adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
59,357 Commits 27 Branches 1,043 Tags
560327debaa90f5fb932ab49154eee89dd80b0e6
Commit Graph

2784 Commits

Author SHA1 Message Date
Spencer McIntyre 9b8b4621df Land #14368, Pulse Connect Secure gzip RCE: cve-2020-8260 2020-12-17 17:43:55 -05:00
Spencer McIntyre 43b1497cf6 Remove some debug info and mark bind payloads as being incompatible 2020-12-17 16:36:20 -05:00
Shelby Pace 83943adf8b Land #14466, add Aerospike UDF rce 2020-12-10 11:07:56 -06:00
William Vu e52084242f Remove unused vprint_status conditional 2020-12-09 22:45:41 -06:00
William Vu 399c8dbb79 Don't be lazy about sending the request 
Don't telegraph our command injection _quite_ so much. We still
"complete" the initial command line to minimize disruption.

I am now backgrounding ssh-keygen to improve the speed of the exploit.
 2020-12-09 22:07:08 -06:00
Spencer McIntyre 2a2694ef16 Apply rubocop changes and precompute the encryption key 2020-12-07 14:59:40 -05:00
Spencer McIntyre d208e441ba Update the documentation 2020-12-07 10:54:20 -05:00
Spencer McIntyre 811de07e7a Add logout functionality and cleanup HTTP session management 2020-12-07 10:41:42 -05:00
Spencer McIntyre b968cf9183 Cleanup the payload delivery mechanism 2020-12-07 09:40:29 -05:00
dwelch-r7 1617b3ec9b Use zeitwerk for lib/msf/core folder 2020-12-07 10:31:45 +00:00
Brendan Coles 6cdb484d7c Add Aerospike Database UDF Lua Code Execution exploit 2020-12-05 14:15:22 +00:00
Spencer McIntyre 7612845714 Add the initial Ruby port for CVE-2020-8260 2020-12-04 17:56:38 -05:00
Pedro Ribeiro a99ce581dd Update TP-Link AC1750 Pwn2Own 2019 module 2020-11-26 12:56:02 +00:00
William Vu f73a88a39c Land #14396, hadoop_unauth_exec clarification 2020-11-16 12:44:13 -06:00
Tod Beardsley 06a0634828 Describe the Hadoop vuln as not-a-vuln clearly 2020-11-16 11:31:59 -06:00
A Galway 0328e3f815 Land #14359, gives preference to default target options 2020-11-13 14:44:13 +00:00
h00die 020e90543d IOS -> IOC 2020-11-11 17:43:16 -05:00
h00die 6880376c61 add reliability, stability, side effects to pulse_secure_gzip_rce 2020-11-11 17:19:10 -05:00
William Vu fcb507e412 Fix AutoCheck 
I'm a big dummy.
 2020-11-11 15:57:38 -06:00
William Vu 42bdae919b Add SaltStack Salt REST API RCE (CVE-2020-16846) 
Leveraging CVE-2020-25592.
 2020-11-11 13:09:26 -06:00
William Vu 67ae309896 Set plat/arch in saltstack_salt_unauth_rce targets 
Looks like I forgot this, and it affects compatible payloads.
 2020-11-11 13:09:26 -06:00
h00die b0b9ace606 Revert "remove ruby pulse_secure_cmd_exec" 
This reverts commit efb8557e43.
 2020-11-09 20:09:12 -05:00
h00die da70b74954 fix version numbers 2020-11-08 22:38:53 -05:00
h00die 3c4962e9b0 working and clean 2020-11-08 22:31:26 -05:00
h00die 9f936038e5 cleanup rnd1 2020-11-08 08:42:19 -05:00
h00die 0e62e7793d working session on linux/x86/shell/reverse_tcp 2020-11-08 08:27:55 -05:00
Alan Foster 5b438fd933 Preference target values when registering options 2020-11-05 23:16:37 +00:00
h00die f39e4d62e2 working but needs cleanup 2020-11-04 17:59:04 -05:00
h00die bacc0f78ed permissions solved 2020-11-04 14:17:16 -05:00
h00die 8a936a07f0 stuck in read only mode 2020-11-03 18:33:40 -05:00
h00die 1e0ea16173 runs, needs cleanup 2020-11-03 15:25:49 -05:00
Spencer McIntyre 659137da94 Remove the DRuby remote code execution module 2020-11-02 08:32:52 -05:00
h00die efb8557e43 remove ruby pulse_secure_cmd_exec 2020-11-01 14:46:46 -05:00
Spencer McIntyre ba17a5d67f Apply rubocop fixes for the DRuby RCE module 2020-10-22 12:35:35 -04:00
Spencer McIntyre 8aca08f80b Add the DRuby RCE check method 2020-10-22 12:34:51 -04:00
Spencer McIntyre 34e41e66ec Fix the syscall DRuby target by adding a small delay before execve 2020-10-22 12:18:12 -04:00
Spencer McIntyre 49145bfd31 Don't start the DRuby service, it appears unnecessary 2020-10-22 12:15:39 -04:00
youkergav c855857506 Cleaned up more code 2020-10-11 02:26:02 -04:00
youkergav 1cba6080cd Cleaned up code 2020-10-09 22:04:26 -04:00
youkergav d623d85040 Added AutoCheck mixin 2020-10-09 19:45:28 -04:00
youkergav a59558f03c Made password optional parameter 2020-10-09 06:33:57 -04:00
youkergav 5726db44d0 Bug fixed 2020-10-09 06:01:25 -04:00
youkergav 583e77db60 Cleaned up code 2020-10-09 05:38:54 -04:00
youkergav 263b6bc070 Merge branch 'master' of github.com:rapid7/metasploit-framework into su_login 2020-10-09 05:26:48 -04:00
youkergav 23c6c415eb Added python alternative and check function 2020-10-09 03:58:55 -04:00
Grant Willcox 2c391e9edc Fix up last of the module that had incorrect disclosure dates 2020-10-07 12:09:35 -05:00
Alan Foster 30809787c4 Convert disclosure dates to iso8601 2020-10-02 21:00:37 +01:00
Alan Foster 26ff912291 Fix invalid disclosure date formats 2020-10-02 12:20:05 +01:00
youkergav 809584da68 Fixed bug that was crashing orignal session 2020-10-02 04:00:40 -04:00
youkergav 9cf07e499f Replaced payload encoding function 2020-09-29 01:49:40 -04:00