adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

35981 Commits

Author SHA1 Message Date
Heyder Andrade 891387885b Fixed typos 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2022-02-15 08:47:50 +01:00
Heyder Andrade bbb66eba55 Fixed typos 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2022-02-15 08:47:26 +01:00
Heyder Andrade acfc7348c3 Fixed typos 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2022-02-15 08:47:10 +01:00
Heyder Andrade c935bc6388 Update modules/exploits/multi/php/ignition_laravel_debug_rce.rb 
Fix typos

Co-authored-by: Brendan <bwatters@rapid7.com>
 2022-02-15 08:46:25 +01:00
Heyder Andrade 2e73469b6b Update modules/exploits/multi/php/ignition_laravel_debug_rce.rb 
Fix typos

Co-authored-by: Brendan <bwatters@rapid7.com>
 2022-02-15 08:46:02 +01:00
Jake Baines 5ac3330802 Initial commit of Axis camera app install exploit 2022-02-14 17:54:18 -08:00
Grant Willcox a7ace66b3f Use send_request_cgi and update options to use HttpUsername and HttpPassword accordingly. This simplifies code. Also update documentation accordingly 2022-02-14 18:19:00 -06:00
Grant Willcox c49591cf11 Add in changes to use targets array as per Spencer's suggestion so we can now spawn Meterpreter shells. Also remove ACCOUNT_LOCKOUTS and fix a call that should have been .get_xml_document 2022-02-14 17:38:10 -06:00
Jeffrey Martin af3fa09896 refactor smtp delivery to support continuation 
When dealing with SMTP servers the communication needs to flow
a known protocol. To ensure the socket is in the correct state
after a send and receive it needs to be read until a line return
a response code followed by a `space` and additional data and `\r\n`
or the response code immediately followed by `\r\n` is returned.
 2022-02-14 16:55:49 -06:00
Grant Willcox c8f63e30cb Fix minor issues from review 2022-02-14 14:15:17 -06:00
Tim W 098a82a9d0 cleanup and encode shellcode 2022-02-14 11:21:32 +00:00
Tim W 14fbbff00b initial commit of CVE-2020-26950 2022-02-14 10:36:19 +00:00
h00die 392ed7e9a8 change wp_modern_events_calendar check method 2022-02-13 15:50:24 -05:00
h00die e1b933e0a8 change wp_registrationmagic check method 2022-02-13 15:40:57 -05:00
h00die 864ce9471f wp_secure_copy sqli 2022-02-13 15:04:17 -05:00
Pedro Ribeiro 5e738309f9 add shellcode comment 2022-02-14 02:24:59 +07:00
Spencer McIntyre 683d4ac471 Add support for staged python command payloads 2022-02-13 12:03:08 -05:00
Tim W a13ae3882b Land #16174, fix specifying the mode on File.read for ruby 3 on multiple modules 2022-02-13 12:08:13 +00:00
Tim W 65453a1bfa Land #16076, add meterpreter session type support to post/osx/gather/hashdump 2022-02-13 11:46:49 +00:00
alanfoster 395ab1d77e Specify mode rb on file reads 2022-02-12 21:39:12 +00:00
Pedro Ribeiro 99e2cfdab4 correct CVE number 2022-02-13 01:15:10 +07:00
Dhiraj Mishra 3f2d6b6c22 adding authors and removing C exploit reference 2022-02-12 11:52:23 +04:00
bwatters 74521c8ced Update check for supported CentOS, Ubuntu, and Debian Targets 2022-02-11 20:30:05 -06:00
Grant Willcox 058bb33458 Merge me. More Rubocop updates 2022-02-11 17:28:16 -06:00
Grant Willcox 1a3f161ec0 Remove extra comments, randomize an additional parameter, update target section with affected versions 2022-02-11 17:26:42 -06:00
Grant Willcox 862b057277 Fix up RuboCop issues 2022-02-11 14:18:25 -06:00
Grant Willcox 4c1b2478fa Add in exploit and documentation 2022-02-11 13:58:56 -06:00
space-r7 db00991f26 Land #16150, add nagios xi web shell upload 2022-02-11 11:45:06 -06:00
usiegl00 72a0732009 Update ShadowMitmDispatcher to reduce ip lookups 
The ShadowMitmDispatcher must be initialized with an interface, mac, and
ip address as keyword arguments. This prevents dispatchers from
retrieving the same network configuration multiple times.
 2022-02-11 22:35:40 +09:00
Pedro Ribeiro 963a8e7b0d add sploit for Cisco RV340 SSL VPN 2022-02-11 16:42:08 +07:00
Jake Baines e1da95243f Always clean up the created job 2022-02-10 17:39:07 -08:00
Heyder Andrade ca62a05ce1 Clenup and check strategy 
- Removed else statements from check in favor of implicit return
- Added comment explaining the check strategy (to be less intrusive)
 2022-02-11 00:30:31 +01:00
Heyder Andrade d1764b2e75 Update option name 
Update option name from LOGPATH to LOGFILE to become more intuitive.
 2022-02-11 00:00:19 +01:00
Heyder Andrade df53a62cc9 Making reason from failures more descriptives 
Cases
[x] User defined wrong log file
    [-] Exploit aborted due to failure: unexpected-reply: Log file
/var/www/log.log seems doesn't exit
[x] module doesnt detect the log file
    [-] Log file does not exist /var/www/storage/logs/laravel.log
    [-] Exploit aborted due to failure: bad-config: Log file is
required, however it was defined nor it was not automatically detecte
[x] site doesnt respond with error, module unable to find the log
directoy
    [-] Unable to automatically find the log file. To continue set
LOGPATH manually
    [-] Exploit aborted due to failure: bad-config: Log file is
required, however it was defined nor it was not automatically detected
[x] site with debug mode false
    [-] Exploit aborted due to failure: not-vulnerable: The target is
not exploitable. "set ForceExploit true" to override check result
 2022-02-10 23:40:49 +01:00
talhak08 69314786e0 OptString to OptBool 2022-02-10 23:35:55 +03:00
talhak08 c5157935c4 CheckCodes and Failures fixed 2022-02-10 22:30:04 +03:00
Heyder Andrade 719e71648c Change Vulnerable to Appear in the check method 
As we can't determine with certainly whether the target is vulnerable the check method should return appear instead of vulnerable.

