adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

18316 Commits

Author SHA1 Message Date
gwillcox-r7 135d90e1dc Land #13628, Fix dead link in postgres_payload.rb 2020-06-16 09:30:51 -05:00
Adam Galway 2c4d158086 Land #13170, Blind RCE exploit for Zivif Cameras 2020-06-16 13:05:35 +01:00
Adam Galway 4eba47f421 Land #13303, Arista TACAS+ Shell Escape 2020-06-16 12:49:05 +01:00
Silas Cutler 801ae57f12 Update zivif_ipcheck_exec.rb 
Removed single space at the end of line 44
 2020-06-15 23:13:20 -04:00
Silas Cutler 5f29af114b Added documentation and set default payload 2020-06-15 15:51:28 -04:00
Silas Cutler c01595799e Removed +x flag on zivif module 2020-06-15 15:05:58 -04:00
kalba-security b5ad7a8511 Use session_created, update documentation 2020-06-15 13:37:59 -04:00
kalba-security 8bc35859ff Remove comment left from testing 2020-06-15 13:22:06 -04:00
kalba-security 546dcdbeef Add register_file_for_cleanup 2020-06-15 13:13:52 -04:00
silascutler 7787cc171e Fixed tab/space problem and unmarked file executable 2020-06-15 16:37:05 +00:00
kalba-security f0255e3c81 Fix atutor_filemanager_traversal credentials checks and clean up code 2020-06-15 12:15:00 -04:00
silascutler 79a4e73b69 Updated to use current epoch time in HTTP request and removed trailing whitespace 2020-06-15 15:31:27 +00:00
Silas Cutler c27ebf25ba Update modules/exploits/unix/http/zivif_ipcheck_exec.rb 
Co-authored-by: adamgalway-r7 <adam_galway@rapid7.com>
 2020-06-15 11:10:01 -04:00
Shelby Pace 1cb57a7e79 Land #13444, add GOG Galaxy Client Privesc 2020-06-15 08:53:12 -05:00
Shelby Pace 21ccb229b2 rubocop changes 2020-06-15 08:48:51 -05:00
Shelby Pace 34366ea680 add notes, finish check 2020-06-15 08:36:32 -05:00
Pedro Ribeiro dad6f0a007 Update modules/exploits/multi/scada/inductive_ignition_rce.rb 
Co-authored-by: cdelafuente-r7 <56716719+cdelafuente-r7@users.noreply.github.com>
 2020-06-15 16:16:09 +07:00
Pedro Ribeiro 0688b27247 Update modules/exploits/multi/scada/inductive_ignition_rce.rb 
Co-authored-by: cdelafuente-r7 <56716719+cdelafuente-r7@users.noreply.github.com>
 2020-06-15 16:16:02 +07:00
Pedro Ribeiro 6b71c1930e Update modules/exploits/multi/scada/inductive_ignition_rce.rb 
Co-authored-by: cdelafuente-r7 <56716719+cdelafuente-r7@users.noreply.github.com>
 2020-06-15 16:15:54 +07:00
SecurityBytesMe d4fb1be83a Update check code for arista_tacacs_shell.rb 2020-06-14 15:13:30 -07:00
SecurityBytesMe ffc49ccf83 General cleanup 2020-06-14 15:10:41 -07:00
SecurityBytesMe 34e3e3c9e8 Removal of Exploit:: on CheckCode 2020-06-14 15:06:42 -07:00
SecurityBytesMe ff402ea9ac applied linting and cleaning return checks 
rubocop and msftidy applied
modified check return codes
 2020-06-14 14:55:43 -07:00
mdisec a0740f4698 Add trend micro websecurity rce 2020-06-14 20:33:46 +03:00
Alexandre ZANNI 2027b17b6e postgres_payload: fix deadlink 
Replace the original link (dead) by the cached version in web archive.
 2020-06-14 16:39:46 +02:00
kalba-security e4351d37b8 Add ATutor 2.2.4 directory traversal / RCE module and docs 2020-06-12 16:02:00 -04:00
Shelby Pace f7f711674a remove cmd target 2020-06-12 14:28:39 -05:00
h00die 4702d87684 cleanup 2020-06-12 10:46:44 -04:00
Pedro Ribeiro 815a7c8185 fix typo 2020-06-12 12:59:31 +07:00
l0ss 49eb1efd40 Base64 enc payload to bypass escaping quotes etc. 
The second step (POST with payload) of this module wasn't working as-written as the server was escaping out quotes etc.

Added b64 decoding/encoding to injected code in step 1 and step 2 payload to bypass server-side escaping of quotes etc.
 2020-06-12 13:44:00 +08:00
Pedro Ribeiro dc19dc96d2 Rename ignition_automation_rce.rb to inductive_ignition_rce.rb 2020-06-12 11:30:36 +07:00
Pedro Ribeiro 4ad9f5543e Create ignition_automation_rce.rb 2020-06-12 11:19:42 +07:00
Niboucha Redouane 083d986dce Undo formatting changes to existing modules 2020-06-11 19:15:17 +02:00
dwelch-r7 10bb17d8fd Land #13374, Fix encoding bug 2020-06-11 12:30:12 +01:00
gwillcox-r7 0bf5a1b5ec Add in AutoCheck as per @wvu-r7's recommendation 2020-06-11 00:59:22 -05:00
gwillcox-r7 0eed09e8bd The wisdom of le @wvu-r7 has shown that CheckCode(Reason) is the way to go. Lets use this :) 2020-06-11 00:55:39 -05:00
gwillcox-r7 6171c0b6fc Redo some of the messages in the module so we get more feedback on where we are in exploitation process, and shorten wait time for job 2020-06-11 00:31:07 -05:00
gwillcox-r7 d716580ffa Fix up the module to fix a Nil reference issue, and to prefer session.shell_command_token() over cmd_exec() due to weird errors in latter 2020-06-10 23:45:47 -05:00
gwillcox-r7 d71a92c121 Rubocop fully fleshed out version of the check method 2020-06-10 22:48:20 -05:00
gwillcox-r7 553c9bf032 Finally fleshed out a full version of the check method 2020-06-10 22:46:26 -05:00
Shelby Pace 1b57c7f68d add dropper target 2020-06-10 22:01:06 -05:00
gwillcox-r7 5cd8abe3df Initial attempts to add a check method 2020-06-10 20:37:20 -05:00
h00die aec1f77b70 wip 2020-06-10 20:42:22 -04:00
Niboucha Redouane ecb1a0bb16 add test_vulnerable to MySQLi class, and fix minor issues with the test modules 2020-06-10 21:59:51 +02:00
gwillcox-r7 276eacccbc Add AttackerKB assessment link 2020-06-10 11:02:57 -05:00
gwillcox-r7 f0388a4e39 Minor info update to trigger a rebuild and reword some stuff 2020-06-10 11:02:57 -05:00
gwillcox-r7 94b27ce582 Fix up DisclosureDate formatting 2020-06-10 11:02:56 -05:00
gwillcox-r7 e6b07556f7 Fix up Rubocop errors and some spacing fixes 2020-06-10 11:02:56 -05:00
gwillcox-r7 773e63f286 Fix a bug which would prevent allowing support for wow64 targets unless the WindowsCoreDeviceInfo.dll file already existed on the system 2020-06-10 11:02:56 -05:00
gwillcox-r7 7753c41fe0 Remove more duplicate code and further optimize some things 2020-06-10 11:02:55 -05:00