adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
59,357 Commits 27 Branches 1,043 Tags
560327debaa90f5fb932ab49154eee89dd80b0e6
Commit Graph

15013 Commits

Author SHA1 Message Date
Christophe De La Fuente c8819259ae Land #14414, CVE-2020-1337 - patch bypass for CVE-2020-1048 2021-01-15 19:13:14 +01:00
bwatters 9beb570ca3 Remove unnecessary require that broke things 2021-01-15 08:32:05 -06:00
Spencer McIntyre ea154717aa Use an absolute assembly path for the CVE-2020-17136 exploit 2021-01-14 08:53:11 -05:00
Grant Willcox 6fc4518625 Land #14600, Refactor and document some of the FileSystem mixin methods 2021-01-12 16:10:23 -06:00
bwatters d8e68e6487 Specify you must be SYSTEM for dll removal in docs and removed unused variable in the module 2021-01-12 11:45:53 -06:00
Spencer McIntyre 33bd712e0a Land #14585, Create module for CVE-2020-17136: Cloud Filter Arbitrary File Creation EoP 2021-01-11 17:16:40 -05:00
bwatters 50e115b414 Cleanup and edits per review from Christophe 
Removed unused method from ps script
Cleaned up some code in the module
Added removal instructions to the documentation
 2021-01-11 16:02:58 -06:00
Shelby Pace 7aef731267 Land #14572, add AIT CSV import rce 2021-01-11 15:37:05 -06:00
h00die 7d7263cf1f spelling 2021-01-09 08:13:19 -05:00
Spencer McIntyre 829bacbef6 Refactor and document some of the FileSystem mixin methods 2021-01-08 16:10:36 -05:00
Grant Willcox 3072391d00 Make second round of review edits to fix Spencer's comments 2021-01-08 12:50:52 -06:00
Grant Willcox d5bb36c530 Fix up code to use built in cd() and mkdir() commands, and adjust code to not overwrite datastore hash. Also use service_hash over manually starting the service. 2021-01-07 17:39:30 -06:00
bwatters 7d81b4826d Update credits 2021-01-07 16:30:19 -06:00
Anurag Mondal 2465c6ca0f Update webmin_show_cgi_exec.rb 
Fixed some typos.
 2021-01-07 15:05:53 +05:30
bwatters 5e5d7b1abb Update to execute_string to avoid the issue where an arbitrary 
length comment is required for the exploit to work.
 2021-01-06 17:08:22 -06:00
Grant Willcox 3e52debd8b Update the exploit a bit more to remove excess options and also update the documentation accordingly. 2021-01-06 12:16:06 -06:00
Grant Willcox 5262e16694 Make adjustments since the exploit can currently only target x64 systems 2021-01-06 11:40:02 -06:00
Christophe De La Fuente 17c393f101 Land #14046, Adding juicypotato-like privilege escalation exploit for windows 2021-01-06 16:02:05 +01:00
Grant Willcox 863417fca7 Second round of updates and some rubocop changes to conform to standards. 2021-01-06 01:30:40 -06:00
Grant Willcox 81ee149ea2 Add check code support to module and update the documentation accordingly, plus rework the module description 2021-01-06 01:06:08 -06:00
Grant Willcox 839daf93e9 Update the compiled DLL and redo a lot of the module to get it into its first ready state using a different DLL hijack I found during research 2021-01-05 16:12:08 -06:00
bwatters 54f5e565fa Land #14330, SpamTitan Gateway Remote Code Execution 
Merge branch 'land-14330' into upstream-master
 2021-01-04 12:14:12 -06:00
Grant Willcox 668eeae4e1 Initial push of code 2021-01-04 12:04:38 -06:00
h00die d8c55501a5 ait csv improter exploit 2021-01-01 12:14:52 -05:00
Grant Willcox 7de662c807 Land #14521, Struts2 Multi Eval OGNL RCE 2020-12-23 11:40:16 -06:00
Grant Willcox 70f8ff31f8 Update documentation to include missing extra options I forgot to document, edit the wording on the module to match the documentation, and do final touch ups. 2020-12-23 10:50:22 -06:00
CSharperMantle d99c2ac783 linguistic fixes of 'does not exists' 2020-12-23 11:36:38 +08:00
Grant Willcox 8a932b847a Apply RuboCop edits 2020-12-22 17:57:38 -06:00
Grant Willcox 4a449f97d3 Land #14522, Replace hard-coded Shiro default key with ENC_KEY 2020-12-22 09:26:49 -06:00
Grant Willcox 7d0cb771a5 Apply RuboCop updates to module. 2020-12-21 17:31:24 -06:00
Grant Willcox 24e8aeffe5 Incorporate review feedback and update the associated documentation. 2020-12-21 17:29:21 -06:00
C4ssandre 57c57a398d Adding new check to filter out Windows 7 and Windows XP. Indeed, lab experiments has shown that BITS does not attempt to connect to WinRM port, making those systems not vulnerable. 2020-12-19 02:51:48 +01:00
Christophe De La Fuente dc6b67f4c6 Land #14509, Fixes for Solr RCE 2020-12-18 21:51:06 +01:00
Spencer McIntyre 9b8b4621df Land #14368, Pulse Connect Secure gzip RCE: cve-2020-8260 2020-12-17 17:43:55 -05:00
Spencer McIntyre 43b1497cf6 Remove some debug info and mark bind payloads as being incompatible 2020-12-17 16:36:20 -05:00
James Lee be3a1eb9d6 Guard against empty response 2020-12-16 18:25:17 -06:00
Spencer McIntyre 87dacce2cd Land #14446, Add Oracle Solaris SunSSH PAM parse_user_name() exploit (CVE-2020-14871) 2020-12-16 16:01:32 -05:00
bwatters 222d510e44 Rubocop fixes 2020-12-16 13:59:47 -06:00
bwatters 7f4fac4548 Fix powershell issues and add comment because it is apparently magic 2020-12-16 13:57:02 -06:00
Christophe De La Fuente a939704f9d Add an SNMPPORT options 2020-12-16 15:15:27 +01:00
Christophe De La Fuente 60bcc95edc Fix documentation 2020-12-16 15:15:27 +01:00
Christophe De La Fuente a6102bd8ac Make rubocop happy 2020-12-16 15:15:27 +01:00
Christophe De La Fuente 99d3f66271 Add authentication and refactor 2020-12-16 15:15:27 +01:00
Christophe De La Fuente 08f051e959 Apply rubocop 2020-12-16 15:15:27 +01:00
Christophe De La Fuente 56560c901b Add SpamTitan RCE module 2020-12-16 15:15:26 +01:00
kai 9be1e8c295 replace hard-coded shiro default key with SHIROKEY 2020-12-16 11:03:30 +08:00
Spencer McIntyre 941ba923f7 Add missing module notes 2020-12-15 19:58:04 -05:00
Spencer McIntyre 3d7ed70cec Tweak the check method and add module docs 2020-12-15 19:49:29 -05:00
Spencer McIntyre 289605f532 Require that the user know the CVE since the check is questionable 2020-12-15 19:17:35 -05:00
Spencer McIntyre 9bdf591a98 Add a working command stager for CVE-2020-17530 2020-12-15 09:13:06 -05:00