adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
71,990 Commits 27 Branches 1,043 Tags
4e61596e7aff309bf20bbc8ee69f2c2ceda10037
Commit Graph

35231 Commits

Author SHA1 Message Date
Jack Heysel 4e61596e7a Check Build ID before running exploit 2023-12-19 12:15:35 -05:00
Jack Heysel e858628292 Execute python payload in memory 2023-12-19 00:46:11 -05:00
Jack Heysel 549ee43df9 Update docs description minor comments 2023-12-19 00:32:21 -05:00
Jack Heysel c6a6809700 Updated attribution 2023-12-18 19:41:49 -05:00
Jack Heysel df111afb06 Glibc Tunables Exploit 2023-12-14 18:28:43 -05:00
Spencer McIntyre 15aaa90379 Land #18447, CVE-2023-22515 Confluence Auth Bypass 
CVE-2023-22515 - Atlassian Confluence Data Center and Server Authentication Bypass
 2023-10-19 17:35:17 -04:00
Spencer McIntyre ee0e5b9eda Tidy the docs, fix the username 
The username can not contain capital letters, or the operation will
fail.
 2023-10-19 17:19:55 -04:00
Emir Polat c79cc5a36b Final Checks 2023-10-19 17:19:55 -04:00
Emir Polat b3a9579e8a Update modules/auxiliary/admin/http/atlassian_confluence_auth_bypass.rb 
Implement changes proposed by Spencer McIntyre (smcintyre-r7)
 2023-10-19 17:19:30 -04:00
emirpolatt 258ac6421b Fix fail_with response code compare and documentation fixes 2023-10-19 17:19:30 -04:00
emirpolatt 7c977e07ef Remove of the X-Atlassian-Token header from server-info.action 2023-10-19 17:19:30 -04:00
emirpolatt 236a301f27 Check method fixes 
get_confluence_version inside to check method. Also new status messages
 2023-10-19 17:19:08 -04:00
Christophe De La Fuente da9d04d32d Land #18461, CVE-2023-22515 - Atlassian Confluence unauthenticated RCE 2023-10-19 10:22:57 +02:00
sfewer-r7 5e84f57ab3 set :random to true during generate_jar so we can randomize teh metasploit class path 2023-10-18 09:53:46 +01:00
sfewer-r7 fcffd36af0 no need to test for true, jsut return the value as we are waiting for done to be set to true 2023-10-18 09:37:04 +01:00
sfewer-r7 9fdbccb74f catch a JSON ParserError exception and fail_with() if needed. Also detect if the JSON data doesnt have the expected value and fail_with() if needed 2023-10-18 09:36:02 +01:00
sfewer-r7 34107e4f3b favod over for string concatenation. 2023-10-17 11:36:07 +01:00
sfewer-r7 0fc35bf6d3 randomize the plugins version number 2023-10-17 10:01:02 +01:00
sfewer-r7 415bd49b15 use next semantics to return from a yielded block early (note we cannot use return for this) 2023-10-17 09:43:00 +01:00
sfewer-r7 54f334479a fix another typo 2023-10-17 09:30:52 +01:00
sfewer-r7 9e6e9538e1 typo 2023-10-17 09:29:38 +01:00
sfewer-r7 d2438bad4e add a note to explain we need to concat a trailing forward slash 2023-10-17 09:28:04 +01:00
sfewer-r7 4acdaf3087 typos 2023-10-17 09:22:09 +01:00
sfewer-r7 d17f065f12 remove 'localhost' in favor of some random chars 2023-10-17 09:21:28 +01:00
sfewer-r7 3242a7009b clarify timeout is in seconds 2023-10-17 09:11:05 +01:00
sfewer-r7 b97cb9f63d remove whitespace 2023-10-17 09:10:28 +01:00
sfewer-r7 1c027ac05c add an RCE exploit for CVE-2023-22515 2023-10-16 20:50:18 +01:00
cgranleese-r7 9def455f65 Land #18449, Update mysql authbypass hashdump module to correctly close sockets 2023-10-13 11:43:59 +01:00
emirpolatt 0cb56c1de5 Some fixes 2023-10-13 02:16:17 -07:00
emirpolatt e48ead5e8c Fingerprint reduction with Rex::Text.rand_text_alpha(8) 2023-10-13 02:11:57 -07:00
emirpolatt 84f5c7321e Reducing fingerprinting via Rex::Text.rand_text_alpha(8) 2023-10-13 02:02:13 -07:00
emirpolatt 9219a3e90a Adding AttackerKB analysis URL 2023-10-13 01:56:14 -07:00
Spencer McIntyre 05dd2e1473 Land #18351, Apache Superset RCE (CVE-2023-37941) 2023-10-12 17:10:10 -04:00
Jack Heysel d31a485d63 Land #18383, improves enum_computers module 
This PR adds a variety of improvements to the
enum_computers module including shell and powershell
support as well as improvements to run on non-english
systems.
 2023-10-12 13:01:54 -04:00
adfoster-r7 075fe09c2f Fix mysql authbypass running out of sockets 2023-10-12 17:40:33 +01:00
adfoster-r7 80d2fa738d Land #18296, update more mysql modules to support newer authentication methods 2023-10-12 17:19:02 +01:00
Spencer McIntyre 86b7ec4518 Address comments from the review 2023-10-12 09:50:19 -04:00
Spencer McIntyre 4f734379d3 Add module docs and print some messages 2023-10-12 09:27:26 -04:00
Spencer McIntyre 0799f9d860 Add a check method and populate module metadata 2023-10-12 09:27:26 -04:00
Spencer McIntyre 7a226ba285 Randomize components in the MAR file 2023-10-12 09:27:26 -04:00
Spencer McIntyre 5a6dc7f9a6 Initial commit of CVE-2023-43654 2023-10-12 09:27:26 -04:00
Rory McKinley 1b172768b4 Use upstream ruby-mysql in Remote::MYSQL 
* ... and dependents
 2023-10-12 13:08:35 +02:00
cgranleese-r7 3da17d2775 Addresses PR feedback 2023-10-12 10:59:29 +01:00
emirpolatt 2b05dab554 Fix: Msftidy Warnings 2023-10-11 12:19:40 -07:00
emirpolatt b8dcafc0f6 Revert "CVE-2023-27253 - PfSense 2.6.0 'Backup & Restore' OS Command Injection Module" 
This reverts commit c65685deae.
 2023-10-11 12:15:22 -07:00
emirpolatt 9ef1d1746a CVE-2023-22515 - Atlassian Confluence Data Center and Server Broken Access Control Leads to Authentication Bypass 2023-10-11 12:09:22 -07:00
Spencer McIntyre 45be501a50 Raise a more specific error message 
Check for and raise a more specific error message when the internal
database fails to mount because the path is incorrect.
 2023-10-10 15:21:35 -04:00
Spencer McIntyre 59da2865d9 Use an exec-in-place gadget for Python 
This adds a Python deserialization gadget that will exec arbitrary
Python code in place. It is only compatible with Python 3.x due to
differences in Python's exec function and statement between 2 and 3.
 2023-10-10 14:01:24 -04:00
Jack Heysel fb834b235a Land #18417, Add Kibana Upgrade Assistant RCE 
Kibana before version 7.6.3 suffers from a prototype
pollution bug within the Upgrade Assistant. This PR adds
an exploit module to exploit the bug. There is no CVE
for this issue at the moment.
 2023-10-06 17:29:02 -04:00
h00die 931a67d290 kibana telemetry rce rewritten to use fetch payloads 2023-10-06 09:55:10 -04:00