adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

35981 Commits

Author SHA1 Message Date
ahzam b0e3e95439 Minor Refactor: Remove unneccessary len(cookie) 2022-09-29 01:46:07 +05:00
Jack Heysel 379f303ea8 Land #17061, Mobile Mouse Server RCE 
This PR includes a module that uses default
configuration in Unified Remote to spawn a
run prompt and return a shell.
 2022-09-28 10:48:41 -04:00
bwatters e27dbd2787 Land #16794,Add exploit for CVE-2022-34918 
Merge branch 'land-16794' into upstream-master
 2022-09-27 16:37:52 -05:00
h00die a070cd3a76 remote mouse comments 2022-09-27 16:52:42 -04:00
h00die 391a27b08c remote mouse rce 2022-09-27 16:37:42 -04:00
h00die 547ab00a0e review comments 2022-09-27 14:51:03 -04:00
cgranleese-r7 8cbcc2f473 Land #17064, Fix beagent sha auth linting 2022-09-27 16:50:23 +01:00
cn-kali-team 2b9ca50261 CONFIG_PATH 2022-09-27 23:39:54 +08:00
adfoster-r7 a05606ff33 Fix beagent sha auth linting 2022-09-27 16:23:05 +01:00
bwatters 3170eac829 Land #16981, enum_domain_tokens: Cleanup and fix group member retrieval 
Merge branch 'land-16981' into upstream-master
 2022-09-27 09:47:34 -05:00
adfoster-r7 2388f7e6c4 Land #17054, Fix Adapted Single (Unstaged) Payloads 2022-09-27 11:54:04 +01:00
adfoster-r7 c436f42c8c Land #16994, Fix Multiple Registry Related Issues 2022-09-27 11:43:02 +01:00
cn-kali-team 990f45295c fix x64 2022-09-27 08:39:35 +08:00
h00die bd586962e3 add check method 2022-09-26 17:51:07 -04:00
h00die acba21a899 mobile mouse server exploit 2022-09-26 15:56:06 -04:00
h00die 61f576d3e1 mobile mouse server exploit 2022-09-26 15:45:42 -04:00
h00die 11a21737bc move print statement 2022-09-23 17:57:40 -04:00
Grant Willcox a48c2d9e72 Land #17033, hikvision password reset via inproper authorization logic - CVE-2017-7921 2022-09-23 15:01:04 -05:00
Grant Willcox 0908006466 Land #16985, wifi mouse rce - CVE-2022-3218 2022-09-23 14:46:49 -05:00
Grant Willcox 828cdb8862 Fix a typo 2022-09-23 14:20:18 -05:00
Grant Willcox b62f163696 Update documentation on module and exploit a little more to make things a bit clearer 2022-09-23 14:08:18 -05:00
Grant Willcox 2958a43a6a Update to reflect fact that bug is an improper authentication logic bug and to randomize password for auth parameter since it is ignored 2022-09-23 12:19:29 -05:00
Jack Heysel 2b5e85cd27 Land #17012, Veritas Backup Agent RCE 
This module exploits a chain of the vulnerabilities CVE-2021-27876,
CVE-2021-27877 and CVE-2021-27878 in Veritas Backup Exec Agent which
leads to remote code execution with privileges of system or root user
 2022-09-23 12:31:46 -04:00
Grant Willcox edc37835e5 Add more nil checks in, update some of the check code to catch an edge case, update notes to account for indicators of compromise, and fix some extra issues noticed on second round of review 2022-09-23 09:38:35 -05:00
Grant Willcox 9abe1649ff Sanitize XML data prior to adding it to the XML POST request and also change the ID option to an integer from a string to match expectations 2022-09-23 09:38:35 -05:00
Grant Willcox 3ca34568c2 Clean up some of the documentation and module code and descriptions 2022-09-23 09:38:12 -05:00
h00die-gr3y 37caf6dae5 removed exploit information from info section 2022-09-23 09:38:11 -05:00
h00die-gr3y a4a12d06bc improved error handling 2022-09-23 09:38:10 -05:00
h00die-gr3y 5ed7ff7f52 init commit module and documentation 2022-09-23 09:38:05 -05:00
bcoles 5531e3dcab Msf::Post::Windows::ExtAPI: Remove load_extapi method 2022-09-23 17:41:20 +10:00
c0rs 425d58dd15 fix check methos output in Veritas BE rce 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2022-09-23 09:46:52 +03:00
c0rs 04c897dbeb Fix description info Veritas BE RCE 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2022-09-23 09:45:18 +03:00
c0rs a8210bfe70 add autocheck to veritas BE RCE 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2022-09-23 09:44:39 +03:00
adfoster-r7 5e2a6c9dba Land #17015, improve http login result checks 2022-09-23 01:28:59 +01:00
space-r7 dd11156922 add new reference to bitbucket module 2022-09-22 16:14:18 -05:00
Jeffrey Martin 96d291121b use model validator instead of setup check 2022-09-22 14:49:09 -05:00
Spencer McIntyre 83de0924f0 Move #generate_stage to #generate for singles 2022-09-22 12:55:41 -04:00
cgranleese-r7 c74f480177 Land #17049, enum_domain_group_users module clean up 2022-09-22 17:51:12 +01:00
Redouane NIBOUCHA 8b601c9b17 If ForceExploit is set, skip calling module_check 2022-09-22 17:33:24 +02:00
Niboucha Redouane 93cad400e8 Update error message if the kernel offsets are not supported 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2022-09-22 17:28:36 +02:00
cgranleese-r7 0029628db8 Land #17051, wmic_command module cleanup 2022-09-22 16:17:33 +01:00
Jack Heysel 12f3325f3e Land #16732, VIDIdial Multiple SQLi 
This PR adds a module which exploits several
authenticated sqli in VICIdial
 2022-09-22 10:47:42 -04:00
bcoles ce48afd0db wmic_command: Cleanup 2022-09-23 00:25:13 +10:00
cgranleese-r7 50685161ef Allow user_id to be configurable in ticket forging 2022-09-22 14:18:17 +01:00
bcoles 9eab7eadab enum_domain_group_users: Cleanup 2022-09-22 17:05:19 +10:00
bcoles eef42884e0 enum_tokens: Cleanup 2022-09-22 12:04:24 +10:00
h00die 6d608ea41e vicidial sqli module docs update 2022-09-21 16:57:18 -04:00
h00die 32402c0e6d wifi mouse doc updates 2022-09-21 16:35:08 -04:00
Spencer McIntyre 415383b48d Land #17042, Add exploit for CVE-2022-36804 2022-09-21 13:07:32 -04:00
space-r7 8d2b182c7b add cmd stager flavors and bad characters 2022-09-21 10:54:32 -05:00