adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

35981 Commits

Author SHA1 Message Date
Geyslan G. Bem 8e0d6d2675 payloads/x64: exec.rb metasm, refactoring 
This patch converts shellcode to metasm and make it more efficient, resulting
in its size being reduced to 37 bytes + CMD length.

Signed-off-by: Geyslan G. Bem <geyslan@gmail.com>
 2021-04-09 21:50:18 -03:00
Grant Willcox 64dcf49311 Land #15017, Update tomcat ghost module with default ports 2021-04-09 16:30:23 -05:00
Grant Willcox 608ac3a0b7 Update module description to clean it up and also add documentation for uncommon options 2021-04-09 16:09:02 -05:00
Rob V 1ba22f9b0c leveraging Udp mixin for version check 2021-04-09 15:21:38 -04:00
Spencer McIntyre 63e438e992 Bump RubySMB and add a simple check method 2021-04-09 14:44:27 -04:00
Rob V 3ecd97f8bc using Rex::Version over more manual process 2021-04-09 14:39:32 -04:00
Rob V ffcec1f3b4 adding comment header 2021-04-09 14:16:20 -04:00
Spencer McIntyre f9e632231b Update module metadata for SMBGhost 2021-04-09 14:15:11 -04:00
Spencer McIntyre dd9936ae84 Add SMBGhost RCE module docs 2021-04-09 14:15:11 -04:00
Spencer McIntyre d8bed16d4d Refactor constants into a proper target hash 2021-04-09 14:15:11 -04:00
Spencer McIntyre c4055f348c Restructure and refactor the kernel mode shellcode 2021-04-09 14:15:11 -04:00
Spencer McIntyre 8b3381a901 Initial commit of the CVE-20202-0796 exploit 2021-04-09 14:15:05 -04:00
Grant Willcox 0588672415 Land #15020, Update mettle payloads to 1.0.9 2021-04-09 12:33:32 -05:00
Shelby Pace a36030bcb7 add AutoCheck and usage of TARGETURI option 
remove CheckCmd from docs
 2021-04-09 12:08:25 -05:00
Grant Willcox 2f6cb9b707 Land #14997, x64/shell_bind_tcp_random_port: rip one byte off 2021-04-09 11:06:58 -05:00
robvinson 85176f4385 style change using unless instead of if not 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-04-09 09:17:58 -05:00
robvinson c913762077 move privileged from false to true 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-04-09 09:16:49 -05:00
je5442804 352fedcca0 Improved 2021-04-09 19:50:43 +08:00
Christophe De La Fuente e48ebe6659 Update haserl_read module documentation (again) 
- Add CVE and Ref.
- Add fixed version
 2021-04-09 13:24:49 +02:00
Alan Foster c7635296a1 Update mettle payloads to 1.0.9 2021-04-09 12:09:47 +01:00
Christophe De La Fuente 586d033909 Land #14833, haserl-based exploit for Alpine linux 2021-04-09 13:07:47 +02:00
je5442804 69b62cee3a Update modules/exploits/linux/http/apache_druid_js_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-04-09 08:31:38 +08:00
je5442804 58f14a3219 Update module-send_request 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-04-09 08:31:25 +08:00
je5442804 afb263bcba Update description 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-04-09 08:27:30 +08:00
Tim W 7c575cd38f Land #15007, add a chrome renderer exploit (CVE-2020-16040) 2021-04-08 22:18:20 +01:00
Tim W 53b739277a do location.reload() if exploit fails 2021-04-08 21:21:06 +01:00
Tim W 8019eda667 fix 0x2000 shellcode limit 2021-04-08 21:17:40 +01:00
Tim W bd32f686bc remove dataview allocation 2021-04-08 21:17:01 +01:00
Tim W 6b86f6c881 remove 0x150 shellcode limit 2021-04-08 21:06:15 +01:00
Tim W c12f098c45 cosmetic fixes 2021-04-08 20:54:54 +01:00
Alan Foster 8814218f20 Update tomcat ghost module with default ports 2021-04-08 10:29:09 +01:00
Shelby Pace 926f051377 Land #14978, add Gitea and Gogs exploit modules 2021-04-07 13:44:43 -05:00
Christophe De La Fuente 1dfdb619a9 Update from code review 
- Set RPORT default value to 3000
- Use ternary operator
 2021-04-07 19:40:59 +02:00
cgranleese-r7 893de0c45c Land #14987, Update RbMysql to the most recent version 2021-04-07 13:29:43 +01:00
Adam Cammack 6096d0f135 Remove superfluous default_cred? methods 2021-04-07 06:12:25 -05:00
gianpyc 58855af6c6 KOFFEE first commit. This module exploits the Arbitrary Code Execution vulnerabilty (CVE-2020-8539) 2021-04-07 05:33:53 -04:00
adfoster-r7 258b9d3e28 Land #14998, Change CVE references from CVE Details to NVD 2021-04-07 10:10:55 +01:00
Christophe De La Fuente 6a5529c7cc Land #14965, Solman post module for CVE-2019-0307 and new action for cve_2020_6207_solman_rce auxiliary module 2021-04-07 09:46:56 +02:00
Vladimir Ivanov 690e687e7e Updates from code review 
Update modules/post/multi/sap/smdagent_get_properties.rb
Update modules/auxiliary/admin/sap/cve_2020_6207_solman_rce.rb
Update documentation for auxiliary module cve_2020_6207_solman_rce.md
Update documentation for post module smdagent_get_properties.md
Move setup_xml_and_variables to `run` method in auxiliary module cve_2020_6207_solman_rce.rb
Delete list_dir, read_file, file_exist in post module smdagent_get_properties.rb
 2021-04-06 21:23:39 +02:00
dwelch-r7 c267a7fc2d Fix issue with Rex::Proto::NTP namespacing 2021-04-06 14:45:11 +01:00
rajvardhan agarwal b1c5afc55b fix rubocop warning 2021-04-06 18:46:07 +05:30
rajvardhan agarwal c23a69dcaf Make suggested changes 2021-04-06 18:43:26 +05:30
rajvardhan agarwal 1088557ce9 fix rubocop warning 2021-04-06 17:51:23 +05:30
rajvardhan agarwal cb0319c849 fix rubocop warning 2021-04-06 17:41:05 +05:30
rajvardhan agarwal c863c324ae Add exploit for CVE-2020-16040 2021-04-06 17:25:27 +05:30
dwelch-r7 aa3bc792b7 Land #14991, Fix crash in ntp protocol fuzzer 2021-04-06 12:06:09 +01:00
William Vu 4020813b42 Correct broken or redundant CVE references 2021-04-05 13:06:50 -05:00
Shelby Pace cfc6b0a8ba Land #14971, add Apache OFBiz SOAP Deser rce 2021-04-05 11:44:40 -05:00
Shelby Pace a803e1e932 remove spare comma 2021-04-05 09:33:20 -05:00
je5442804 76f89dc4d4 Update apache_druid_js_rce.rb 2021-04-04 21:36:53 +08:00