adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
61,516 Commits 27 Branches 1,043 Tags
4454a7600aab9f19ead043e163fa4fe677bb6f5e
Commit Graph

31277 Commits

Author SHA1 Message Date
kensh1ro 4454a7600a add minor fixes to module code 2021-09-10 22:56:04 +03:00
kensh1ro 1adde377ec Replace XOR with CHACHA and remove unnecassary code 2021-09-06 12:23:46 +03:00
kensh1ro 3bf8a5c1ba Change Alloction from RWX to RW 2021-08-21 11:10:07 +03:00
kensh1ro a4a2a4d5cc Add fix for generating random valid C keywords 2021-08-05 18:26:58 +03:00
kensh1ro 87e7718a25 Adding a dynamic way to fetch syscalls 2021-08-04 09:31:43 +03:00
kensh1ro 907be4418e Added module syscall_inject with documentation 2021-08-01 19:22:32 +03:00
Simon Janusz 7260b220a2 Land #15498, Update postgres schema dump 2021-07-30 12:01:16 +01:00
adfoster-r7 6a00b2fa43 Update postgres schema dump 2021-07-29 19:41:49 +01:00
Spencer McIntyre dba3db741a Land #15462, [CVE-2021-36934] HiveNightmare 2021-07-29 12:53:48 -04:00
Spencer McIntyre 202f291d30 Land #15497, Add Pi-Hole DHCP Module Side Effects 2021-07-29 12:37:21 -04:00
adfoster-r7 951809e164 Land #15491, add module stability notes 2021-07-29 17:24:42 +01:00
space-r7 d69fb22699 add side effects to pihole dhcp module 2021-07-29 11:23:01 -05:00
space-r7 809081bc5f Land #15279, add Pi-Hole lpe 2021-07-29 11:15:17 -05:00
space-r7 0561ae978f fix typos, pihole version in docs 2021-07-29 11:13:58 -05:00
Spencer McIntyre 36cc2fd7e5 Rename an option and update docs for HiveNightmare 2021-07-29 12:07:56 -04:00
Yann Castel fb99af1152 Add post module for HiveNightmare 
correct CVE id

