adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

18316 Commits

Author SHA1 Message Date
Spencer McIntyre 4c004d51a7 Add an exploit for CVE-2020-0618 2020-03-06 16:21:37 -05:00
Spencer McIntyre c75780350e Land #13038, clean up the socket when checking 2020-03-06 13:00:42 -05:00
Christophe De La Fuente e5f2b48274 Ensure client is disconnected when leaving the check method 2020-03-06 17:38:37 +01:00
kalba-security 8b778bffc0 Incorporate suggestions from code review 2020-03-06 15:50:34 +02:00
Alan Foster 3a046f01da Run rubocop -a on subset of files 2020-03-06 10:41:45 +00:00
Tim W 63f2da278d fix #7366, ignore the ssl cert on PHP web_delivery 2020-03-06 12:32:57 +08:00
William Vu 9840951f0d Land #12574, Chrome CVE-2019-5825 exploit 2020-03-05 13:44:40 -06:00
William Vu 87b8182131 Land #12384, Chrome CVE-2018-17463 exploit 2020-03-05 13:44:27 -06:00
Spencer McIntyre eb90bee4a7 Land #12863, add exploit for PHP-FPM Underflow RCE 2020-03-05 11:43:43 -05:00
dwelch-r7 4fe7678b01 Land #12910, Add exploit module for apache activemq traversal 2020-03-05 15:05:13 +00:00
dwelch-r7 c7ca43b585 reformat date to iso standard 2020-03-05 15:03:05 +00:00
Christophe De La Fuente 8d6468e725 Fix comments 2020-03-05 13:28:28 +01:00
airevan 630add538f set default index.php 2020-03-05 10:24:22 +08:00
bwatters-r7 4e8eefe4ee More structs.... 2020-03-04 15:20:39 -06:00
Shelby Pace 5698f6e51f Land #13003, add OpenSMTPD LPE module 2020-03-04 13:32:25 -06:00
kalba-security 633899402c Split up description 2020-03-04 17:02:34 +02:00
kalba-security a87a1ae1b4 Split up description 2020-03-04 16:57:36 +02:00
Adam Galway 83132dd733 Land #13008, module for Chrome 80 JScreate exploit 2020-03-04 14:49:59 +00:00
Tim W 9f55e4163f add documentation 2020-03-04 21:31:14 +08:00
Tim W 7f6f7fea3e add osx as a target 2020-03-04 13:37:19 +08:00
Tim 9f56867f6c Apply suggestions from code review 
Co-Authored-By: adamgalway-r7 <54621924+adamgalway-r7@users.noreply.github.com>
 2020-03-04 11:55:33 +07:00
William Vu 865d15975b Add automatic grammar selection by version number 2020-03-03 18:44:48 -06:00
William Vu 975eb742cb Add old grammar target and refactor check 2020-03-03 17:41:04 -06:00
William Vu 260aa0533a Add check method and reorder mixins for super 
Also fix copypasta'd vulnerable commit.
 2020-03-03 17:41:04 -06:00
William Vu c003b0d293 Add module notes 2020-03-03 17:41:04 -06:00
William Vu 498d01aaa3 Add OpenSMTPD CVE-2020-8794 LPE exploit 2020-03-03 17:41:04 -06:00
William Vu ba924b3047 Land #13014, Exchange ECP ViewState exploit 2020-03-03 17:23:17 -06:00
William Vu 4759f7d39d Check for nil res 2020-03-03 17:17:28 -06:00
William Vu 573b8302ec Fix missing var and change default target 2020-03-03 17:15:19 -06:00
Spencer McIntyre a4feaec188 Implement a check method for cve-2020-0688 2020-03-03 14:22:27 -05:00
kalba-security cd6c01ae9d Add suggestions from code review. 2020-03-03 20:17:13 +02:00
Spencer McIntyre 5574eaa591 Make a new .NET serialization lib 2020-03-03 10:41:59 -05:00
bwatters-r7 7acad12c3e Move mountpoint magic to library and add more code. 
Not yet there, but getting closer.  Needs some more cowbell.
 2020-03-02 19:53:31 -06:00
Shelby Pace 12faf3fad5 Land #12959, add eyes of network rce module 2020-03-02 15:22:51 -06:00
Shelby Pace c16edad4e6 add verify_api method, checks on data 2020-03-02 15:10:46 -06:00
William Vu cc974e7f25 Add module notes to my recent modules 2020-03-02 14:15:52 -06:00
Spencer McIntyre 167f1027c4 Address initial PR feedback 2020-03-02 12:21:24 -05:00
Spencer McIntyre b3867dc200 Finish up the cve-2020-0688 module 2020-03-02 10:51:25 -05:00
Brent Cook 0fd15cb9c1 Land #13007, add module description for binder_uaf 2020-03-01 20:23:21 -06:00
Spencer McIntyre 203b2486ae Commit some work on the module for a milestone 2020-03-01 11:07:32 -05:00
Tim W 196c354ede chrome 80 jscreate rce 2020-02-29 18:41:04 +08:00
Tim W dd35086e75 add module description to the binder_uaf module 2020-02-29 11:24:06 +08:00
William Vu e92b9ef97c Use AutoCheck mixin in OpenSMTPD CVE-2020-7247 
Also updates the check to be more precise. I had originally copied the
check method from the Morris worm Sendmail exploit:

220 simh Sendmail 5.51/5.17 ready at Wed, 18 Dec 85 11:14:07 PST

Note that there was no "ESMTP" string in 1985's Sendmail.
 2020-02-28 10:42:02 -06:00
Spencer McIntyre 29608d13bf Save some work before changing context 2020-02-28 08:30:59 -05:00
kalba-security f60f60db7f Set stance to aggressive to prevent the HTTPServer mixing from trying to make this a job 2020-02-28 13:01:51 +02:00
kalba-security 5ee7fcaf4a Add simple changes suggested in code review. 2020-02-28 12:14:38 +02:00
Spencer McIntyre c9d9d3af29 Figured out how to generate the viewstate 2020-02-27 21:57:08 -05:00
bwatters-r7 ea64a6225a First draft of CVE-2020-0668 2020-02-27 15:53:09 -06:00
kalba-security 99ed3afab3 Change filenames for consistency with existing modules 2020-02-27 17:08:23 +02:00
kalba-security 280d1767b4 Add Nagios XI < 5.6.6. exploit module and documentation 2020-02-27 16:58:15 +02:00