adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
52,170 Commits 27 Branches 1,043 Tags
53ea7e577fc516d751ccd493555eb336f27dd160
Commit Graph

6094 Commits

Author SHA1 Message Date
Jacob Robles c1572c89a8 Land #11841, IBM WAS Network Deployment RCE CVE-2019-4279 2019-06-04 11:49:05 -05:00
Brent Cook 53557cc92e replace trivial usage of expand_path with getenv 
expand_path is not implemented consistently across platforms and
sessions, which leads to confusing behavior. In places where we have trivial
single variable expansions, this changes modules and library code to just use
getenv.

We'll look at the rest individually to see if they can also be reimplemented in
terms of getenv.
 2019-05-31 17:44:35 -05:00
Jacob Robles 1069c3de4f File cleanup 2019-05-30 13:36:28 -05:00
Jacob Robles 87e9fddd2f CMD Target Update 
Generic payload auto-disables the handler so we don't have
to handle that now. Also, remove datastore modifications
in the module.
 2019-05-29 13:09:21 -05:00
Jacob Robles 55dcdace03 Land #11846, OATS Console War Deployment 2019-05-24 11:27:36 -05:00
Wei Chen fcd360891f Check #attributes for nil, and make sure target is oats console 2019-05-24 10:06:47 -05:00
Brent Cook 0559fda9db Land #11873, allow calling methods across related modules 2019-05-23 13:56:27 -05:00
Jacob Robles 1fe981b8e2 Land #11843, Update MSB references 2019-05-23 08:07:46 -05:00
Jacob Robles db353a7ba1 Fix MS reference number 2019-05-23 07:03:23 -05:00
Jacob Robles a0e90c0848 Remove references to doc.microsoft.com bulletin 
MSB references point to this location
 2019-05-23 07:01:21 -05:00
William Vu e836bdceca Force check only in ETERNALBLUE 2019-05-22 20:07:56 -05:00
William Vu 5064f2ce01 Add ForceExploit 2019-05-22 17:50:31 -05:00
William Vu 78fb72fea3 Update ms17_010_psexec 2019-05-22 17:31:24 -05:00
William Vu c7ba2ade65 Convert to mixin 2019-05-22 17:27:11 -05:00
William Vu d0a2d9533f Use CheckCode 2019-05-22 16:51:33 -05:00
William Vu db299b71ce Add datastore option 2019-05-22 16:45:01 -05:00
William Vu fdec7613c0 Update comment 2019-05-22 16:30:10 -05:00
William Vu df425d33b5 Update constant name 2019-05-22 16:29:27 -05:00
William Vu 3a8baf0dec Add comment 2019-05-22 16:28:04 -05:00
William Vu ac8b1fdb7e Add some more error checking 2019-05-22 16:26:27 -05:00
William Vu b99de521c4 Add more comments 2019-05-22 16:14:02 -05:00
William Vu a994f728dd Update comment 2019-05-22 16:10:32 -05:00
William Vu 51fc705cb3 Add ForceExploit 2019-05-22 16:06:04 -05:00
William Vu 486caa7e69 Add some error checking 2019-05-22 15:58:26 -05:00
William Vu 0f0faee680 Add check method to ms17_010_eternalblue 2019-05-22 15:42:57 -05:00
Wei Chen 388a391b9a Update oats_weblogic_console and its doc 2019-05-22 15:14:17 -05:00
William Vu f14ab6e2db Land #11868, iis_webdav_upload_asp disclosure date 2019-05-22 14:28:29 -05:00
Tod Beardsley 5523dce897 Fix disclosure date for WebDAV module 2019-05-22 09:05:56 -04:00
rwincey 99f3f6cb78 Added x64 arch and fixed exe gen 2019-05-20 23:45:26 -04:00
bwatters-r7 e1f898fe52 Land #11834, Fix ams_hndlrsvc 
Merge branch 'land-11834' into upstream-master
 2019-05-20 12:29:45 -05:00
Wei Chen 6cd943e0ce Sometimes attributes could be nil if hitting an unexpected page 2019-05-20 10:48:29 -05:00
Wei Chen 5a46fdf535 Find frsc value from hidden input instead of using rkelly (js) 2019-05-18 19:25:44 -05:00
Wei Chen 592b8302ab Make sure to calls super for setup, also update doc for output 2019-05-18 18:08:25 -05:00
Wei Chen c2567f2ee3 Fix bug on cleanup ready status & more verbose 2019-05-18 17:50:29 -05:00
Wei Chen 40d4b3dfd3 Add doc and update the module title 2019-05-16 16:31:25 -05:00
Wei Chen 39b8dce342 Update the description 2019-05-16 16:25:23 -05:00
Wei Chen 27554cf19a Add the completed version of oats_weblogic_console.rb 2019-05-16 16:24:31 -05:00
7echSec 328b4fa860 Addressing Syntax error 2019-05-16 21:06:47 +05:30
7echSec c947cd76f6 Removed register_advanced_options 
Added 'Powershell::wrap_double_quotes' => false in DefaultOptions.
 2019-05-16 14:19:52 +05:30
PierrickV 94f904311b Fix broken links mostly to Microsoft website 2019-05-16 09:50:19 +02:00
7echSec 053ceed171 Regression fix: Disabling wrap_double_quotes 
This client side exploit stopped working in current MSF throws an error in client browser.As per the analysis its because of Powershell::wrap_double_quotes=true. 
I have just Added "Powershell::wrap_double_quotes"  as advance option to override Datastore value.
 2019-05-16 12:39:42 +05:30
rwincey 7c30422166 Documentation 2019-05-16 00:02:37 -04:00
rwincey 1c05958892 Exploit 2019-05-15 23:36:57 -04:00
h00die 3a305fd7fa add version numbers to ams_hndlrsvc 2019-05-10 16:42:09 -04:00
h00die f50c89ca0a ams_hndlrsvc updates 2019-05-10 16:38:22 -04:00
h00die 185b740d87 msftidy 2019-05-10 15:26:17 -04:00
Wei Chen 03dbb2fc2c Work in progress for oats_weblogic_console 2019-05-10 13:27:08 -05:00
Wei Chen 310d931bf5 Land #11816, Add CVE-2019-5786 : Chrome 72.0.3626.119 on Windows 7 x86 2019-05-08 11:21:40 -05:00
Wei Chen 923d8b8b2e Fix uri with get_resource 2019-05-08 11:20:36 -05:00
Tim W 39969e71fa Initial commit of CVE-2019-5786 2019-05-06 17:05:00 +08:00