adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

35981 Commits

Author SHA1 Message Date
Christophe De La Fuente c08f1971cc Land #18040, Fix Python's payload issue with Windows 2023-06-08 18:28:07 +02:00
Grant Willcox a1e930397a Land #18072, Add CVE-2023-1133 - .NET Deserialization exploit for Delta Electronics InfraSuite Device Master 2023-06-08 08:42:07 -05:00
h00die-gr3y 0bcd930f61 Updated NAS model and version check 2023-06-08 09:12:45 +00:00
h00die-gr3y b3b0cb4ccf Updates based on space-r7 comments 2023-06-08 07:39:44 +00:00
manishkumarr1017 6030f75b1a fixing indentation for shell reverse tcp payload 2023-06-08 06:52:33 +05:30
manishkumarr1017 d454e23aa0 decoding bytes from all python payloads 2023-06-08 06:44:37 +05:30
Shelby Pace 3bc145c02c Update modules/exploits/windows/misc/delta_electronics_infrasuite_deserialization.rb 
Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com>
 2023-06-07 16:42:01 -05:00
h00die e3bcc9ac08 rocketmq version scanner 2023-06-07 17:29:53 -04:00
Grant Willcox 5b39eaafc1 Land #18074, Fix exception handling in gitlab_github_import_rce_cve_2022_2992 module 2023-06-07 14:52:21 -05:00
Grant Willcox 23451260af Land #18064, Add support for beta and prerelease versions to grafana_plugin_traversal 2023-06-07 14:33:31 -05:00
Grant Willcox b923b0c8c3 Add in a typo fix 2023-06-07 11:34:00 -05:00
Grant Willcox ffbd690a33 Add in ability to support detecting preview versions 2023-06-07 11:25:51 -05:00
space-r7 8f6b421dc1 add non-capture group 2023-06-07 10:52:58 -05:00
Christophe De La Fuente 82c8b5418e Land #17936, PaperCutNG Authentication Bypass with RCE 2023-06-07 15:05:51 +02:00
Christophe De La Fuente f88cb3b847 Land #18039, gitlab file read CVE-2023-2825 2023-06-07 13:07:54 +02:00
h00die-gr3y 46fcdb76d5 Updates based on jvoisin comments 2023-06-07 08:27:55 +00:00
h00die 4950cb3424 review adjustments 2023-06-06 16:24:38 -04:00
space-r7 2fcd97f5ef close socket 2023-06-06 14:37:58 -05:00
space-r7 102a32c87b add SCREEN_EFFECTS and akb assessment 2023-06-06 14:12:21 -05:00
Christophe De La Fuente 451735ad15 Fix exception handler & add doc 2023-06-06 17:43:22 +02:00
cgranleese-r7 18ddd72285 Update jenkins login scanner to work with newer versions 2023-06-06 11:54:55 +01:00
attl4s a34c3cf055 linted - all offenses addressed 2023-06-06 09:07:57 +02:00
h00die-gr3y 3e6ae74886 init commit module 2023-06-06 07:07:36 +00:00
space-r7 a12b58df22 add cmdstager usage, description, and metadata 2023-06-05 17:38:27 -05:00
Ashley Donaldson 61539ac260 Fix VBS stager in shell_to_meterpreter. 2023-06-06 07:23:58 +10:00
Grant Willcox 0d094f8645 Land #17917, shell_to_meterpreter: Support using bind payloads with PAYLOAD_OVERRIDE 2023-06-05 13:36:30 -05:00
Grant Willcox d029b26b4f Land #18062, Created mixin to retrieve the architecture of the current shell. 2023-06-05 12:58:57 -05:00
h00die-gr3y 00e39eb540 updated CMD stager order 2023-06-05 14:54:31 +00:00
Jeffrey Martin 4e91a4e93d refactor archer_c7_traversal as gather module 
* Update modules landed as a scanner into a more appropriate category.
* Adds a check method based on TP-link default `TITLE` html.
* Rename module consistent with existing exploit.
 2023-06-05 09:07:11 -05:00
ErikWynter ba3d6dc0f9 fix typo in print statement from original module 2023-06-05 16:21:00 +03:00
ErikWynter 12f59d54df print the full version to the console 2023-06-05 15:49:06 +03:00
ErikWynter c5ff96fdfe grafana_plugin_traversal bugfix 2023-06-05 15:40:27 +03:00
h00die-gr3y 07def1c9f0 init commit module 2023-06-05 11:19:42 +00:00
Ashley Donaldson 795980260b Created mixin to retrieve the architecture of the current shell. 
Currently only supports Windows, but does work on Win2000 upwards.
 2023-06-05 11:10:53 +10:00
RadioLogic ed5eeea2e6 Added a lot of vprints 2023-06-02 21:13:30 -04:00
RadioLogic e743edb933 Fixed instance of no groups 2023-06-02 21:13:10 -04:00
RadioLogic 3dcfaac0de Removed use of manual binary in platform check 2023-06-02 21:12:05 -04:00
RadioLogic e2d56c02c4 Added use of sysinfo for getting OS 2023-06-02 21:11:41 -04:00
RadioLogic 3af89850dd Added faulire for shell not existing 2023-06-02 21:11:02 -04:00
RadioLogic c2a48cde7c Added post module to cleanly add new users 2023-06-02 19:11:16 -04:00
space-r7 1c5f8e09c8 add check method and new options 2023-06-02 17:59:04 -05:00
h00die 8f3325bcf8 move gitlab_auth_subgroups to gahter instead of scanner 2023-06-02 18:06:44 -04:00
Spencer McIntyre 734e0b099e Land #18018, Add in CVE-2023-29084 
Add in CVE-2023-29084 - Zoho ManageEngine ADManager Plus ChangePasswordAction
Authenticated Command Injection
 2023-06-02 12:14:43 -04:00
bwatters 1e9d286c77 Land #18044, Add MIPS64 Linux Fetch Payloads 
Merge branch 'land-18044' into upstream-master
 2023-06-02 10:53:43 -05:00
Grant Willcox 7728e1e2fb Add in new library function for escaping PowerShell literals 2023-06-02 10:22:56 -05:00
Grant Willcox 617aff5a43 Fix up supported payloads and remove nonused parameter 2023-06-02 09:48:03 -05:00
Grant Willcox f7d2cdae56 Add in ability to restore settings n documentation changes. 
Previously there was not the ability to restore the server proxy setting.
This updates the code to do so. Additionally this also updates the documentation
to note that Fetch payloads are incompatible with this module since they
use HTTP connections that will be impacted by this module changing the server's
HTTP proxy settings. There is no way around this.
 2023-06-02 09:48:03 -05:00
Grant Willcox 965311d09e Fix documentation and fix bug in creating PARMS value 2023-06-02 09:48:02 -05:00
Grant Willcox 6e89f9b275 Address review comments 2023-06-02 09:48:02 -05:00
Grant Willcox 3ab4173d6c Fix up base64 encoder to properly quote strings - credit to @smcintyre-r7 for the fix 2023-06-02 09:48:02 -05:00