adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

35981 Commits

Author SHA1 Message Date
Jack Heysel b112aae55c Rubocop offense 2021-05-14 17:44:08 -05:00
Jack Heysel fab3a9afc8 Added wfsdelay, updated docs 2021-05-14 17:44:07 -05:00
Jack Heysel addc1ad601 Replace shelled usoclient call with uso_trigger 2021-05-14 17:44:07 -05:00
Jack Heysel 5640dac24d Fixed sc command, updated check method, moved tokenmagic.ps1 2021-05-14 17:44:07 -05:00
Jack Heysel ca637be0c9 Fixed powershell script, updated authors 2021-05-14 17:44:06 -05:00
Jack Heysel 1eab94cc26 beta draft 2021-05-14 17:43:44 -05:00
bwatters 8792febcf8 Land #15190, Add Exploit For CVE-2021-21551 (Dell DBUtil_2_3 IOCTL) 
Merge branch 'land-15190' into upstream-master
 2021-05-14 13:55:12 -05:00
adfoster-r7 ac2c467121 Land #15011, Enhance analyze command API to understand modules' needs 2021-05-14 14:30:33 +01:00
Spencer McIntyre d990e884af Add and test even more targets 2021-05-13 17:27:58 -04:00
Spencer McIntyre eb89550f85 Clear up some target offset discrepancies 2021-05-13 16:06:15 -04:00
Grant Willcox ad266b4348 Update documentation to clear a few things up and add in additional checks to module to check the file exists and is readable before using it 2021-05-13 13:39:39 -05:00
pingport80 baabd0265f update docs and add a check 2021-05-13 13:39:32 -05:00
pingport80 e475eaa7bd add formatting option back and update docs 2021-05-13 13:39:19 -05:00
pingport80 854b6a4be4 update telegram/send_message to support multiple chat_ids and document 2021-05-13 13:38:50 -05:00
pingport80 b3bd0ee03f add send_document module and docs 2021-05-13 13:38:41 -05:00
Spencer McIntyre 7d841a0f79 Add a target for Windows 7 x64 2021-05-13 14:24:15 -04:00
Spencer McIntyre 4825407d21 Add a target for Windows 8.1 x64 2021-05-13 12:56:47 -04:00
Alan Foster 100da2f1b1 Enforce Style/RedundantBegin for new modules 2021-05-13 04:01:03 +01:00
Spencer McIntyre 477749f77f Refactor the code to be reusable and add docs 2021-05-12 16:36:17 -04:00
Spencer McIntyre d3de52da59 The exploit is now functional for Win10 v1803-20H2 2021-05-12 16:14:59 -04:00
adfoster-r7 1a321e3cc1 Land #15164, Converts Cockpit CMS to use new CookieJar API 2021-05-12 19:25:47 +01:00
Alan Foster 5a0360228f Update cockpit cms module 2021-05-12 17:20:31 +01:00
Grant Willcox 5290549cac Land #15185, Add CVE-2021-22204 ExifTool ANT perl injection 2021-05-11 16:41:44 -05:00
Grant Willcox 23bab9405a Land #15175, Change depreciated URI::encode call to URI::encode_www_form_component within rejetto_hfs_exec 2021-05-11 11:21:50 -05:00
Justin Steven acd79d41b7 Appease rubocop 2021-05-11 12:11:22 +10:00
Justin Steven fa73c0af3e Add CVE-2021-22204 ExifTool ANT perl injection 2021-05-11 12:02:12 +10:00
Grant Willcox b9d45af201 Land #15167, Ensure Adobe Sandbox Collab Sync session types is an array 2021-05-10 10:52:55 -05:00
Debjeet Banerjee 54dbedf181 URI.escape is obsolete and needs to be updated 
The current code results in the following error :
```
[*] Started reverse TCP handler on 192.168.1.105:4444 
[*] Using URL: http://0.0.0.0:8080/o6wYorU
[*] Local IP: http://192.168.1.105:8080/o6wYorU
[*] Server started.
[*] Sending a malicious request to /
/usr/share/metasploit-framework/modules/exploits/windows/http/rejetto_hfs_exec.rb:110: warning: URI.escape is obsolete
/usr/share/metasploit-framework/modules/exploits/windows/http/rejetto_hfs_exec.rb:110: warning: URI.escape is obsolete
[*] Server stopped.
[!] This exploit may require manual cleanup of '%TEMP%\jsywNguEzNXZF.vbs' on the target
[*] Exploit completed, but no session was created.
```

This minor edit should fix it.
 2021-05-09 12:40:48 +05:30
Alan Foster 48697625da Ensure adobe sandbox collab sync session types is an array 2021-05-07 18:51:06 +01:00
Shelby Pace b9525c581d Land #15102, add GateKeeper Bypass exploit 2021-05-07 09:10:10 -05:00
A Galway a9859af870 prints all cookies instead of just one 2021-05-07 14:52:26 +01:00
A Galway bf02dea70f rubocop 2021-05-07 13:28:17 +01:00
A Galway ba6584f761 altered login & rce requests to use cookie_jar api 2021-05-07 13:11:17 +01:00
William Vu 637e9cff48 Update vmware_vrops_mgr_ssrf_rce documentation 2021-05-06 18:30:20 -05:00
Ashley Donaldson 278c6532d0 Implemented suggested changes. 
Download directly to loot directory.
 2021-05-07 09:28:31 +10:00
Tim W 4192e175d2 fix osx-app exe attributes 2021-05-06 18:20:32 +01:00
Ashley Donaldson 5dc8d0e684 Added automatic cleanup for exploit scripts that modify /etc/passwd 2021-05-06 21:50:03 +10:00
Ashley Donaldson 832813f057 If the exploit is completed but no session is created, tell the user if they have alternative exploits they could try. 2021-05-06 12:37:18 +10:00
Ashley Donaldson 422b6380eb Fix check against dumping own process 2021-05-06 09:34:30 +10:00
Ashley Donaldson a47b1af60b Added module to dump memory for processes, using Windows Meterpreter 2021-05-05 18:12:40 +10:00
Spencer McIntyre 00131a666c Land #15096, Add shell support for win checkvm 2021-05-04 17:32:05 -04:00
Tim W f2f631aef0 fix metadata 2021-05-04 20:55:17 +01:00
Shelby Pace 0b5ec2f643 Land #15138, idrac docs and improvements 2021-05-04 11:06:41 -05:00
Christophe De La Fuente 1b0f9519a6 Land #15030, GravCMS Unauthenticated Arbitrary YAML Write/Update RCE (CVE-2021-21425) 2021-05-04 14:23:16 +02:00
Ashley Donaldson 000546e551 Rubocop changes 2021-05-04 16:24:00 +10:00
Ashley Donaldson fbc291bc22 Tested on various other Fedora's 2021-05-04 14:18:16 +10:00
Ashley Donaldson a055e9a8b7 Land #11130, Added modules to steal Active Directory credentials 2021-05-04 11:35:38 +10:00
Ashley Donaldson 929197b85e Fix rubocop errors 2021-05-04 11:34:22 +10:00
Ashley Donaldson 2ac4eeb141 Check VAS configuration to find defined kerberos location. 
Also verify root prior to exploitation (gives better error message)
 2021-05-04 11:31:11 +10:00
Ashley Donaldson 7f89ac44ce Tested module on Fedora 25 
Also verify user does not already exist when adding a new user
 2021-05-04 10:38:28 +10:00