adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
74,511 Commits 27 Branches 1,043 Tags
4e99e7dfe7b682a0154d4fc8ec49e6a0f4e2a2c8
Commit Graph

4138 Commits

Author SHA1 Message Date
Takah1ro 4e99e7dfe7 Use Vulnerable when lfi 2024-08-07 08:50:42 +09:00
Takah1ro 92e2694ac5 Use Detected instead of Appears 2024-08-07 08:46:44 +09:00
Takah1ro b7e4247d22 Avoid using CVE as option 2024-08-07 08:43:57 +09:00
Takah1ro c71894f3c4 Remove unnecessary DefaultOptions 2024-08-07 08:21:15 +09:00
Takah1ro b487dadf8c Remove explicit return 2024-08-05 13:01:11 +09:00
Takah1ro 0251f1bd8d Rubocop formatting 2024-08-04 22:10:15 +09:00
Takah1ro 729ecc588a Formatting lfi output 2024-08-04 22:07:53 +09:00
Takah1ro ca0dba1844 Add LFI 2024-08-04 22:02:37 +09:00
Takah1ro a5009cd5ff Add RCE 2024-08-04 21:43:17 +09:00
Takah1ro 7a233f0049 Update CVE-2023-6019 module 2024-08-04 21:07:05 +09:00
Takah1ro 122767cc59 Implement CVE-2023-6019 module 2024-08-04 10:49:11 +09:00
Takah1ro ca75714959 Change all instance of staging_key to @staging_key 2024-07-31 12:54:09 +09:00
Takah1ro a7512f70eb Change all instance of staging_key to @staging_key 2024-07-31 08:47:07 +09:00
Takah1ro 53d74f0777 Use a multi-line string 
instead of a big number on one line
 2024-07-31 08:27:35 +09:00
Takahiro Yokoyama 1c28150514 Update modules/exploits/linux/http/empire_skywalker.rb 
add prepend Msf::Exploit::Remote::AutoCheck at the beginning of the class

Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2024-07-31 08:11:44 +09:00
Takahiro Yokoyama 6f4ff80a38 Update modules/exploits/linux/http/empire_skywalker.rb 
formatting issue

Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2024-07-31 08:09:40 +09:00
Takahiro Yokoyama a35a2c1814 Update modules/exploits/linux/http/empire_skywalker.rb 
formatting issue

Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2024-07-31 08:08:25 +09:00
Takahiro Yokoyama 13f5d971ed Update modules/exploits/linux/http/empire_skywalker.rb 
use a multi-line string instead of a big number on one line

Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2024-07-31 08:04:39 +09:00
Takah1ro 706dc60f6e Use built-in Diffie-Hellman 2024-07-27 12:13:52 +09:00
Takah1ro ebcd7e0e33 rubocop formatting 2024-07-26 23:44:46 +09:00
Takahiro Yokoyama d5ce191ceb Merge branch 'rapid7:master' into master 2024-07-26 21:51:30 +09:00
Takah1ro 393aed445d Formatting 2024-07-26 21:14:51 +09:00
Takah1ro b5c4fd0e32 use the same instance 
OpenSSL::Digest.new('sha256')
 2024-07-26 21:05:59 +09:00
Takah1ro 5ee86967e5 Pass a Hash as argument 2024-07-26 20:59:54 +09:00
Takah1ro bff7e48e3c Avoid code duplication 2024-07-26 20:44:18 +09:00
Takah1ro 10b723751b Avoid code duplication 2024-07-26 13:11:26 +09:00
Takah1ro 0b9b7a49e7 Add response check 2024-07-26 08:48:45 +09:00
Takah1ro b0689971b6 Fix to_bytes 2024-07-26 08:38:14 +09:00
Takah1ro ed0720dcfd Separate write_file function 2024-07-26 08:32:32 +09:00
Takah1ro ae95bb6c0f Fix build_routing_packet 2024-07-26 08:22:57 +09:00
Takah1ro b1e304a61f Fix match 2024-07-26 08:16:30 +09:00
adfoster-r7 62a3f73e70 Update rubocop target ruby version 2024-07-24 16:47:17 +01:00
Takah1ro 0fab915abb Update to use original aes_encrypt function 2024-07-24 12:14:16 +09:00
Takah1ro b48a2089cf fix previous commit bug affecting original exploit 2024-07-24 11:55:05 +09:00
Takah1ro 79ad046f56 Refactoring skywalker 2024-07-24 11:42:19 +09:00
Takah1ro eface45c5c Refactoring skywalker 2024-07-24 10:19:03 +09:00
Takah1ro ab0433e95f Update to target both vulnerabilities 2024-07-23 22:21:08 +09:00
Takah1ro 61754f3c92 Add cve ref and update broken link 2024-07-23 08:43:45 +09:00
Takahiro Yokoyama ad82481cce Update empire_skywalker.rb 2024-07-20 21:55:39 +09:00
Christophe De La Fuente df8f281d18 Land #19204, Zyxel VPN Series Pre-auth Command Injection 2024-07-03 20:14:39 +02:00
jheysel-r7 b67f05f50d Apply suggestions from code review 2024-07-03 13:51:50 -04:00
Jack Heysel 7e4c6ca028 Added code to print stdout of payloads without reverse connections 2024-07-03 09:36:36 -07:00
Jack Heysel 1d602da6b5 Added space between command and stderr/stout redirection 2024-07-03 08:23:38 -07:00
Jack Heysel 9cfaa2e69f Lowered rank and explained mock testing 2024-06-24 09:13:46 -07:00
Christophe De La Fuente 24fa34e7b9 Land #19188, Netis MW5360 unauthenticated RCE [CVE-2024-22729] 2024-06-24 13:40:51 +02:00
Christophe De La Fuente 8fc6e20cec Update other modules to use java_class_loader_start_service and cmdstager_start_service 2024-06-14 12:57:42 +02:00
h00die-gr3y 4e26704d73 Update addressing cdelafuente-r7 comments 2024-06-12 18:57:29 +00:00
Jack Heysel 12b1936e16 Fixed typo added Options section docs 2024-06-10 07:39:24 -07:00
h00die-gr3y 6a77c2e562 Final tweaks in check method 2024-06-08 11:33:55 +00:00
h00die-gr3y 0e3471d543 Final draft 2024-06-07 19:47:06 +00:00