adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

35981 Commits

Author SHA1 Message Date
Christophe De La Fuente 00698d20bf Add waiting status message and update doc 2021-03-26 14:59:27 +01:00
Christophe De La Fuente b069fec866 Add module and doc for Saltstack Salt API wheel_async RCE 2021-03-26 13:54:06 +01:00
RAMELLA Sébastien c64b1b200e remove ClientID, seem useless 2021-03-26 16:37:08 +04:00
William Vu fb387d940d Land #14946, fail_with corrections for two modules 2021-03-26 01:51:14 -05:00
William Vu b517372e4d Fix sharepoint_ssi_viewstate, too 2021-03-26 01:32:46 -05:00
William Vu a6df15c8c2 Fix the rest of the optional method 2021-03-26 01:29:47 -05:00
sophosyaniv d74fe1d6d8 randomize output delimiters 2021-03-25 20:12:58 -07:00
Spencer McIntyre 006faaab9a Land #14924, Add auxiliary and exploit modules for CVE-2020-6207 in SAP Solution Manager 2021-03-25 17:48:56 -04:00
Rob V 748ff19ef4 attempt to please linting 2021-03-25 16:11:43 -04:00
kalba-security 122dbbea1e Add additional supported modules. Align results when printing in scanner. 2021-03-25 15:01:05 -04:00
Rob V 63ce27f4ca adding IGEL OS RCE module 2021-03-25 14:39:23 -04:00
Brian Halbach 1c3e2d145e Update modules/auxiliary/scanner/http/jira_user_enum.rb 
Co-authored-by: cdelafuente-r7 <56716719+cdelafuente-r7@users.noreply.github.com>
 2021-03-25 13:15:26 -05:00
kalba-security 6d1986e8ca Avoid mixing return types in login.rb 2021-03-25 14:13:55 -04:00
William Vu 0b8ac121d4 Fix fail_with usage in advantech_iview_unauth_rce 
Brain fart. Should be print_warning so as not to fail the session.
 2021-03-25 11:33:41 -05:00
Grant Willcox 784927a389 Land #14941, Force smb_relay module to use the Rex SMB client over ruby_smb 2021-03-25 10:55:07 -05:00
RAMELLA Sébastien 75041c5837 update proxylogon rce 2021-03-25 19:46:58 +04:00
kalba-security 16067d2801 Make sure to always call rce_check correctly 2021-03-25 11:24:25 -04:00
kalba-security 707f163e15 Avoid type mixing as much as possible, add other feedback from code review 2021-03-25 11:19:31 -04:00
Vladimir Ivanov 3b8f3620d2 Minor updates 
Updated action_exec in auxiliary module cve_2020_6207_solman_rce.rb
Updated execute_command in exploit module cve_2020_6207_solman_rs.rb
 2021-03-25 15:37:29 +03:00
Vladimir Ivanov 0487e451cf Updated payload 
Updated make_rce_payload, renamed get_agent_os to check_agent in lib sap_sol_man_eem_miss_auth.rb
Updated action_ssrf, action_exec in auxiliary module cve_2020_6207_solman_rce.rb
Updated execute_command, exploit in exploit module cve_2020_6207_solman_rs.rb
 2021-03-25 14:20:54 +03:00
Vladimir Ivanov 391e013d89 Removed var lhost, lport in exploit module cve_2020_6207_solman_rs.rb 
Changed fail reason if agent_name is nil in lib sap_sol_man_eem_miss_auth.rb
 2021-03-25 11:26:14 +03:00
bwatters 6505f9ccbd Land #14830, Adding FortiLogger 4.4.2.2 - Unauthenticated Arbitrary File Upload (CVE-2021-3378) 
Merge branch 'land-14830' into upstream-master
 2021-03-24 17:41:10 -05:00
bwatters 5394464932 Fix rubocop complaint 2021-03-24 17:38:11 -05:00
dwelch-r7 a69d76d7b5 Force smb_relay module to use the Rex SMB client over ruby_smb 2021-03-24 17:36:50 +00:00
Grant Willcox f01b434160 Land #14896, Fix apache_activemq_upload_jsp exploit module for Java 8 2021-03-24 10:22:03 -05:00
