adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

35981 Commits

Author SHA1 Message Date
Brendan Coles bdc2041c83 Add Klog Server authenticate.php user Unauthenticated Command Injection 2021-02-12 17:07:52 +00:00
dwelch-r7 f6c3de5732 Land #14733, Add latest Rubocop rules 2021-02-12 16:18:13 +00:00
Spencer McIntyre 01593f21b4 Add the Ubuntu 19.04 target for CVE-2021-3156 2021-02-12 10:06:47 -05:00
Spencer McIntyre 20067d183e Use single quotes for escaping arguments consistently 2021-02-12 08:59:38 -05:00
Alan Foster bed7ae2c78 Add latest rubocop rules 2021-02-12 13:31:51 +00:00
Spencer McIntyre f31c7846d2 Escape shell arguments even more thoroughly 2021-02-11 12:25:28 -05:00
Christophe De La Fuente 88eaf97e79 Land #14607, Updates for Exchange ECP DLP Policy Exploit 2021-02-11 15:15:34 +01:00
Brendan Coles 9cbf25347e Land #14708, safari_proxy_object_type_confusion: Add offsets: 10.13.1 + 10.13.2 
Add offsets for OSX 10.13.1 and 10.13.2
 2021-02-11 13:17:53 +00:00
Tim W 40dd113d3b fix whitespace 2021-02-11 12:43:47 +00:00
Tim W 0ab4213630 use & disown 2021-02-11 12:26:27 +00:00
Tim W c5ba97100f fix osx shell_to_meterpreter to use python reflection 2021-02-11 11:38:43 +00:00
Spencer McIntyre 944e8d572d Register missing files for cleanup 2021-02-10 18:05:20 -05:00
Spencer McIntyre 6562f309ce Handle whitespace in the target path 2021-02-10 17:40:42 -05:00
Spencer McIntyre 8757eb33fe Add an automatic target that uses version fingerprinting 2021-02-10 16:16:33 -05:00
Spencer McIntyre 1f5f086c5e Updates for the Exchange ECP DLP Policy RCE module to randomize data 2021-02-10 15:00:39 -05:00
Spencer McIntyre b9dd1b927b Randomize the path to the library that's loaded 2021-02-10 08:45:52 -05:00
Christophe De La Fuente 85b7e85d0b Land #14671, Micro Focus Multiple Products Authenticated RCE (CVE-2020-11853) 2021-02-09 18:24:57 +01:00
Pedro Ribeiro 9881512833 Update modules/exploits/multi/http/microfocus_obm_auth_rce.rb 
Co-authored-by: cdelafuente-r7 <56716719+cdelafuente-r7@users.noreply.github.com>
 2021-02-09 14:18:47 +07:00
dwelch-r7 7fbbe23426 Remove more requires that were missed before 2021-02-08 14:51:58 +00:00
k0pak4 c3ba13fe6b Add reference to blog post 2021-02-08 09:25:51 -05:00
dwelch-r7 b95be3ed10 Zeitwerk rex folder 2021-02-08 12:24:12 +00:00
Spencer McIntyre b4dd46a8de Land #14721, sudo_baron_samedit: Add target: Debian 10 x64, sudo v1.8.27, libc v2.28 2021-02-05 16:01:58 -05:00
Shelby Pace fc8ed5ba4e Land #14154, use prepend autocheck 2021-02-05 12:22:38 -06:00
Shelby Pace 606c6561a0 remove manual ForceExploit check in emacs_movemail 2021-02-05 12:15:44 -06:00
Tim W f3eafc22a2 Land #14685, linux/x64/shell_bind_tcp_random_port improvements 2021-02-05 17:14:50 +00:00
adfoster-r7 b3da14e66b Land #14669, ensure selected cracker is available and viable 2021-02-05 16:24:59 +00:00
Brendan Coles cfda83df99 sudo_baron_samedit: Add target: Debian 10 x64, sudo v1.8.27, libc v2.28 2021-02-05 07:54:34 +00:00
bwatters 434c54da33 Land #14715, CVE-2021-3156 Sudo LPE (AKA: Baron Samedit) 
Merge branch 'land-14715' into upstream-master
 2021-02-04 11:06:30 -06:00
Shelby Pace 87af571107 Land #14578, add wp abandoned cart sqli 2021-02-04 10:56:12 -06:00
Shelby Pace 4c4df29f25 change vulnerable version number 2021-02-04 10:50:13 -06:00
Spencer McIntyre 504865d507 Add a target for Ubuntu 18.04 and setgid and setuid by default 2021-02-04 10:45:00 -05:00
Spencer McIntyre 7281d00938 Implement feedback from PR review 2021-02-04 09:25:40 -05:00
Spencer McIntyre c33c08bae9 Add a check method using the version information 2021-02-03 18:16:13 -05:00
Spencer McIntyre c590d7b1bb Add module docs and be more permissive with Length formatting 2021-02-03 18:16:13 -05:00
Spencer McIntyre 117cdc4fd7 Populate module metadata and cleanup files 2021-02-03 18:16:13 -05:00
Spencer McIntyre b9413b4103 Update the exploit C code to allocate it's own PTY 2021-02-03 18:16:13 -05:00
Spencer McIntyre 13dd9ac10e Initial work on CVE-2021-3156 2021-02-03 18:16:13 -05:00
cgranleese-r7 3a2932b798 Migrate old uses of manual autocheck to use the new prepend autocheck 2021-02-02 10:15:46 +00:00
noncenz f91f6ccbfe Add module Redis extractor 
Add new module and documentation
 2021-02-01 18:36:49 -05:00
Jeffrey Martin 2db217aac8 remove action set no longer required 2021-02-01 14:16:13 -06:00
Tim W 4a68ef17fd update mettle payload cached sizes 2021-02-01 11:50:35 -05:00
RAMELLA Sébastien 846f5be936 fix. rubocop -a. 2021-02-01 10:25:18 +04:00
RAMELLA Sébastien f21e3c2386 fix. typo. 2021-02-01 09:55:56 +04:00
Pedro Ribeiro 90f8c1f7b9 add tested for 2019.11 too 2021-01-30 21:54:48 +07:00
Geyslan G. Bem ab307fbd87 payload/x64: shell_bind_tcp_random_port improvement 
This patch reduces the payload to 52 bytes while preserving its functionality
using coordinated xchg instructions.
It also guarantees dup2 call without garbage in rax.

Signed-off-by: Geyslan G. Bem <geyslan@gmail.com>
 2021-01-29 16:58:14 -03:00
k0pak4 d7197d723a Add back in verify=False on service verification 2021-01-29 13:29:26 -05:00
Grant Willcox 90d9a5dcff Land #14682, Fix msftidy warnings 2021-01-29 11:30:52 -06:00
Brian Halbach 93e27b55ab Add user credential reporting to modules/auxiliary/scanner/http/jira_user_enum.rb 
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com>
 2021-01-29 11:16:03 -06:00
Grant Willcox a8b1bf17d0 Land #14593, OneDrive Sync Targets Enumeration Module 2021-01-29 10:20:01 -06:00
Alan Foster 91febcb194 Fix msftidy warnings 2021-01-29 16:19:13 +00:00