:00
Spencer McIntyre 4fa657d6eb Fix a bunch of documentation typos and minor code cleanups 2020-07-29 16:30:44 -04:00
Spencer McIntyre a886177b96 Land #13837, Add FreeBSD ip6_setpktopt Use-After-Free Privilege Escalation module 2020-07-29 15:40:47 -04:00
Spencer McIntyre 7af4297e86 Add the exploit for CVE-2020-1147 2020-07-29 11:58:38 -04:00
Shelby Pace 18b5ddbfdc Land #13891, add Baldr file upload rce 2020-07-28 17:20:21 -05:00
Shelby Pace 768d104f12 randomize os, delete payload 2020-07-28 17:19:26 -05:00
Shelby Pace 99cf54977f rubocop 2020-07-28 16:48:32 -05:00
Shelby Pace c79c9fc280 reverse xor arguments 2020-07-28 16:47:35 -05:00
Ege Balcı 26f869f860 Update modules/exploits/multi/http/baldr_upload_exec.rb 2020-07-28 11:07:46 +03:00
Ege Balcı fb745f78cc Update modules/exploits/multi/http/baldr_upload_exec.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-07-28 10:53:16 +03:00
Ege Balcı 5d49367726 Update modules/exploits/multi/http/baldr_upload_exec.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-07-28 10:52:37 +03:00
Ege Balcı fef9a23692 Update modules/exploits/multi/http/baldr_upload_exec.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-07-28 10:51:03 +03:00
h00die 5a40c6dc00 move config_changes 2020-07-27 15:35:05 -04:00
Tim W 79adcf7904 Add module for iOS 7.1.2 2020-07-27 15:05:31 +08:00
stealthcopter f4ae295572 added autocheck mixin 2020-07-26 10:10:13 +01:00
Matthew Rollings be1fa2ae95 Update modules/exploits/linux/local/docker_privileged_container_escape.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2020-07-26 09:44:51 +01:00
Matthew Rollings 0533167418 Update modules/exploits/linux/local/docker_privileged_container_escape.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2020-07-26 09:44:38 +01:00
Matthew Rollings ce22c58a1d Update modules/exploits/linux/local/docker_privileged_container_escape.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2020-07-26 09:44:21 +01:00
Matthew Rollings 140bf04d87 Update modules/exploits/linux/local/docker_privileged_container_escape.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2020-07-26 09:44:07 +01:00
Brendan Coles 95b99ce5cf Use Msf::Exploit::Remote::AutoCheck 2020-07-26 08:04:37 +00:00
Brendan Coles 476281d4bd Use Msf::Post::Unix.is_root? 2020-07-26 08:04:37 +00:00
Brendan Coles fbc77f7576 Add FreeBSD ip6_setpktopt Use-After-Free Privilege Escalation module 2020-07-26 08:04:37 +00:00