Vladimir Ivanov 924f7feb76 Updated Arch in the exploit module cve_2020_6207_solman_rs.rb 
Corrected by rubocop library sap_sol_man_eem_miss_auth.rb
 2021-03-24 16:26:01 +03:00
Vladimir Ivanov 66ce45d833 Added support for CmdStager in the exploit module cve_2020_6207_solman_rs.rb 2021-03-24 16:16:43 +03:00
Vladimir Ivanov d28bcdc821 Updated action_ssrf, action_exec in auxiliary cve_2020_6207_solman_rce.rb 2021-03-24 16:05:34 +03:00
Vladimir Ivanov 567f78c532 Update PAYLOAD_XML, check_response in lib sap_sol_man_eem_miss_auth.rb 
Delete class var agents in auxiliary and exploit modules
 2021-03-24 11:21:57 +03:00
Brian Halbach c2f0b2a862 Update modules/auxiliary/scanner/http/jira_user_enum.rb 
Co-authored-by: cdelafuente-r7 <56716719+cdelafuente-r7@users.noreply.github.com>
 2021-03-23 16:23:32 -05:00
Brian Halbach 3d3155c8b6 Update modules/auxiliary/scanner/http/jira_user_enum.rb 
Co-authored-by: cdelafuente-r7 <56716719+cdelafuente-r7@users.noreply.github.com>
 2021-03-23 16:23:02 -05:00
Grant Willcox a77e7390d2 Land #14933, Update metasploit_payloads-mettle gem to 1.0.7 2021-03-23 16:06:43 -05:00
Vladimir Ivanov 8c7a483f6e Delete analyze_error in exploit module cve_2020_6207_solman_rs.rb 2021-03-23 23:59:48 +03:00
Vladimir Ivanov 6aba44c4d5 Delete analyze_error in auxiliary module cve_2020_6207_solman_rce.rb 2021-03-23 23:59:20 +03:00
Vladimir Ivanov 2c18435e6e Update pretty_agents_table in lib sap_sol_man_eem_miss_auth.rb 
Change output in auxiliary and exploit modules
 2021-03-23 23:00:34 +03:00
Vladimir Ivanov 4399fa73fc Update make_rce_payload, make_soap_body in lib sap_sol_man_eem_miss_auth.rb 
Update rce command in auxiliary module cve_2020_6207_solman_rce.rb
 2021-03-23 19:02:59 +03:00
Christophe De La Fuente 2dcd0fad04 Land #14860, Auxiliary/Exploit Scanner/Gather/RCE for Exchange ProxyLogon (CVE-2021-26855) 2021-03-23 13:10:15 +01:00
Vladimir Ivanov 0fae3f4805 Added conditions in options in auxiliary module cve_2020_6207_solman_rce.rb 2021-03-23 14:02:12 +03:00
Vladimir Ivanov d76224066f Rename option URIPATH to TARGETURI 2021-03-23 13:33:39 +03:00
Vladimir Ivanov 113dce79de Move lib/metasploit/framework/sap_solman/client.rb to lib/msf/core/exploit/remote/http/sap_sol_man_eem_miss_auth.rb 2021-03-23 13:20:27 +03:00
Christophe De La Fuente a6cd7c9b30 Rubocop update - JSON Unnecessary symbol conversion 2021-03-23 10:58:03 +01:00
Grant Willcox 90cc472bfe Land #14893, Updating avast_memory_dump.rb - Adding additional AVDump.exe file paths 2021-03-22 20:10:21 -05:00
btnz aa4bbcba8f Update emby_scan.rb 
added references
 2021-03-22 17:09:24 -07:00
btnz 5880fe33a4 Update emby_scan.rb 
removed version, added disclosure date
 2021-03-22 17:02:06 -07:00
btnz 05744a2d22 Update emby_scan.rb 
Description Updated
 2021-03-22 16:56:50 -07:00
Tim W ae322abbdf update payloads cached size 2021-03-22 21:49:50 +00:00
Spencer McIntyre 88eaf43989 Land #14920, Add Advantech iView CVE-2021-22652 exploit 2021-03-22 17:01:34 -04:00
RAMELLA Sébastien 37b0552803 last code review before land 2021-03-22 23:20:40 +04:00
William Vu 4dc860cce3 Update Spencer credit 2021-03-22 14:14:12 -05:00
Spencer McIntyre 8605fe4529 Use POST for the check method and write the module docs 2021-03-22 15:04:21 -04:00