Update modules/exploits/multi/http/wp_plugin_modern_events_calendar_rce.rb

Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>

Update modules/exploits/multi/http/wp_plugin_modern_events_calendar_rce.rb

Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>

Update modules/exploits/multi/http/wp_plugin_modern_events_calendar_rce.rb

Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>

Update modules/exploits/multi/http/wp_plugin_modern_events_calendar_rce.rb

Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>

use of vars_get + delete payload after use

initial commit

Update hivenightmare_windows_sam_leak.rb

using railgun to read files + specific index option

Update hivenightmare_windows_sam_leak.rb

post module + add description + add documentation

Delete wp_plugin_modern_events_calendar_rce.rb

Delete wp_plugin_modern_events_calendar_rce.md

add scenario in doc

Update windows_sam_hivenightmare.md

Update windows_sam_hivenightmare.rb

Update modules/post/windows/gather/credentials/windows_sam_hivenightmare.rb

Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>

minor changes

msftidy

Update modules/post/windows/gather/credentials/windows_sam_hivenightmare.rb

Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2021-07-29 11:54:31 -04:00
dwelch-r7 15edd30fa2 Land #15359, Fix #15218 authentication issue in ssh_login_pubkey 2021-07-29 16:27:35 +01:00
Spencer McIntyre 453172ae62 Land #15163, CVE-2021-31802 - R7000 RCE 2021-07-29 09:26:58 -04:00
Spencer McIntyre 9934f5d5ab Remove a useless variable assignment for rubocop 2021-07-29 08:54:07 -04:00
Grant Willcox a518fcac98 Add in timeout to 10th and final request to prevent module from throwing errors like it isn't working when it really is 2021-07-28 11:32:47 -05:00
cgranleese-r7 56510a2e8e Updates some notes on modules that weren't passing tests due to new rubocop rule 2021-07-28 16:20:02 +01:00
sjanusz 1288e85b6b Improved exception handling 2021-07-28 10:22:15 +01:00
sjanusz c63ef142c5 Update local exploit suggester to handle nil targets 2021-07-28 10:22:15 +01:00
Grant Willcox a13f6a35dc Use fail_with to properly handle the case where the target isn't the one we support 2021-07-27 13:00:44 -05:00
Grant Willcox 8dec3eaaaa Lock target into a specific firmware version as we don't have time to spend trying to get the heap overflow working for other firmware versions 2021-07-27 13:00:43 -05:00
Grant Willcox 6a787336e4 Improve the check function by using a different file that leaks details about the version of the router firmware on more devices without running into the issue of some of them requiring authentication 2021-07-27 13:00:37 -05:00
Grant Willcox 98e69f7d10 Fix up namespacing for some Check codes that would be hit under certain conditions to be proper, preventing our module throwing errors 2021-07-27 13:00:29 -05:00
Grant Willcox a53411229f Move files over to start work on converting this into an auxiliary module 2021-07-27 13:00:17 -05:00
Grant Willcox 8954dd5d2d Add in documentation and update module description to match 2021-07-27 13:00:15 -05:00
Grant Willcox 22c88bedcf Fix a bug whereby the host would be hardcoded to the IP address 192.168.1.1 which may not always be the case 2021-07-27 13:00:02 -05:00
Grant Willcox 3b670644b2 Add in random characters into certain areas of the packets where 'a''s were being used previously to help make things harder to detect 2021-07-27 12:59:46 -05:00
Grant Willcox d06b9c8bda Add in first working copy of netgear_r7000_backup_cgi_heap_overflow_rce.rb 2021-07-27 12:59:38 -05:00
Shelby Pace 183caff15c Land #15418, add modern events calendar rce 2021-07-26 09:45:05 -05:00
Shelby Pace 38ae82155e modify info, fix spacing 2021-07-26 09:43:34 -05:00
Shelby Pace 9e95eb7be1 Land #15408, add Wordpress sp doc file upload 2021-07-23 12:36:29 -05:00
Shelby Pace d207f994c0 modify doc description 
randomize form data, formatting
 2021-07-23 12:33:41 -05:00
cgranleese-r7 9e7859ed25 Reformats some modules so they can be run with new meterpreter_commands_dependencies.rb Rubocop rule 2021-07-23 14:40:19 +01:00
Hakyac 0f8e256d52 Update modules/exploits/multi/http/wp_plugin_sp_project_document_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-07-23 10:12:57 +02:00
Hakyac 13678f5140 Update modules/exploits/multi/http/wp_plugin_sp_project_document_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-07-23 10:12:51 +02:00
Hakyac 9cdddac5cd Update modules/exploits/multi/http/wp_plugin_sp_project_document_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-07-23 10:11:26 +02:00
Hakyac 877ac006f8 Update modules/exploits/multi/http/wp_plugin_sp_project_document_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-07-23 10:11:21 +02:00
Hakyac 73995ac8d1 Update modules/exploits/multi/http/wp_plugin_modern_events_calendar_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-07-23 10:09:44 +02:00
Hakyac 5e2776411d Update modules/exploits/multi/http/wp_plugin_modern_events_calendar_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-07-23 10:09:25 +02:00
Hakyac 8a3f5affe8 Update modules/exploits/multi/http/wp_plugin_modern_events_calendar_rce.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-07-23 10:09:13 +02:00
Shelby Pace 7a39f4c4dd Land #15211, add apache tapestry gatherer 2021-07-22 11:58:03 -05:00
Shelby Pace a83bb187e4 add reliability trait 2021-07-22 10:52:16 -05:00
Shelby Pace 58891313c8 add notes 2021-07-22 10:46:37 -05:00
Shelby Pace 6203499684 fix rubocop offenses 2021-07-22 10:27:17 -05:00
Shelby Pace bc1f106bcb change method of retrieving key 
add checks on responses, update docs
 2021-07-21 17:56:41 -05:00
Yann Castel a3e5bd527b use of vars_get + delete payload after use 2021-07-21 09:59:05 +02:00