adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

35981 Commits

Author SHA1 Message Date
bwatters 6f17088e33 Fix some linting 2023-12-20 16:44:49 -06:00
Jack Heysel eeb74cd5e1 Updated metadata 2023-12-20 16:49:45 -05:00
Jack Heysel e3062d45e0 Module working docs updated 2023-12-20 16:41:52 -05:00
jvoisin fc66cd1522 Improve a bit glibc_tunables_priv_esc 
- Fix some typos
- Add a check via `readelf` should `file` not be available
- Add a message before launching the exploit, since it might take some time to finish.
 2023-12-20 20:59:47 +01:00
n00bhaxor a31de9eb05 Adding Splunk Info Disclosure module. 2023-12-20 14:07:50 -05:00
Christophe De La Fuente fb26c93291 Land #18541, Glibc Tunables Privilege Escalation CVE-2023-4911 (Looney Tunables) 2023-12-20 20:04:21 +01:00
Jack Heysel 77fb5d02b2 Fixed up indentation and rubocop complaints 2023-12-20 13:16:32 -05:00
jheysel-r7 342492557d Apply suggestions from code review 2023-12-20 13:09:13 -05:00
jheysel-r7 6a16602a08 Apply suggestions from code review 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2023-12-20 13:08:33 -05:00
Christophe De La Fuente 7ca256560d Land #18542, Vinchin Backup & Recovery Command Injection 2023-12-20 18:56:50 +01:00
Balgogan 9c9af0dca1 Fix statement 2023-12-20 01:51:19 +01:00
h00die 1e374403ec better check for vmon 2023-12-19 19:01:45 -05:00
Balgogan 22a05c8bf5 Add CVE-2023-50917 2023-12-20 00:43:00 +01:00
Spencer McIntyre 3ac9c0c38a Patch in the theme version to the MSStyles file 2023-12-19 17:05:01 -05:00
Jack Heysel d65ceb9abc Rubocop 2023-12-19 13:54:23 -05:00
Jack Heysel b86df4820c Responded to comments from jvoisin 2023-12-19 13:50:09 -05:00
jheysel-r7 96241f509a Apply suggestions from code review 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2023-12-19 13:18:45 -05:00
Jack Heysel 065abf6b92 Rubocop, doc scenario update 2023-12-19 12:30:02 -05:00
Jack Heysel 44b4b3b5bc Update version parsing 2023-12-19 12:16:17 -05:00
Jack Heysel 4e61596e7a Check Build ID before running exploit 2023-12-19 12:15:35 -05:00
Jack Heysel e858628292 Execute python payload in memory 2023-12-19 00:46:11 -05:00
Jack Heysel 549ee43df9 Update docs description minor comments 2023-12-19 00:32:21 -05:00
Jack Heysel c6a6809700 Updated attribution 2023-12-18 19:41:49 -05:00
Jack Heysel c895364675 Initial commit, files created 2023-12-18 19:26:14 -05:00
Christophe De La Fuente 45d2c7f4e0 Land #18566, CVE-2023-22518: Confluence Auth Bypass Restore From Backup RCE 2023-12-18 18:51:36 +01:00
h00die-gr3y 5d7cf90521 Some minor changes to the module and documentation 2023-12-18 08:23:16 +00:00
h00die 5e30328268 move options 2023-12-17 15:24:56 -05:00
h00die 6b376b9156 move options 2023-12-17 15:24:16 -05:00
Gaurav Jain e9ff2e55dc Remove useless include of Report mixin in psnuffle.rb 2023-12-17 22:53:19 +05:30
h00die-gr3y 0641839e69 Added documentation and removed debug info 2023-12-17 13:10:18 +00:00
Gaurav Jain a58f7f0558 Minor fixes to modules to use report_cred 2023-12-16 23:40:30 +05:30
h00die-gr3y db099f8f4c Third release of module 2023-12-16 16:06:05 +00:00
h00die 02302439a0 saltstack salt minion deployer 2023-12-16 10:13:46 -05:00
h00die c911ec1413 ansible collection 2023-12-16 07:16:26 -05:00
adfoster-r7 c1186be67d Land #18622, Update PetitPotam For New Windows Servers 2023-12-15 19:22:09 +00:00
Spencer McIntyre 8d344a921d Cleanup the tree and pipe 2023-12-15 13:40:55 -05:00
Spencer McIntyre 0023e19e57 Update petitpotam to use the refactored module 2023-12-15 11:50:33 -05:00
Spencer McIntyre 6bc3e1eb9a Update DCERPC to authenticate for newer targets 
Newer versions of Windows require the inner DCERPC connection to also be
authenticated. The prior version of the petitpotam module used Rex and
did not provide this authentication. Switching to RubySMB exposes this
functionality and allows the module to work on the latest versions of
Windows.
 2023-12-15 10:02:35 -05:00
Jack Heysel df111afb06 Glibc Tunables Exploit 2023-12-14 18:28:43 -05:00
Jack Heysel c1459df10f Check method improvement 2023-12-14 12:42:23 -05:00
jheysel-r7 a14b28e941 Update modules/exploits/multi/http/atlassian_confluence_unauth_backup.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2023-12-14 11:55:48 -05:00
h00die-gr3y d00249f083 Second release with manual cleanup of php* files 2023-12-14 12:57:07 +00:00
sjanusz-r7 7d37c017fe Register RHOST for ssh_identify_pubkeys 2023-12-13 17:00:19 +00:00
ErikWynter e946d78993 Add opennms_horizon_authenticated_rce exploit 2023-12-13 18:03:56 +02:00
Kevin Joensen 5de0e4e234 Update modules/exploits/windows/http/prtg_authenticated_rce_cve_2023_32781.rb 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2023-12-13 14:30:00 +01:00
Kevin Joensen 52a23e3afb Update modules/exploits/windows/http/prtg_authenticated_rce_cve_2023_32781.rb 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2023-12-13 14:29:49 +01:00
h00die 1749fa1e50 store module loot 2023-12-13 07:37:24 -05:00
h00die 8eefea76ce puppet post gather module 2023-12-13 07:12:17 -05:00
bwatters 95eb4cc304 Pull in changes from Spencer's branch, but not the Gemfile changes. 2023-12-12 10:09:13 -06:00
bwatters 3534181067 rename file 2023-12-12 10:09:13 -06:00