adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

35981 Commits

Author SHA1 Message Date
C4ssandre 8a3790f265 Adding process informations to hide notepad.exe when launching. 2020-12-07 21:38:30 -05:00
C4ssandre 46f59a76f0 Removing powershell payload serving method, and replacing it by just writing and executing in remote SYSTEM process. 2020-12-07 21:37:35 -05:00
h00die 4d36a107e6 reverse logic 2020-12-07 18:47:45 -05:00
Shelby Pace 30bf917075 Land #14401, add Windows support for consul rce 2020-12-07 16:21:36 -06:00
Shelby Pace 45ce738af7 add default payload for targets, run rubocop 2020-12-07 16:17:12 -06:00
Shelby Pace 8e1cab0131 Land #14339, add flexdotnetcms rce 2020-12-07 14:28:01 -06:00
Shelby Pace cd900a0507 fix comment 2020-12-07 14:27:07 -06:00
Spencer McIntyre 2a2694ef16 Apply rubocop changes and precompute the encryption key 2020-12-07 14:59:40 -05:00
Spencer McIntyre d208e441ba Update the documentation 2020-12-07 10:54:20 -05:00
Spencer McIntyre 811de07e7a Add logout functionality and cleanup HTTP session management 2020-12-07 10:41:42 -05:00
Spencer McIntyre b968cf9183 Cleanup the payload delivery mechanism 2020-12-07 09:40:29 -05:00
S3cur3Th1ssh1t 6c1ac7f9a2 Fix ssi template for some sharepoint versions 2020-12-07 14:34:09 +01:00
dwelch-r7 49a6b1b257 Remove requires that sneaked in while the PR was up 2020-12-07 11:02:10 +00:00
dwelch-r7 1617b3ec9b Use zeitwerk for lib/msf/core folder 2020-12-07 10:31:45 +00:00
William Vu c5d47532b0 Clarify sending username where password expected 2020-12-07 01:55:18 -06:00
William Vu d1f307324b Refactor exploit to use improved CheckModule 
And add AutoCheck.
 2020-12-07 01:35:13 -06:00
William Vu e5941cc4a8 Refactor aux/scanner/ssh/ssh_version for CheckCode 2020-12-07 01:35:13 -06:00
William Vu 4da3e37328 Remove unchanged offset 2020-12-07 01:35:13 -06:00
William Vu 4afb4562d9 Print on failure 2020-12-07 01:35:13 -06:00
William Vu 88f0fab6f4 Don't hardcode a stack address for the payload 2020-12-07 01:35:13 -06:00
William Vu 6b45552bda Swap target priority 2020-12-07 01:35:13 -06:00
William Vu bed3f9b41c Note VMware Player support 
Thanks to @bcoles for testing.
 2020-12-07 01:35:13 -06:00
William Vu 1cfcb9b351 Clarify Solaris version 
Hat tip @bcoles.
 2020-12-07 01:35:13 -06:00
William Vu d6c64865ea Add Solaris SunSSH PAM parse_user_name() exploit 
CVE-2020-14871
 2020-12-07 01:35:13 -06:00
alanfoster 835059f00c [CVE-2020-10977] Gitlab arbitrary file read to RCE 2020-12-07 01:26:54 +00:00
Grant Willcox a96a290d32 Land #14467, Add missing CheckCode::Unknown return code if the response object is empty to fix #14462 2020-12-06 01:25:17 -06:00
Grant Willcox 02ebe745d9 Improve the CheckCode::Unknown No Response error message to make it clearer to users 2020-12-06 01:24:51 -06:00
Grant Willcox e26d6ca683 Land #14458, Add auxiliary support to autocheck mixin 2020-12-05 23:54:41 -06:00
Brendan Coles eb7514d94d nimcontroller_bof: return CheckCode::Unknown if response is empty 2020-12-06 03:16:39 +00:00
cgranleese-r7 96c62aea20 Lands #14411 Fixes eternalblue-win8 to run only with python3 2020-12-05 14:22:32 +00:00
Brendan Coles 6cdb484d7c Add Aerospike Database UDF Lua Code Execution exploit 2020-12-05 14:15:22 +00:00
Brendan Coles 9bf532edd8 web_delivery: Add SyncAppvPublishingServer target 2020-12-05 06:24:55 +00:00
h00die b21fccebaa updates from review 2020-12-04 21:50:31 -05:00
Spencer McIntyre 7612845714 Add the initial Ruby port for CVE-2020-8260 2020-12-04 17:56:38 -05:00
h00die d989c44214 more updates 2020-12-04 13:29:31 -05:00
Grant Willcox 5961bf700d Land #14314, Pulse Secure Connect Client Credentials Gatherer 2020-12-04 10:04:43 -06:00
A Galway c83c21bcea additional string to byte conversions 2020-12-03 16:21:55 +00:00
Spencer McIntyre 2b48c4234c Land #14442, fix the session cookie for the Simple PHP Blog exploit 2020-12-03 08:47:20 -05:00
Quentin Kaiser e8ea9e56ee Print a status message when no credentials are found. 2020-12-03 10:19:56 +01:00
Quentin Kaiser c8f534e420 Merge branch 'enum_pulsesecure' of github.com:QKaiser/metasploit-framework into enum_pulsesecure 2020-12-03 10:12:54 +01:00
Quentin Kaiser 4f947ac2cb Properly close files that we open and properly capture file open error in get_username. 2020-12-03 10:12:33 +01:00
Alan Foster 76e967353e Add auxiliary support to autocheck mixin 2020-12-03 01:09:06 +00:00
bwatters 9abf199fbe Lands #14337, Ref #14336 : Fix Windows PingBack_Reverse_TCP Payload 
Merge branch 'land-14337' into upstream-master
 2020-12-02 16:39:19 -06:00
Quentin Kaiser 585bc99903 Proper return values 
Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com>
 2020-12-02 21:34:56 +01:00
Quentin Kaiser f4bb5f7e10 Uniform error handling applied to all functions interacting with 'session' object. 2020-12-02 20:51:29 +01:00
Quentin Kaiser 94af390649 Document Ruby construct that might be unclear to newcomers. 2020-12-02 20:43:39 +01:00
Quentin Kaiser dbd3f2e1bf Revert back on AutoCheck. 2020-12-02 20:42:05 +01:00
Spencer McIntyre a322647913 Change the cookie to PHPSESSID from my_id for the Simple PHP blog exploit 2020-12-02 10:09:05 -05:00
bwatters 5d7014bf39 Land #14298, Windows post-exploitation gather module - Memory dumping via Avast AvDump utility 
Merge branch 'land-14298' into upstream-master
 2020-12-02 08:30:38 -06:00
Quentin Kaiser bf0d4b4c3f Better regular expression for version line. 2020-12-02 10:05:17 +01:00