adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

35981 Commits

Author SHA1 Message Date
Shelby Pace 6958f18e52 Land #14532, fix cmd_exec error in android capture 2020-12-22 14:51:54 -06:00
Grant Willcox 4a449f97d3 Land #14522, Replace hard-coded Shiro default key with ENC_KEY 2020-12-22 09:26:49 -06:00
Grant Willcox 7d0cb771a5 Apply RuboCop updates to module. 2020-12-21 17:31:24 -06:00
Grant Willcox 24e8aeffe5 Incorporate review feedback and update the associated documentation. 2020-12-21 17:29:21 -06:00
Grant Willcox 2c66beac17 Land #14429, Create shodan_host.rb, a module to grab ports from a given IP using Shodan 2020-12-21 15:58:17 -06:00
Grant Willcox 12277d3020 Apply RuboCop changes to the exploit module and also make final adjustments to the exploit code to handle some edge cases and fix review comments 2020-12-21 15:26:48 -06:00
Brendan Coles 87a80afeb7 post/android/capture/screen: Use Msf::Post::Common mixin 2020-12-20 11:17:39 +00:00
C4ssandre 57c57a398d Adding new check to filter out Windows 7 and Windows XP. Indeed, lab experiments has shown that BITS does not attempt to connect to WinRM port, making those systems not vulnerable. 2020-12-19 02:51:48 +01:00
Spencer McIntyre 11faafa4e9 Land #14474, Wordpress 2-day: easy-wp-smtp arbitrary wordpress user password reset 2020-12-18 17:07:46 -05:00
Spencer McIntyre 764efbeac3 Fixup a typo, an unnecessary statement and clarify a statement 2020-12-18 17:07:16 -05:00
h00die 3cb39c2fca Land #14497, wordpress uplicator plugin arbitrary file read 2020-12-18 17:05:40 -05:00
Christophe De La Fuente dc6b67f4c6 Land #14509, Fixes for Solr RCE 2020-12-18 21:51:06 +01:00
h00die bee11c7d6e add cve 2020-12-18 15:32:35 -05:00
h00die 9e6d20a83c create aggressive mode and some review 2020-12-18 15:30:45 -05:00
adfoster-r7 28bcad82c8 Land #14528, Note that Meterpreter now requires Windows XP SP2 or newer 2020-12-18 16:50:34 +00:00
RAMELLA Sébastien 0e07269c3f change parsing method 2020-12-18 11:31:52 +04:00
Spencer McIntyre 9b8b4621df Land #14368, Pulse Connect Secure gzip RCE: cve-2020-8260 2020-12-17 17:43:55 -05:00
Spencer McIntyre 43b1497cf6 Remove some debug info and mark bind payloads as being incompatible 2020-12-17 16:36:20 -05:00
Shelby Pace 4fb8cc06c0 Land #14517, capture stderr and use metasm 2020-12-17 15:13:44 -06:00
Spencer McIntyre 900c4367ec Note that Meterpreter now requires Windows XP SP2 or newer 2020-12-17 14:32:28 -05:00
adfoster-r7 e7ad339523 Land #14525, Eagerly load hrr_rb_ssh within reverse_ssh module 2020-12-17 16:42:51 +00:00
h00die a1702e8b53 rubocop and minor adjustments 2020-12-17 06:39:43 -05:00
James Lee be3a1eb9d6 Guard against empty response 2020-12-16 18:25:17 -06:00
Spencer McIntyre 87dacce2cd Land #14446, Add Oracle Solaris SunSSH PAM parse_user_name() exploit (CVE-2020-14871) 2020-12-16 16:01:32 -05:00
bwatters 222d510e44 Rubocop fixes 2020-12-16 13:59:47 -06:00
bwatters 7f4fac4548 Fix powershell issues and add comment because it is apparently magic 2020-12-16 13:57:02 -06:00
Alan Foster 00109a68be Eagerly load hrr_rb_ssh within reverse_ssh module 2020-12-16 16:55:15 +00:00
RAMELLA Sébastien 7e99025dd3 fix. remove call to eval and some minor change 2020-12-16 19:36:32 +04:00
Christophe De La Fuente a939704f9d Add an SNMPPORT options 2020-12-16 15:15:27 +01:00
Christophe De La Fuente 60bcc95edc Fix documentation 2020-12-16 15:15:27 +01:00
Christophe De La Fuente a6102bd8ac Make rubocop happy 2020-12-16 15:15:27 +01:00
Christophe De La Fuente 99d3f66271 Add authentication and refactor 2020-12-16 15:15:27 +01:00
Christophe De La Fuente 08f051e959 Apply rubocop 2020-12-16 15:15:27 +01:00
Christophe De La Fuente 56560c901b Add SpamTitan RCE module 2020-12-16 15:15:26 +01:00
Natto e4678b82c5 Update shodan_host.rb 2020-12-16 19:39:43 +08:00
RAMELLA Sébastien 483282b05e fix. spelling typo 2020-12-16 09:01:33 +04:00
kai 9be1e8c295 replace hard-coded shiro default key with SHIROKEY 2020-12-16 11:03:30 +08:00
Spencer McIntyre 941ba923f7 Add missing module notes 2020-12-15 19:58:04 -05:00
Spencer McIntyre 3d7ed70cec Tweak the check method and add module docs 2020-12-15 19:49:29 -05:00
Spencer McIntyre 289605f532 Require that the user know the CVE since the check is questionable 2020-12-15 19:17:35 -05:00
RAMELLA Sébastien e3178c48c4 add. fortios path traversal (cve-2018-13379) 2020-12-15 19:09:37 +04:00
Spencer McIntyre 9bdf591a98 Add a working command stager for CVE-2020-17530 2020-12-15 09:13:06 -05:00
Spencer McIntyre 7826cbb8de Initial addition of the Struts2 Double Eval exploit 2020-12-15 09:13:06 -05:00
Tim W 8c7bffa229 fix #14516, fix stderr output in osx/x64/shell_reverse_tcp 2020-12-15 00:05:42 +00:00
Tim W bc4dc2df15 convert osx/x64/shell_reverse_tcp to Metasm 2020-12-15 00:04:05 +00:00
Tim W c7ca0e4ef5 Fix #14510, fix reverse_awk and bind_awk exit behavior 2020-12-14 17:10:07 +00:00
Tim W fd36ac6e24 convert bind_awk and reverse_awk payloads to squiggly heredoc 2020-12-14 16:09:10 +00:00
Tim W 9c47803609 increase wfsdelay 2020-12-14 14:54:54 +00:00
Tim W 7af996ae4c add offsets 2020-12-14 14:54:54 +00:00
Tim W a30cdfc892 Fix #14254, Add CVE-2020-1054, win32k DrawIconEx OOB Write LPE 2020-12-14 14:54:54 +00:00