Co-authored-by: Simon Janusz <85949464+sjanusz-r7@users.noreply.github.com>
 2022-02-10 20:08:36 +01:00
talhak08 1ad54ba48d The documentation edited and the defanged mode fixed 2022-02-10 21:13:31 +03:00
talhak08 76e63d3474 Fixed the defanged mode. 2022-02-10 20:34:03 +03:00
talhak08 22564a5cdc Fixed the typo. 2022-02-10 20:29:19 +03:00
talhak08 e80ebdde66 Fixes according to the recommendations 2022-02-10 20:26:10 +03:00
bwatters 9635fde12d Add support and templates for aarch64 targets 2022-02-10 10:49:02 -06:00
Grant Willcox 5431d3d0f6 Add in initial check method code 2022-02-09 20:12:41 -06:00
Jake Baines e18492a88a Update modules/exploits/linux/http/nagios_xi_autodiscovery_webshell.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2022-02-09 15:35:38 -05:00
Heyder Andrade cc52850ff0 Fix coding style offenses. 2022-02-09 21:30:17 +01:00
Heyder Andrade da1bc1f6d1 Change exploit Rank. Add AutoCheck. Remove custom timeout on request cgi. 2022-02-09 21:19:10 +01:00
space-r7 2e2bad0a98 Land #16147, improve ssh_enumusers user list gen 2022-02-09 12:48:05 -06:00
Jake Baines 0a78dd78ec Used suggested method for defining user webshell, used suggested depth configuration, and used vars_get in a couple of places 2022-02-08 18:20:03 -08:00
bwatters d1ba43e4c8 Remove hard-coded values 2022-02-08 16:00:20 -06:00
bwatters 65ebeafacc Use the supplied directory 2022-02-08 16:00:19 -06:00