adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
53,238 Commits 27 Branches 1,043 Tags
4125224af872292b50f6c94de6469b91bc6c6a9f
Commit Graph

6154 Commits

Author SHA1 Message Date
h00die 054a092eb2 fix references in bypassuac modules 2019-09-08 00:42:21 -04:00
h00die 78c4bfee95 add url for fodhelper 2019-09-08 00:33:16 -04:00
bwatters-r7 17acaf9720 Land #12226, fix #11574, add WSReset.exe UAC Bypass 
Merge branch 'land-12226' into upstream-master
 2019-09-06 09:19:24 -05:00
Tim W 1a717a5624 minor fixes 2019-09-06 02:11:06 +08:00
Tim W cc9d9bb483 s/bypassuac_windows_store/bypassuac_windows_store_filesys/g 2019-09-06 00:52:13 +08:00
bwatters-r7 481c13ea0f Rubocop changes 2019-09-05 11:44:00 -05:00
bwatters-r7 cf3f6c90f8 Renamed file to make room for the other UAC bypass targeting the same exe 2019-09-05 11:35:10 -05:00
bwatters-r7 b876afa20f Fixed up the code before pushing it. 2019-09-05 11:33:05 -05:00
bwatters-r7 9281c0de12 Add some missing pieces to the UAC pypass? 2019-09-04 17:03:32 -05:00
Tim W cd13a83eb2 add arch check 2019-08-31 20:54:18 +08:00
Tim W ea3e2c1047 fix #11574, add WSReset UAC Bypass 2019-08-24 13:35:40 +08:00
William Vu b8b4edc243 Land #12203, autofilter=false for a couple modules 2019-08-15 19:00:15 -05:00
William Vu 32334c2386 Update all module splats from http:// to https:// 2019-08-15 18:10:44 -05:00
Brent Cook 4d48515ae2 Disable a couple of modules for autoexploitation that produce false positives on newer systems. 2019-08-15 16:33:40 -05:00
Adam Cammack cf9b94a964 Set needs_cleanup flag for exploits that need it 
The `needs_cleanup` flag needs to be set per-module when an exploit
needs an interactive session to clean up. Some `FileDropper` exploits
need additional cleanup to what the mixin provides, but since all
`FileDropper`s already mark themselves as needing cleanup those are not
covered here. A few of these could potentially be refactored to use the
original exploitation method to clean up or to compile the list of
files/commands to clean up ahead of time, but that is out of the scope
of this fix.
 2019-08-02 10:23:53 -05:00
Adam Cammack 5e64f8560a Fix whitespace 2019-08-02 10:23:41 -05:00
Jacob Robles bbf0cb4d9d Land #11653, Apache Tika CVE-2018-1335 RCE 2019-08-01 17:43:57 -05:00
h00die 060183c034 tika 1.15-1.17 2019-07-30 16:55:06 -04:00
h00die f053768801 restrict tika versions 2019-07-30 07:32:30 -04:00
Wietsman 3b08ed88d1 #12095 added version check if vulnerable 
#12095 cleaned up the code
#12095 added more output
#12095 added comments
 2019-07-22 16:43:24 +02:00
Wietsman 71da3b7903 #12095 Added cleaning up of trial account and dropper files. 2019-07-21 03:21:15 +02:00
Wietsman e26b650f31 #12095 Fixed Password complexity generation 
#12095 Fixed trial account creation
#12095 Fixed calling functions
 2019-07-18 13:13:39 +02:00
Wietse Boonstra 2b7d6e07b1 #12095 Fixed issue with function naming. 
Added random username and password generating
 2019-07-18 10:54:12 +02:00
Wietsman 26c87b1869 Wrap to 80 columns 2019-07-17 00:21:21 +02:00
Wietsman 73c6a11ccb Apply suggestions from code review 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-07-16 22:38:58 +02:00
Wietsman 2d86312f6c Apply suggestions from code review 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-07-16 22:37:56 +02:00
Wietsman ac454d3044 Ahsay backup v7.x - v8.1.1.50 file upload 2019-07-16 16:10:13 +02:00
Wei Chen 27bb166938 Land #12011, Add module for cve-2018-8453 2019-07-15 11:31:07 -05:00
Jacob Robles 5c0bbbbaa0 Land #12070, Add module for CVE-2019-0841 2019-07-15 09:32:47 -05:00
William Vu e6300bfd63 Fix cmd_psh_payload requiring an arch string 
We may want to update Rex::Powershell to take the first in an array.
 2019-07-09 17:43:23 -05:00
Shelby Pace 70d67f1dbb merged write_to_disk and load_dll_with_diaghub 2019-07-09 11:39:38 -05:00
Shelby Pace 86d0d1d153 remove validate_target 2019-07-09 10:52:02 -05:00
Shelby Pace f7aa6d79d7 Update modules/exploits/windows/local/appxsvc_hard_link_privesc.rb 
Co-Authored-By: @shellfail <jrobles@rapid7.com>
 2019-07-09 10:47:57 -05:00
Shelby Pace c647d0ba52 made suggested change to write_payload 2019-07-09 10:46:46 -05:00
Shelby Pace 096857d1ad swap check codes 2019-07-09 10:01:49 -05:00
Jacob Robles a55aea33a9 Add cve-2018-8453 exploit module 2019-07-09 07:15:13 -05:00
Shelby Pace ccdb7ba262 remove unused variable 2019-07-08 12:57:47 -05:00
Shelby Pace f0f1a41ba5 add documentation and module 2019-07-08 12:49:22 -05:00
William Vu 5e04ab2e66 Add lokiuox to bypassuac_silentcleanup authors 
Looks like they were removed by accident.
 2019-07-02 12:36:07 -05:00
h00die a42c7ea736 land #11990 windows tomcat cmdlinearguments 2019-07-01 17:29:02 -04:00
William Vu 1503dcd168 Land #11997, SilentCleanup UAC bypass 2019-06-27 11:52:56 -05:00
William Vu 6f1aaac70e Add enigma0x3 and fix nyshone69 researchers 2019-06-27 11:38:34 -05:00
William Vu 7b0aac72ec Fix missing is_in_admin_group? method 
This was missed in the refactor, since admin_group was removed.
 2019-06-27 11:16:49 -05:00
Jeff McJunkin 2927fd5dc8 Update bypassuac_sluihijack: Fix typo 2019-06-26 14:25:32 -07:00
Jacob Robles efc61a4934 Use cmdstager 2019-06-26 10:15:25 -05:00
Jacob Robles 7c3e566a23 Update check 
Handle nil error code and fix version extraction based
on both of the possible Apache Tika return pages.
 2019-06-26 10:15:25 -05:00
Wei Chen 2fb129ad41 Allow check in exploit to be optional 2019-06-25 17:13:55 -05:00
Carter Brainerd 5e8b076714 Final review changes 2019-06-25 07:21:08 +02:00
Carter Brainerd d2dc5f6077 Review changes 2019-06-22 00:18:44 -04:00
Carter Brainerd d90dba5d6e Hopefully final msftidy fixes 2019-06-20 17:03:38 -04:00