adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
62,775 Commits 27 Branches 1,043 Tags
4c02405ab520ca3232aeb359a14fd82ae29e23db
Commit Graph

2672 Commits

Author SHA1 Message Date
Spencer McIntyre 1915b1395e Land #15742, Added module for CVE-2021-40444 2021-12-08 17:46:02 -05:00
Spencer McIntyre 2f6710e02e Remove the Not_Hosted target 
It's not currently working and Metasploit should just handle everything
 2021-12-08 17:22:44 -05:00
Spencer McIntyre 75deb69eab Reformat the CVE-2021-40444 module docs 2021-12-08 16:45:22 -05:00
bwatters 852230c739 Fix bug brought in by importing Msf::Post::File 
Split out javascript to a file and deobfuscate it
Update documentation for new targets
Fix other small suggestions
 2021-12-08 10:36:27 -06:00
bwatters 77812ae4c4 Update documentation for multiple binaries, add targeting data, 
other bcoles improvements
 2021-12-02 09:57:48 -06:00
bwatters 1f33305ce1 Add documentation 2021-12-01 14:54:48 -06:00
bwatters 14064ff3f9 Update module description and remove extra module. 2021-11-29 15:23:02 -06:00
Brendan Coles 5fab1da09b ms03_026_dcom: cleanup 2021-11-28 08:25:31 +00:00
William Vu 344bdacae4 Remove preferred payload 
We'll add it back to Framework later.
 2021-11-24 10:44:59 -06:00
William Vu d2c322e875 Revert option name styling in module doc 
Bug in our local renderer's styling. GitHub renders it just fine.
 2021-11-23 19:05:26 -06:00
William Vu 053dc70782 Add words to module doc 2021-11-23 19:05:09 -06:00
William Vu a8daed1e79 Add module doc 2021-11-23 19:05:09 -06:00
Grant Willcox 7f6d661ff7 Land #15866, Add Exploit For CVE-2021-38294 (Apache Storm Nimbus getTopologyHistory RCE) 2021-11-18 17:02:50 -06:00
Grant Willcox 725c5f8d8c Add in another scenario into documentation and add additional detail to one setup step 2021-11-18 17:01:25 -06:00
Grant Willcox a915c3ce5c Add fixes for some of the issues raised during the review process on both the documentation and module side of things 2021-11-17 17:25:50 -06:00
Spencer McIntyre a100cd77ae Land #15858, Add exploit for CVE-2021-42237 2021-11-15 14:24:47 -05:00
Spencer McIntyre 0b3f95abca Writeup the module docs and move the protocol code 2021-11-12 15:15:51 -05:00
bwatters 4505d7e834 Land #15700, Add Aerohive NetConfig <= 10.0r8a RCE (CVE-2020-16152) module 
Merge branch 'land-15700' into upstream-master
 2021-11-11 17:03:54 -06:00
bwatters 5e670638f3 Add a line suggesting TryToFork on Meterpreter might prevent the hang after exploitation 2021-11-11 16:59:09 -06:00
Grant Willcox 8d55b16ade Fix one more mistake and rename document and module to a more easy to find name 2021-11-11 16:42:58 -06:00
Grant Willcox 27310dc002 Add in exploit and documentation for CVE-2021-42237 2021-11-10 15:52:22 -06:00
Grant Willcox 3af93cbacc Fix up changes from timwr's review so long 2021-11-09 10:36:50 -06:00
Grant Willcox 780a9370a2 First draft of code, documentation, and exploit DLL plus exploit code 2021-11-09 10:36:40 -06:00
space-r7 1dd26bca03 Land #15802, add OMIGOD LPE 2021-11-09 10:30:50 -06:00
RAMELLA Sébastien 38973510f7 update modules (auxiliary and exploit) 2021-11-09 15:18:58 +04:00
Spencer McIntyre 6f4aa55022 Land #15816, GitLab Unauth Command Injection 2021-11-03 16:57:57 -04:00
Jake Baines 4b7c5acc5b Changed qx delimiter to # and added it to badchars. Defaulted to a staged payload 2021-11-03 10:51:37 -07:00
Jake Baines 68cae90f45 Fix spelling error 2021-11-03 08:51:07 -07:00
Jake Baines 116e2b0c1d Enabled use of cmdstager::flavor printf. Tested against a CentOS install. Updated docs. Default to MeterpreterTryToFork and enabled autocheck 2021-11-03 08:49:09 -07:00
kalba-security 728965b3c6 fix typos in docs 2021-11-02 20:04:06 -04:00
kalba-security f778f5f00a add cleanup, add new info and warning messages, update docs, small improvements 2021-11-02 19:58:16 -04:00
Jake Baines beb30f2b6a Expanded cmdstager flavors. Removed bad variable name 2021-11-02 12:01:36 -07:00
Jake Baines 10bb77ea4b Addressed a wide variety of spelling and formatting issues. Added a reference. Registered TARGETURI. Randomized the image payload in check. Added additional options information to documentation. 2021-11-02 09:50:06 -07:00
Jake Baines b3a6d09b86 Fix wrong extension for documentation 2021-11-02 08:07:56 -07:00
space-r7 0681c8780e Land #15761, add pie-register code exec 2021-11-02 09:17:50 -05:00
space-r7 8185b26a12 change should to must in referring to id option 2021-11-02 09:15:59 -05:00
Jake Baines 3aadb6000b Initial version of CVE-2021-22205 GitLab Unauth RCE 2021-11-02 01:46:51 -07:00
Spencer McIntyre 1ca9f48266 Land #15783, Add Sophos UTM CVE-2020-25223 exploit 2021-10-28 09:00:08 -04:00
William Vu 2a36287d9d Add more words to module doc 2021-10-27 19:31:03 -05:00
William Vu 76aa872ff5 Add (empty) Options header to module doc 
For consistency.
 2021-10-27 19:31:03 -05:00
William Vu 7bbf0305c0 Fix elapsed time calculation using monotonic clock 
Hat tip @adfoster-r7.
 2021-10-27 19:31:03 -05:00
William Vu 365365bfb0 Add module doc 2021-10-27 19:31:03 -05:00
Spencer McIntyre 9635110050 Add documentation for CVE-2021-38648 2021-10-27 12:06:01 -04:00
Spencer McIntyre 21c45b3733 Update module metadata 2021-10-27 11:58:53 -04:00
Spencer McIntyre 60b17b5c6f Add the module docs for OMIGOD 2021-10-26 12:08:48 -04:00
Spencer McIntyre 7fc38d1b50 Land #15754, add apache2 path traversal modules 2021-10-22 12:40:57 -04:00
Spencer McIntyre ced61f989b Tweak the verbiage for clarity, update docs 2021-10-22 12:38:03 -04:00
adfoster-r7 2f86b332f5 Land #15733, Add Module For Kubernetes Pod Authenticated Code Execution 2021-10-21 10:46:20 +01:00
Spencer McIntyre 1e1b1982b2 Improve image selection when creating a pod 
The module will now iterate over identified image names by default and
also allows an explicit image name to be specified using the new
PodImage advanced option.
 2021-10-20 15:52:23 -04:00
William Vu 42ed1b6eef Add Windows support to CVE-2021-26084 exploit 2021-10-14 16:58:04 -05:00