adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
62,775 Commits 27 Branches 1,043 Tags
4c02405ab520ca3232aeb359a14fd82ae29e23db
Commit Graph

3822 Commits

Author SHA1 Message Date
Jeffrey Martin d802a9ee0b remove rubocop exemption no longer required 2021-11-23 07:58:07 -06:00
Jeffrey Martin 21a6a18d92 trade URI.encode & URI.escape for Ruby 3 
Ruby 3 removed the `URI.escape` methods however access to
the a parse for the same RFC is stil available at `URI::DEFAULT_PARSER.escape`.

Per the Ruby forum [comment](https://bugs.ruby-lang.org/issues/17309#note-1) this should equal.
 2021-11-22 14:11:03 -06:00
Spencer McIntyre 56a544c184 Fix two minor issues in kubernetes/exec 2021-11-05 10:35:22 -04:00
alanfoster 9346a43e4a Improve kube exec reliability 2021-11-05 02:38:44 +00:00
Jake Baines 4b7c5acc5b Changed qx delimiter to # and added it to badchars. Defaulted to a staged payload 2021-11-03 10:51:37 -07:00
Jake Baines 116e2b0c1d Enabled use of cmdstager::flavor printf. Tested against a CentOS install. Updated docs. Default to MeterpreterTryToFork and enabled autocheck 2021-11-03 08:49:09 -07:00
Jake Baines beb30f2b6a Expanded cmdstager flavors. Removed bad variable name 2021-11-02 12:01:36 -07:00
Jake Baines 10bb77ea4b Addressed a wide variety of spelling and formatting issues. Added a reference. Registered TARGETURI. Randomized the image payload in check. Added additional options information to documentation. 2021-11-02 09:50:06 -07:00
Jake Baines 3aadb6000b Initial version of CVE-2021-22205 GitLab Unauth RCE 2021-11-02 01:46:51 -07:00
h00die 46c2d343bd duplicator add check_plugin line 2021-10-29 17:22:12 -04:00
dwelch-r7 73e55fcaee Land #15665, Add Meterpreter compatibility metadata 2021-10-29 12:45:26 +01:00
Spencer McIntyre 7fc38d1b50 Land #15754, add apache2 path traversal modules 2021-10-22 12:40:57 -04:00
adfoster-r7 c0ba4bd619 Add kubernetes enum module 2021-10-21 11:01:25 +01:00
adfoster-r7 2f86b332f5 Land #15733, Add Module For Kubernetes Pod Authenticated Code Execution 2021-10-21 10:46:20 +01:00
Spencer McIntyre a74730da68 Fix image name enumeration 2021-10-20 17:20:05 -04:00
Spencer McIntyre 1e1b1982b2 Improve image selection when creating a pod 
The module will now iterate over identified image names by default and
also allows an explicit image name to be specified using the new
PodImage advanced option.
 2021-10-20 15:52:23 -04:00
William Vu 42ed1b6eef Add Windows support to CVE-2021-26084 exploit 2021-10-14 16:58:04 -05:00
dwelch-r7 dcb42da269 Land #15612, Add multiple moodle modules 2021-10-11 23:18:55 +01:00
h00die 59aa525ecb rubocop 2021-10-11 16:23:09 -04:00
RAMELLA Sébastien 60b2b0f009 update modules and docs 2021-10-10 17:01:15 +04:00
RAMELLA Sébastien 256b4edf78 update modules to CVE-2021-42013 2021-10-08 15:22:47 +04:00
adfoster-r7 28eab4d871 Add Meterpreter compatibility metadata 2021-10-06 13:54:51 +01:00
adfoster-r7 9884634d0b Land #15744, update description, refs, and rubocop on tomcat_jsp_upload_bypass 2021-10-05 10:25:47 +01:00
h00die d9d3204e1c update description, ref, rubocop 2021-10-04 22:14:51 -04:00
h00die f49d817ac4 working on cd 2021-10-03 16:13:38 -04:00
Spencer McIntyre d8f2b18649 Implement review feedback 2021-10-01 14:44:13 -04:00
Spencer McIntyre 8d82bebc3c Add the kubernetes/exec module docs 2021-10-01 10:32:12 -04:00
Spencer McIntyre 32540247cb Move the Kubernetes client into a library file 2021-10-01 10:32:12 -04:00
Spencer McIntyre d135e7677b Fix a couple of bugs in the k8s/exec module 2021-10-01 10:32:12 -04:00
Spencer McIntyre 250e40762d Add the ability to create a new pod 2021-10-01 10:32:06 -04:00
adfoster-r7 a7aa255389 Update gitea git hooks rce check method 2021-10-01 01:11:11 +01:00
Spencer McIntyre 7e62ab92ce Allow configuration via an established session 2021-09-30 16:54:01 -04:00
Spencer McIntyre ea6761a3fa Module cleanup and error handling 2021-09-30 16:54:01 -04:00
Spencer McIntyre eb1507660f Add support for direct websocket sessions 2021-09-30 16:54:01 -04:00
Spencer McIntyre 7536db1702 Add an initial kubernetes exec module 2021-09-30 16:54:01 -04:00
adfoster-r7 c86f52a3ec Land #15679, bug fix for tomcat_mgr_upload module not undeploying app after exploit 2021-09-21 03:34:43 +01:00
Spencer McIntyre 4bccc0541f Add a note about exploitable versions 2021-09-16 17:08:23 -04:00
Spencer McIntyre fd0f565095 Add automatic targeting for the CVEs 2021-09-16 15:15:52 -04:00
Spencer McIntyre 9f971e8716 Update the module for CVE-2021-3287 2021-09-16 12:58:30 -04:00
Naveen Sunkavally d1da74d329 bug fix to undeploy app after exploit 2021-09-15 21:54:21 -04:00
Spencer McIntyre fb74888a31 Correct the CVE reference 2021-09-15 08:42:55 -04:00
Spencer McIntyre d82ed7d4a2 Write up the module docs 2021-09-14 09:10:44 -04:00
Spencer McIntyre 3986707895 Add and test the remaining targets 2021-09-14 09:10:44 -04:00
Spencer McIntyre d640866b68 Apply rubocop changes and fix all targets 2021-09-14 09:10:44 -04:00
Spencer McIntyre d4834631c3 Add the generated YSoSerial gadget chain 2021-09-14 09:10:44 -04:00
Spencer McIntyre 02fde3ac51 Initial work on CVE-2021-3287 2021-09-14 09:10:44 -04:00
adfoster-r7 46718e3390 Run Rubocop layout rules on modules 2021-09-10 12:53:39 +01:00
Mike Brown 28e358066b Fixed typo 
Extraneous `.`. Thanks, macOS!
 2021-09-04 14:34:05 -07:00
Mike Brown 2bfc8d35d0 Defined capability flags in comment 
Added descriptive comment for included capability flags.
 2021-09-04 14:32:30 -07:00
h00die 65aae010ce more libs for moodle and teacher priv esc to rce module 2021-09-04 13:31:11 -04:00