adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

35981 Commits

Author SHA1 Message Date
Grant Willcox e46611cffb Add in support for exploiting Fedora 32 with Linux kernel 5.10.12 2021-08-20 18:04:59 -05:00
Grant Willcox 75ae2b76f5 Add support for Fedora 32 Linux Kernel 5.9.8-100 and also fix an error where the wrong file was being used for Fedora 32 Linux Kernel 5.8.8. 2021-08-20 16:50:20 -05:00
Grant Willcox 5abf407228 Add support for Fedora 32 with Linux Kernel 5.8.8-200 2021-08-20 15:42:34 -05:00
Grant Willcox dd806a9d61 Add in support for Fedora 32 running kernel 5.7.11-200 2021-08-20 13:37:52 -05:00
sjanusz 8e00c5a188 Add default payload option to targets 2021-08-20 16:38:22 +01:00
Spencer McIntyre c47efcabfc Land #15556, Add shell support to enum_unattended 2021-08-19 17:40:51 -04:00
Grant Willcox b479cb61a4 Add in scenario for Ubuntu 20.04.02 LTS and show that its still working as expected 2021-08-19 15:05:03 -05:00
Grant Willcox 945004ed97 Fix up typo that was breaking the code and also fix RuboCop errors 2021-08-19 14:12:03 -05:00
Grant Willcox b60ad3ee26 Fix up mistakes I noticed whilst doing edits on the code as well as some mistakes identified during peer review 2021-08-19 13:55:54 -05:00
pingport80 406b152752 add shell support to enum_unattend module 
update registry operations

guard against nil when the unattendfile registry key is not present
 2021-08-19 23:39:18 +05:30
William Vu 31796c6236 Land #15561, ProxyShell exploit 2021-08-19 10:31:02 -05:00
William Vu 0a06730802 Update contributors 2021-08-19 10:30:21 -05:00
Spencer McIntyre 1519aef539 Land #15570, Fix smb enum gpp module 2021-08-19 09:20:38 -04:00
space-r7 a75b649cf3 Land #15546, properly store UUID URLs 2021-08-18 17:15:14 -05:00
Spencer McIntyre 84f8c44e69 Write to the targeted backend server 2021-08-18 12:34:40 -04:00
Spencer McIntyre 75e63992d6 Write an exploit for ProxyShell 2021-08-18 10:50:34 -04:00
adfoster-r7 d9baaed0ba Fix smb enum gpp module 2021-08-18 11:44:03 +01:00
Grant Willcox d5df47692c Add in first copy of the exploit along with the supporting source code and binaries. Documentation to come 2021-08-17 18:01:14 -05:00
A Galway 534ba9a7af splits jtr hash files, adds timeout & updates docs 2021-08-16 16:57:49 +01:00
William Vu 521ca14773 Add Lucee Administrator CVE-2021-21307 exploit 2021-08-16 10:09:34 -05:00
A Galway 89b7613d6a typos, errors handiling, & removes unused args 2021-08-16 13:27:00 +01:00
A Galway 9d20fbe014 msftidy 2021-08-16 12:29:48 +01:00
A Galway 08c732dbb5 improves documentation and placeholder comments 2021-08-13 17:53:00 +01:00
A Galway eb10ce8a3f rubocop cleanup 2021-08-13 17:22:37 +01:00
A Galway 8ce50af72d updates docs & adds in os reporting placeholder 2021-08-13 17:11:21 +01:00
Tim W 5acd0ee5d6 Fix #15480, fix IgnoreUnknownPayloads for stageless reverse_http payloads 2021-08-13 16:57:04 +01:00
Jack Heysel 5aa56b303a Land #15539, Fix cve_2018_8453_win32k_priv_esc 
Fixes the check method for the above module, prior
to this change the module was not running against 1703.
 2021-08-13 11:01:58 -04:00
A Galway 71bfb630d6 replaces smb capture server code with RubySMB 2021-08-13 15:01:56 +01:00
space-r7 c9bdd96c76 remove GIT_HOOK option 
post-checkout is the only hook that will work
with this exploit, so no option is needed. Also update
the documentation to reflect that.
 2021-08-12 10:18:13 -05:00
space-r7 31cbcb7774 add notes to updated modules 2021-08-12 10:18:13 -05:00
space-r7 70f304a548 change modules to use hash in build_commit_object 2021-08-12 10:18:13 -05:00
Shelby Pace d0c0372596 add request / response classes 2021-08-12 10:18:12 -05:00
Shelby Pace a4cc95448f remove namespace 2021-08-12 10:18:12 -05:00
Shelby Pace 0fe761b838 modify options and add documentation 2021-08-12 10:18:12 -05:00
Shelby Pace 98ef499351 add git lfs and smart http changes 2021-08-12 10:18:11 -05:00
Shelby Pace 53187648c1 add module 
also includes packfile obj metadata changes
 2021-08-12 10:18:11 -05:00
Shelby Pace d7161d0b90 add packfile, pkt line, and module code 2021-08-12 10:18:11 -05:00
Shelby Pace d89554e995 add git mixin changes and usage in git exploits 2021-08-12 10:18:11 -05:00
Shelby Pace 3fb225c9c6 add wrapper methods for creating git objects 
use methods in git_submodule_command_exec
 2021-08-12 10:18:11 -05:00
Spencer McIntyre 82cc8526d4 Land #15501, Add CVE-2019-11580 (Atlassian Crowd) 2021-08-12 09:38:31 -04:00
Grant Willcox 85ef49a79c Land #15535, Update psexec module to use SMBSHARE option name for consistency 2021-08-11 17:41:38 -05:00
Grant Willcox 5fdf990f24 Land #15519, Lexmark Universal Print Driver Local Privilege Escalation 2021-08-11 15:03:53 -05:00
Grant Willcox 7b25bd366f Update documentation and fix a few typos so that it reflects latest changes 2021-08-11 12:25:36 -05:00
adfoster-r7 83a1ff750a Land #15534, fix powershell command length in shell_to_meterpreter 2021-08-11 10:56:11 +01:00
Jacob Baines afa3d92774 Switched to upnp implementation 2021-08-10 18:17:18 -04:00
Grant Willcox 3ef2c0cf5a Land #15520, Canon TR150 Print Driver Local Privilege Escalation 2021-08-10 16:09:36 -05:00
Dimitrie-Toma Furdui 6dae595e4e fixed version check for cve_2018_8453_win32k_priv_esc 2021-08-10 21:49:42 +03:00
adfoster-r7 d56a31fe16 Fix windows secret dump kwargs usage 2021-08-10 15:47:24 +01:00
adfoster-r7 a6a08e97cc Update module side effect notes 2021-08-10 15:40:23 +01:00
Alan Foster 03400991af Update uses of open ssl 2021-08-10 15:40:23 +01:00