adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
49,343 Commits 27 Branches 1,043 Tags
4b0958404740d418bcbbb6dbbf32fa02a287c918
Commit Graph

11959 Commits

Author SHA1 Message Date
h00die 4b09584047 php_imap_open_rce 2018-11-18 21:28:19 -05:00
Jacob Robles 795aa3c99c Land #10828, git submodule url exec CVE-2018-17456 2018-11-14 12:39:13 -06:00
Jacob Robles 798d3156bc Print git command for module 2018-11-14 10:57:36 -06:00
Shelby Pace 5e85683228 removed to_s from string 2018-11-13 15:28:55 -06:00
Shelby Pace ac8932c144 update 9631 to a current branch 2018-11-13 15:15:25 -06:00
Alex Gonzalez da134f06e3 Updated check method 
Fixed check method and redundant variable declarations
 2018-11-13 16:01:40 -05:00
Brendan Coles 1f14a9846d Land #10767, Add Cisco Prime Infrastructure remote root exploit 2018-11-10 17:08:16 +00:00
Aaron Ringo 9dd0f2a5ea modified to allow unix cmd for testing and other targets not supported, took out interpolation,notes section re-added 
added notes section back in
 2018-11-06 20:45:20 -06:00
Jeffrey Martin dd57b27652 Rename hash to generate_process_hash 
In the interest of compatibility this uses a more descriptive name for
the process hash creation method instead of overriding ruby's hash method.
See https://docs.ruby-lang.org/en/2.0.0/Hash.html
 2018-11-05 17:16:16 -06:00
h00die aff4ef0752 land #10912 moving polycom exploit to misc folder 2018-11-05 16:54:24 -05:00
Shelby Pace 0c38babb9e Land #10874, rm size restriction from pyld_inject 2018-11-05 15:16:40 -06:00
bwatters-r7 f185c06204 Land 10794, Add support for ms17_010_eternalblue_win8 ProcessName option 
Merge branch 'land-10794' into upstream-master
 2018-11-05 15:08:59 -06:00
bwatters-r7 7ca2311325 Land #10792, Add support for ms17_010_eternalblue ProcessName option 
Merge branch 'land-10792' into upstream-master
 2018-11-05 14:19:10 -06:00
bwatters-r7 1f0941101f shut up, msftidy 2018-11-05 14:13:33 -06:00
bwatters-r7 4f2ba46125 Stop some of the rubocop carnage 2018-11-05 14:11:24 -06:00
Wei Chen a32d8083f0 Land #10847 - Add blueimp's jQuery (Arbitrary) File Upload 
CVE-2018-9206
 2018-11-05 11:37:20 -06:00
bwatters-r7 5ec155fd44 Changed some options to advanced 2018-11-05 09:59:17 -06:00
l9c ff07289132 better style according to the review 2018-11-05 13:46:36 +08:00
Pedro Ribeiro 7464d81c01 Add warning about JSP deletion 2018-11-05 00:52:34 +09:00
Brendan Coles fdf45f269b Move polycom_hdx_auth_bypass to exploit/unix/misc/ 2018-11-04 06:14:26 +00:00
Brendan Coles c3080d69f2 Use writable? method for local modules 2018-11-04 05:28:32 +00:00
Jacob Robles 6bc4b71ca3 Land #10873, Add notes to exploit modules 2018-11-02 14:11:11 -05:00
Spencer McIntyre 7faa775b55 Remove the now unnecessary DisableNops option 2018-11-02 14:57:41 -04:00
Brent Cook 86469cc5a0 Land #10836, Add Morris worm sendmail debug mode exploit 2018-11-02 11:17:33 -05:00
Brent Cook 1d81f3764f Land #10700, Add Morris worm fingerd exploit and VAX reverse shell 2018-11-02 11:16:46 -05:00
bwatters-r7 114a8127e8 Land #10858, bypassuac_eventvwr optimizations - reduce created processes and artifacts 
Merge branch 'land-10858' into upstream-master
 2018-10-31 16:44:32 -05:00
bwatters-r7 af7a7d586b Add validation check to make sure x64 remote host and a x86 session 
cannot select an x64 target.
 2018-10-31 16:31:52 -05:00
Elazar Broad 6fe7bb0bb6 Increase sleep time to 10 seconds 
Increase the wait time before removing the registry key - allows the payload to spawn successfully on slow systems.
 2018-10-29 12:55:03 -04:00
Brendan Coles 1c340f8202 Land #10853, Add universal targeting to Mercury/32 IMAP LOGIN exploit 2018-10-28 18:17:46 +00:00
kr3bz 370bcaf8d8 Update mercury_login.md 2018-10-28 09:49:15 +01:00
Brendan Coles a34310095c Update modules/exploits/windows/imap/mercury_login.md 
Co-Authored-By: kr3bz <44395414+kr3bz@users.noreply.github.com>
 2018-10-28 09:41:29 +01:00
Brendan Coles bfd3a17c0e Update modules/exploits/windows/imap/mercury_login.rb 
Co-Authored-By: kr3bz <44395414+kr3bz@users.noreply.github.com>
 2018-10-28 09:41:14 +01:00
kr3bz 5efbefdaea Update mercury_login.md 2018-10-28 09:37:47 +01:00
kr3bz 2839a73cbd Update mercury_login.rb 2018-10-28 09:35:15 +01:00
Spencer McIntyre 52fee303d4 Remove the size restriction from payload_inject 2018-10-27 21:26:09 -04:00
Spencer McIntyre caf76a6555 Add applicable notes to my exploit modules 2018-10-27 20:54:14 -04:00
kr3bz c61737bb18 Update mercury_login.md 2018-10-27 20:52:54 +02:00
kr3bz 239632ca03 Update mercury_login.md 2018-10-27 20:52:24 +02:00
kr3bz 3cf8a01b55 Update mercury_login.md 2018-10-27 20:51:31 +02:00
Brendan Coles 965c2d5c01 Update modules/exploits/windows/imap/mercury_login.rb 
Co-Authored-By: kr3bz <racic.ivan@gmail.com>
 2018-10-26 13:37:37 +02:00
Wei Chen e84ba62740 Cosmetic changes for local/webexec 2018-10-24 16:13:47 -05:00
Elazar Broad 16d633fabd Remove spaces before EOL 2018-10-24 11:04:41 -04:00
Shelby Pace 3729e9ed7b added description, references 2018-10-24 09:46:00 -05:00
kr3bz 2e2d742ae7 Added updated mercury_login 
Added additional space for the payload, made recommended changes, msftidy does not produce errors, readded null byte as a badchar.
 2018-10-24 11:08:37 +02:00
William Vu 458f635159 Add supported payloads to module description 2018-10-24 01:30:27 -05:00
William Vu 839c4e0467 Drop rank to AverageRanking for now 2018-10-24 01:30:17 -05:00
William Vu 37560760df Add RequiredCmd for generic and telnet 2018-10-24 01:23:15 -05:00
Elazar Broad ef2854c918 Use in-memory reflection for executing the payload 
Use to_win32pe_psh_reflection() instead of to_win32pe_psh_net() in order to reduce the amount of processes and forensic artifacts created by this module.
 2018-10-23 22:12:10 -04:00
Elazar Broad d75c599929 Use ShellExecuteA to spawn eventvwr.exe 
Use ShellExecuteA from railgun to spawn eventvwr.exe, as opposed to cmd /c. This reduces the amount of processes generated by this module.
 2018-10-23 21:52:36 -04:00
Elazar Broad da4b424780 Fix typo in cleanup message 2018-10-23 21:33:49 -04:00