adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
52,471 Commits 27 Branches 1,043 Tags
565e18cbe8a2fcda4cf86631be524ce8a7d6b5eb
Commit Graph

26695 Commits

Author SHA1 Message Date
Guillaume Andre 565e18cbe8 Add a few checks 
Change-Id: Ieca129a54d2105bf646e6f848cb5ecec804c372f
 2019-07-11 14:20:21 +01:00
yaumn 435240ed41 Update modules/exploits/linux/local/exim4_deliver_message_priv_esc.rb 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-07-10 17:24:48 +01:00
yaumn 074c73236a Update modules/exploits/linux/local/exim4_deliver_message_priv_esc.rb 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-07-10 17:24:32 +01:00
yaumn 7812e0037b Update modules/exploits/linux/local/exim4_deliver_message_priv_esc.rb 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-07-10 17:24:13 +01:00
yaumn af89433c1d Update modules/exploits/linux/local/exim4_deliver_message_priv_esc.rb 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-07-10 17:23:50 +01:00
yaumn 9ffbfe0985 Update modules/exploits/linux/local/exim4_deliver_message_priv_esc.rb 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-07-10 17:23:38 +01:00
yaumn a06dffa174 Update modules/exploits/linux/local/exim4_deliver_message_priv_esc.rb 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-07-10 17:22:52 +01:00
Guillaume Andre 5d52b0326b Add better checks at the beginning of the exploit. 
Change-Id: Ib80907f03f15b6c0cf32b48f059cf042e4d6a91f
 2019-07-10 11:33:09 +01:00
Guillaume Andre b68383141c Added Qualys and dhn to credits. Set suid bit of payload instead of shell launcher. Print detected exim version 
Change-Id: I61805a4d2b6f7f8a268b677c3c6f1d76ada034da
 2019-07-09 16:51:14 +01:00
yaumn df46faf71f Finish documentation. Exploit is stable. 2019-07-07 23:58:29 +01:00
yaumn 7b2a1b67ed Add a documentation file 2019-07-07 00:25:54 +01:00
yaumn a5843e48a9 Basic reverse shell does not disconnect anymore 2019-07-06 00:53:33 +01:00
Guillaume Andre 4c2cacd7d6 Add meterpreter support 2019-07-05 16:53:39 +01:00
yaumn 2c8ad0e357 First tests with meterpreter sockets 2019-07-05 01:04:15 +01:00
yaumn 74eb74e606 Pipe method with netcat now works 2019-07-04 23:15:23 +01:00
Guillaume Andre e4c27d3eab Clean pipe file 
Change-Id: Ibc78639ad44eb56ffa26fcfb4f656b5a78dbf76a
 2019-07-04 16:20:13 +01:00
Guillaume Andre 3c0b581371 Clean code 
Change-Id: I83287dcd52c4ba566396a0ff7e4f3c3125d12bb0
 2019-07-04 16:16:27 +01:00
Guillaume Andre 9b378ceb71 Add options. Add pipe netcat method 
Change-Id: I0c401add1c2ff76e3e2c3d82a8fb7f74db405a1f
 2019-07-04 15:02:03 +01:00
yaumn bddfef0cac Add options. Exploits now works with both setuid and nc methods 2019-07-04 00:16:28 +01:00
yaumn bb58160d10 Exploits now also works with netcat 2019-07-03 14:30:23 +01:00
yaumn 4f1d9af5fd Add netcat method (still buggy though) 2019-07-03 14:30:23 +01:00
Guillaume Andre a2411a1d63 First version of the exploit is now working 
Change-Id: Idf6b6d773cf71c477fe68885313f5f98d74d9c11
 2019-07-03 14:30:23 +01:00
Guillaume Andre bef6425d0e First commit 
Change-Id: If751eb1753fc8991fe7971c7123a203734396a46
 2019-07-03 14:30:23 +01:00
William Vu ef20123c34 Land #12044, snmp_enum SNMP::NoSuchInstance fix 2019-07-02 16:26:33 -05:00
Matthew Kienow 260c369aff Fix network interface processing 
The SNMP walk operation can return an SNMP::NoSuchInstance class.
