adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

35981 Commits

Author SHA1 Message Date
Grant Willcox 8dec3eaaaa Lock target into a specific firmware version as we don't have time to spend trying to get the heap overflow working for other firmware versions 2021-07-27 13:00:43 -05:00
Grant Willcox 6a787336e4 Improve the check function by using a different file that leaks details about the version of the router firmware on more devices without running into the issue of some of them requiring authentication 2021-07-27 13:00:37 -05:00
Grant Willcox 98e69f7d10 Fix up namespacing for some Check codes that would be hit under certain conditions to be proper, preventing our module throwing errors 2021-07-27 13:00:29 -05:00
Grant Willcox a53411229f Move files over to start work on converting this into an auxiliary module 2021-07-27 13:00:17 -05:00
Grant Willcox 8954dd5d2d Add in documentation and update module description to match 2021-07-27 13:00:15 -05:00
Grant Willcox 22c88bedcf Fix a bug whereby the host would be hardcoded to the IP address 192.168.1.1 which may not always be the case 2021-07-27 13:00:02 -05:00
Grant Willcox 3b670644b2 Add in random characters into certain areas of the packets where 'a''s were being used previously to help make things harder to detect 2021-07-27 12:59:46 -05:00
Grant Willcox d06b9c8bda Add in first working copy of netgear_r7000_backup_cgi_heap_overflow_rce.rb 2021-07-27 12:59:38 -05:00
Shelby Pace 183caff15c Land #15418, add modern events calendar rce 2021-07-26 09:45:05 -05:00
Shelby Pace 38ae82155e modify info, fix spacing 2021-07-26 09:43:34 -05:00
Shelby Pace 9e95eb7be1 Land #15408, add Wordpress sp doc file upload 2021-07-23 12:36:29 -05:00
Grant Willcox 31b82452ec Fix up Spencer's comments from review to correctly pass in parameters to execute_dll() as some calls were passing the wrong set of parameters 2021-07-23 12:34:25 -05:00
Grant Willcox 2fb379374f Update documentation where possible for changed exploits 2021-07-23 12:34:12 -05:00
Shelby Pace d207f994c0 modify doc description 
randomize form data, formatting
 2021-07-23 12:33:41 -05:00
Grant Willcox fabc566402 Improve process.rb's execute_dll to now automatically detect the architecture of the target and of the DLL and then appropriately decide if it needs to launch a WoW64 process to inject into. 2021-07-23 12:33:41 -05:00
Grant Willcox bc0439fc47 Improve the list of potential processes to spawn and inject into to be more believable 2021-07-23 12:33:16 -05:00
Grant Willcox 96b15c9650 Update process.rb to support injecting into a random process and not just notepad.exe all the time to improve signature evasion. Also support injecting into one's own Meterpreter process for further stealth. Finally update one module to showcase off how these changes look like on a real module. 2021-07-23 12:33:01 -05:00
cgranleese-r7 9e7859ed25 Reformats some modules so they can be run with new meterpreter_commands_dependencies.rb Rubocop rule 2021-07-23 14:40:19 +01:00
Hakyac 0f8e256d52 Update modules/exploits/multi/http/wp_plugin_sp_project_document_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-07-23 10:12:57 +02:00
Hakyac 13678f5140 Update modules/exploits/multi/http/wp_plugin_sp_project_document_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-07-23 10:12:51 +02:00
Hakyac 9cdddac5cd Update modules/exploits/multi/http/wp_plugin_sp_project_document_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-07-23 10:11:26 +02:00
Hakyac 877ac006f8 Update modules/exploits/multi/http/wp_plugin_sp_project_document_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-07-23 10:11:21 +02:00
Hakyac 73995ac8d1 Update modules/exploits/multi/http/wp_plugin_modern_events_calendar_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-07-23 10:09:44 +02:00
Hakyac 5e2776411d Update modules/exploits/multi/http/wp_plugin_modern_events_calendar_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-07-23 10:09:25 +02:00
Hakyac 8a3f5affe8 Update modules/exploits/multi/http/wp_plugin_modern_events_calendar_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-07-23 10:09:13 +02:00
Shelby Pace 7a39f4c4dd Land #15211, add apache tapestry gatherer 2021-07-22 11:58:03 -05:00
Shelby Pace a83bb187e4 add reliability trait 2021-07-22 10:52:16 -05:00
Shelby Pace 58891313c8 add notes 2021-07-22 10:46:37 -05:00
Shelby Pace 6203499684 fix rubocop offenses 2021-07-22 10:27:17 -05:00
Shelby Pace bc1f106bcb change method of retrieving key 
add checks on responses, update docs
 2021-07-21 17:56:41 -05:00
Yann Castel a3e5bd527b use of vars_get + delete payload after use 2021-07-21 09:59:05 +02:00
Hakyac 53214e8792 Update modules/exploits/multi/http/wp_plugin_modern_events_calendar_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-07-21 09:41:46 +02:00
Hakyac 09ca7751c0 Update modules/exploits/multi/http/wp_plugin_modern_events_calendar_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-07-21 09:41:38 +02:00
Hakyac 815a6d4d95 Update modules/exploits/multi/http/wp_plugin_modern_events_calendar_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-07-21 09:41:28 +02:00
Yann Castel c169c78f03 use of vars_get 2021-07-21 09:38:36 +02:00
Hakyac 7e3281dfcf Update modules/exploits/multi/http/wp_plugin_sp_project_document_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-07-21 09:08:30 +02:00
Hakyac 40220052da Update modules/exploits/multi/http/wp_plugin_sp_project_document_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-07-21 09:07:12 +02:00
William Vu af0092f290 Land #15400, Sage X3 modules 2021-07-20 20:36:48 -05:00
William Vu 0ba430c8c4 Fix a bunch of things 
Mostly RuboCop and refactoring.
 2021-07-20 20:07:08 -05:00
Shelby Pace 79d49a6857 Land #15402, add Wordpress Backup Guard rce 2021-07-20 15:53:57 -05:00
Shelby Pace f738383b98 rename docs, modify privileged to false 
use vars_get in upload request
 2021-07-20 15:31:38 -05:00
Yann Castel 4a9bef2e9f various suggestions 2021-07-20 19:10:39 +02:00
Yann Castel 010d3e5a4a various suggestions 2021-07-20 18:22:37 +02:00
William Vu 8b5071326e Merge remote-tracking branch 'upstream/master' into pr/15400 2021-07-20 11:11:45 -05:00
Grant Willcox 49bf54dcf8 Land #15449, Binom3 add CVE 2021-07-20 09:48:45 -05:00
guly ab3214dfc5 Binom3 add CVE 
Binom3 add CVE
 2021-07-20 14:23:05 +02:00
Hakyac 2bf1c1ac26 Update modules/exploits/multi/http/wp_plugin_backup_guard_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-07-20 09:28:01 +02:00
Hakyac 7c14882510 Update modules/exploits/multi/http/wp_plugin_backup_guard_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-07-20 09:27:40 +02:00
Hakyac 2c51c2b6e4 Update modules/exploits/multi/http/wp_plugin_backup_guard_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-07-20 09:27:09 +02:00
Hakyac ce9a00492c Update modules/exploits/multi/http/wp_plugin_modern_events_calendar_rce.rb 
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2021-07-20 09:11:58 +02:00