adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

35981 Commits

Author SHA1 Message Date
Spencer McIntyre 6f4aa55022 Land #15816, GitLab Unauth Command Injection 2021-11-03 16:57:57 -04:00
Jake Baines 4b7c5acc5b Changed qx delimiter to # and added it to badchars. Defaulted to a staged payload 2021-11-03 10:51:37 -07:00
Jake Baines 116e2b0c1d Enabled use of cmdstager::flavor printf. Tested against a CentOS install. Updated docs. Default to MeterpreterTryToFork and enabled autocheck 2021-11-03 08:49:09 -07:00
kalba-security f778f5f00a add cleanup, add new info and warning messages, update docs, small improvements 2021-11-02 19:58:16 -04:00
Jake Baines beb30f2b6a Expanded cmdstager flavors. Removed bad variable name 2021-11-02 12:01:36 -07:00
Jake Baines 10bb77ea4b Addressed a wide variety of spelling and formatting issues. Added a reference. Registered TARGETURI. Randomized the image payload in check. Added additional options information to documentation. 2021-11-02 09:50:06 -07:00
space-r7 0681c8780e Land #15761, add pie-register code exec 2021-11-02 09:17:50 -05:00
Spencer McIntyre 278d940fee Update the Python exploit code to fix a bug 2021-11-02 10:10:18 -04:00
adfoster-r7 79314e6006 Land #15782, Add CVE-2002-0422 Coverage to iis_internal_ip Auxiliary Module 2021-11-02 13:31:34 +00:00
Jake Baines 3aadb6000b Initial version of CVE-2021-22205 GitLab Unauth RCE 2021-11-02 01:46:51 -07:00
h00die 46c2d343bd duplicator add check_plugin line 2021-10-29 17:22:12 -04:00
Christophe De La Fuente 43207ebf81 Land #15765, wordpress plugin bulletproofsecurity info disclosure (cve-2021-39327) 2021-10-29 18:33:51 +02:00
dwelch-r7 73e55fcaee Land #15665, Add Meterpreter compatibility metadata 2021-10-29 12:45:26 +01:00
h00die d0335ff2df working module 2021-10-28 22:45:07 -04:00
Spencer McIntyre 98528c8ba6 Fail over to default paths 2021-10-28 15:01:12 -04:00
Matthew Dunn becb54d5a5 Update username and password verification to detect improperly set attributes 2021-10-28 12:53:27 -04:00
Tim W 1b72d5c143 update payload cached sizes 2021-10-28 14:13:59 +01:00
Spencer McIntyre 1ca9f48266 Land #15783, Add Sophos UTM CVE-2020-25223 exploit 2021-10-28 09:00:08 -04:00
William Vu 78ebc89106 Improve sleep timeout using science 2021-10-27 22:49:41 -05:00
h00die d076127ca9 pulling values 2021-10-27 21:01:09 -04:00
William Vu 3c4bc600f7 Link to open() in perldoc 2021-10-27 19:31:03 -05:00
William Vu c419ca04bd Warn when LPORT isn't 443 2021-10-27 19:31:03 -05:00
William Vu 14421ed5f5 Refactor elapsed time calculation 2021-10-27 19:31:03 -05:00
William Vu 7bbf0305c0 Fix elapsed time calculation using monotonic clock 
Hat tip @adfoster-r7.
 2021-10-27 19:31:03 -05:00
William Vu 3f9b22dbb7 Add Sophos UTM CVE-2020-25223 exploit 2021-10-27 19:31:03 -05:00
Spencer McIntyre ae56ffa934 Initial exploit for CVE-2021-38648 2021-10-27 12:05:56 -04:00
Spencer McIntyre 21c45b3733 Update module metadata 2021-10-27 11:58:53 -04:00
Spencer McIntyre 60b17b5c6f Add the module docs for OMIGOD 2021-10-26 12:08:48 -04:00
Spencer McIntyre 33bacd2b20 Update references and add a check method 2021-10-26 10:35:13 -04:00
Spencer McIntyre e9582d1ddb Initial commit for CVE-2021-38647 2021-10-25 17:36:55 -04:00
Christophe De La Fuente 1befd545e3 Land #15558, add module to access a sessions filesystem in a browser 2021-10-25 18:37:42 +02:00
Tim W 86d1e3cb0a fix get_drives format 2021-10-25 17:30:47 +01:00
wvu 64654a3134 Merge branch 'master' into suitecrm_log_file_rce 2021-10-22 22:11:51 -05:00
M. Cory Billington e90a2a9274 Added CVE 2021-10-22 18:55:37 -05:00
Spencer McIntyre 7fc38d1b50 Land #15754, add apache2 path traversal modules 2021-10-22 12:40:57 -04:00
Spencer McIntyre ced61f989b Tweak the verbiage for clarity, update docs 2021-10-22 12:38:03 -04:00
h00die 1e9af10a21 pr review 2021-10-21 17:25:14 -04:00
Spencer McIntyre 5ac5a14a37 Land #15756, Add PoC for CVE-2021-31806 Squid DoS 2021-10-21 15:07:00 -04:00
RAMELLA Sébastien e449c2456b fix: traversal check logic... 2021-10-21 23:00:39 +04:00
Joshua Rogers f0eb43d99f Update modules/auxiliary/dos/http/squid_range_dos.rb 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2021-10-21 19:15:30 +02:00
Matthew Dunn b8672bd9e5 Fix missing info in update_info 2021-10-21 11:09:47 -04:00
Matthew Dunn bb17a20274 Address PR feedback in the module setup/documentation 2021-10-21 11:02:40 -04:00
adfoster-r7 adbe6070ab PR feedback 2021-10-21 11:02:09 +01:00
adfoster-r7 c0ba4bd619 Add kubernetes enum module 2021-10-21 11:01:25 +01:00
adfoster-r7 2f86b332f5 Land #15733, Add Module For Kubernetes Pod Authenticated Code Execution 2021-10-21 10:46:20 +01:00
Joshua Rogers 2a6f19f0f4 Final lintify 2021-10-21 10:24:00 +02:00
Spencer McIntyre a74730da68 Fix image name enumeration 2021-10-20 17:20:05 -04:00
Spencer McIntyre 1e1b1982b2 Improve image selection when creating a pod 
The module will now iterate over identified image names by default and
also allows an explicit image name to be specified using the new
PodImage advanced option.
 2021-10-20 15:52:23 -04:00
William Vu f270d3ef7a Comment path traversals 2021-10-20 14:16:46 -05:00
Joshua Rogers 095c02d363 Include CVE-2021-31807 proof-of-concept. Also remove excessive HTTP 
headers where possible.
 2021-10-20 21:01:48 +02:00