The error class must be handled rather than attempting to use it as a
valid value.
 2019-07-02 15:14:55 -04:00
William Vu 5e04ab2e66 Add lokiuox to bypassuac_silentcleanup authors 
Looks like they were removed by accident.
 2019-07-02 12:36:07 -05:00
h00die a42c7ea736 land #11990 windows tomcat cmdlinearguments 2019-07-01 17:29:02 -04:00
asoto-r7 d3056723e1 Land #12030, CVE-2019-12181: Serv-U FTP Server prepareinstallation privesc 2019-07-01 16:01:04 -05:00
Brent Cook e50ab5cd13 Land #11726, add exploit for CVE-2019-8513, macOS TimeMachine cmd injection 2019-06-29 05:36:12 -05:00
Brent Cook 4e544fe733 Land #11968, only enable UDP stagers for compatible payloads 2019-06-29 03:34:15 -05:00
Brent Cook 83e2c71b44 Land #11923, Set sockaddr_len with x64 shell_find_port payload 2019-06-29 03:26:52 -05:00
bcoles c7ff78c277 Remove spaces at EOL 2019-06-29 14:01:18 +10:00
Brendan Coles 203e3b74db Add Serv-U FTP Server prepareinstallation Privilege Escalation 2019-06-29 03:52:53 +00:00
William Vu 0a00f3851a Land #12007, true 0s timeout in send_request_* 2019-06-28 12:32:32 -05:00
William Vu 49176a3606 Land #11952, Supra Smart Cloud TV RFI module 2019-06-28 12:12:15 -05:00
William Vu baa17290e4 Adjust name :) 2019-06-28 12:08:27 -05:00
Dhiraj Mishra 09d6ae3458 Removing comments 
Thanks wvu-r7 for your support.
 2019-06-28 16:17:08 +05:30
William Vu d7a5eae146 Fix bug, adjust prints, and check body for "OK" 2019-06-28 04:12:57 -05:00
William Vu 7a26e1c257 Fix sshexec hanging on exec! and blocking close 2019-06-27 22:07:37 -05:00
James Barnett 2ed8e6db97 Deregister PASSWORD_SPRAY option for LoginScanner modules 2019-06-27 17:06:32 -05:00
William Vu 1503dcd168 Land #11997, SilentCleanup UAC bypass 2019-06-27 11:52:56 -05:00
William Vu 6f1aaac70e Add enigma0x3 and fix nyshone69 researchers 2019-06-27 11:38:34 -05:00
asoto-r7 26cd53efb6 Land #11977, AWS EC2, S3, and IAM Enumeration 2019-06-27 11:29:05 -05:00
William Vu 7b0aac72ec Fix missing is_in_admin_group? method 
This was missed in the refactor, since admin_group was removed.
 2019-06-27 11:16:49 -05:00
Jeff McJunkin 2927fd5dc8 Update bypassuac_sluihijack: Fix typo 2019-06-26 14:25:32 -07:00
asoto-r7 0c83e55b00 enum_iam: Update 'Console Login' output to accurately reflect Disabled status 2019-06-26 14:57:32 -05:00
William Vu 61f09d0538 Land #12017, xdebug_unauth_exec nil fix 2019-06-26 12:26:30 -05:00
William Vu cc3fd747aa Add Pen Test Partners reference 
Did we somehow miss this?
 2019-06-26 11:05:22 -05:00
Patrick Webster 8d6f36e05c Minor fix for xdebug_unauth_exec 
Avoid triggering error where res.headers may not exist.
 2019-06-27 01:00:49 +10:00
William Vu 933b5f0413 Tidy up send_request_cgi 2019-06-26 00:59:53 -05:00