adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
76,154 Commits 27 Branches 1,043 Tags
441b671edd1531ceb457017fa7600aeee42072f7
Commit Graph

137 Commits

Author SHA1 Message Date
Christophe De La Fuente 4d485acb73 Remove Windows target since it doesn't work for now 2024-07-19 16:19:56 +02:00
Christophe De La Fuente e9c511c979 Add documentation and some updates 2024-07-16 16:34:28 +02:00
Christophe De La Fuente 1abc42a873 Add module 2024-07-09 18:34:27 +02:00
Zach Goldman 847b29178a change nil guards to default values, nil or blank guards for certain datastore options 2024-05-29 09:34:58 -05:00
Jack Heysel 27f5ad8e05 Land #18996, VSCode Malicious Ext module 
This PR adds a new exploit that creates a malicious vsix file. a vsix
file is a VS and VSCode extension file. Once installed, the users
computer will call back with a shell. Its not a bug, its a feature!
 2024-04-18 18:10:46 -07:00
h00die a551ef136c remove default shells on gitlens module 2024-04-18 17:31:02 -04:00
h00die ecac5c8fa8 vsix review 2024-04-17 16:13:44 -04:00
h00die bae1a2e20f gitlens review 2024-04-17 16:06:32 -04:00
h00die ee891eca3a spacing 2024-04-07 09:15:50 -04:00
h00die ed1ae32532 sync engine requirements on vsix 2024-04-07 09:13:59 -04:00
h00die eb26b0adcc gitlens exploit module 2024-03-22 16:22:39 -04:00
h00die 83944f7070 vsix deployment module 2024-03-22 16:14:51 -04:00
cgranleese-r7 40e6917b7f tests passing 2023-04-04 10:24:09 +01:00
Grant Willcox a756df5400 Add in missing RuboCop note sections 2022-04-19 16:40:57 -05:00
Brendan Coles 94ed9ae28b Modules: Prefer CVE references over cve.mitre.org URL references 2022-04-19 20:42:23 +00:00
sjanusz bbf9e3163a Fix file reads on Windows for binary files 2022-03-21 12:47:39 +00:00
h00die d5ba1afbec fix URLs not resolving 
fix URLs not resolving

add csv export to references

fix URLs not resolving

pdf not pd

missed a url change

remove extra recirectedfrom fields

remove extra file

fix ovftool url accidental replacement
 2022-02-16 17:22:40 -06:00
adfoster-r7 4a9a15e638 Run Rubocop layout rules on modules 2021-08-27 17:19:43 +01:00
dwelch-r7 7fbbe23426 Remove more requires that were missed before 2021-02-08 14:51:58 +00:00
Alan Foster e0ab259880 Remove < character from Archive_Tar exploit module 2021-01-29 11:20:50 +00:00
Grant Willcox 6e326d6a60 Fix up confusing variable name and a typo as pointed out during review 2021-01-19 09:25:56 -06:00
Grant Willcox 95d3bd98ac Do msftidy_docs and rubocop changes 2021-01-15 18:10:23 -06:00
Grant Willcox 2f0abe4900 Add in documentation and fix up small issues with module 2021-01-15 18:06:07 -06:00
Grant Willcox 65370a6b47 Initial module code 2021-01-15 16:20:06 -06:00
dwelch-r7 1617b3ec9b Use zeitwerk for lib/msf/core folder 2020-12-07 10:31:45 +00:00
Grant Willcox 2c391e9edc Fix up last of the module that had incorrect disclosure dates 2020-10-07 12:09:35 -05:00
Alan Foster 30809787c4 Convert disclosure dates to iso8601 2020-10-02 21:00:37 +01:00
bwatters 149566b30e Run rubocop 2020-09-02 17:14:30 -05:00
ggkitsas 62d3d9bc9a fix: reverts misuse of in zip_slip exploit 2020-09-01 21:49:55 +01:00
ggkitsas 788244150c Add support for zip generation in zip_slip exploit 2020-08-31 13:18:14 +01:00
Brent Cook 8489bcdfd9 This fixes broken links to the community.rapid7.com blog 
Performed mechanically with sed, spot-checked that the new blog can consume these links.
 2020-02-18 09:06:11 -06:00
Shelby Pace 644988750e change permission on payload 2019-09-12 07:43:54 -05:00
Wei Chen 8fe1f9d172 Rephrase 2019-09-10 12:12:46 -05:00
Wei Chen 2cd8125a40 Add zip skip 2019-09-09 12:00:53 -05:00
Shelby Pace 8fd5c1e0c1 remove PrependMigrate option 2019-08-19 13:12:54 -05:00
Load b0a531982e Adds default options 
- Changes target to Automatic
- Set default options instead of default target for options
- Adds links for the two vulnerabilities exploited by this module
- Removes unnecessary double encoding+eval
 2019-08-18 14:42:48 +02:00
Shelby Pace 409b3c9c4b using python payload for platform independence 2019-08-16 15:36:42 -05:00
Load 3838fc2164 Adds references to the next CVE 
This new CVE explains this exploit (global events are used)
 2019-08-16 12:59:23 +02:00
LoadLow c3b6e33f2e Adds suggested modifications 2019-08-03 06:10:11 +02:00
Load ce552ab88b Removes double quotes in libreoffice_logo_exec 
Co-Authored-By: Carter Brainerd <0xCB@protonmail.com>
 2019-08-03 05:52:12 +02:00
LoadLow 8e8e6a2cf7 Fixes indent 2019-07-31 00:14:08 +02:00
LoadLow 88f3ff9d59 Updates references 2019-07-31 00:00:30 +02:00
LoadLow 5f478b7fd6 Adds exploit module for CVE-2019-9848 
uses on dom-loaded event (triggered just after opening the document) and still working on 6.2.5
 2019-07-30 23:07:20 +02:00
William Vu e6300bfd63 Fix cmd_psh_payload requiring an arch string 
We may want to update Rex::Powershell to take the first in an array.
 2019-07-09 17:43:23 -05:00
William Vu 94994aa519 Update modules with RelatedModules and realign 2019-04-24 11:34:42 -05:00
William Vu 30b8625885 Update Ghostscript/ImageMagick modules 2019-04-23 16:31:40 -05:00
Shelby Pace 392078990c added x64 arch for targets 2019-04-17 08:29:58 -05:00
Shelby Pace 8dc8a18d2b added documentation and changes for module 2019-04-15 08:26:11 -05:00
Shelby Pace 391e7cf8ef adjusted font size and color 2019-04-12 14:01:29 -05:00
Shelby Pace d7f77fdcee getting session on linux 2019-04-12 14:01:29 -05:00