adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
45,112 Commits 27 Branches 1,043 Tags
56c00a8cb6ffdcaf0d6f72cddacde0f8d0f1096e
Commit Graph

11051 Commits

Author SHA1 Message Date
h00die 285b329ee1 Land #9422 abrt race condition priv esc on linux 2018-02-11 11:58:39 -05:00
Pearce Barry add7ae8fa1 Land #9536, Add Ubuntu notes to documentation 2018-02-11 07:27:00 -06:00
Pearce Barry 321b78b0fe Land #9408, Add Juju-run Agent Privilege Escalation module (CVE-2017-9232) 2018-02-11 07:19:49 -06:00
Brendan Coles 4e5cbd68b9 Add Ubuntu notes to documentation 2018-02-11 06:52:36 +00:00
Brendan Coles 0d573e1434 Support shell sessions 2018-02-09 16:15:04 -05:00
Brendan Coles 45249d582d Add partition check 2018-02-09 16:15:04 -05:00
Brendan Coles 0ba37f8104 Add glibc $ORIGIN Expansion Privilege Escalation exploit 2018-02-09 16:15:04 -05:00
h00die cb1b59545b Land #9469 linux local exploit for glibc ld audit 2018-02-09 14:00:42 -05:00
Brendan Coles 5b251ae672 Support shell sessions on Debian 2018-02-08 11:29:09 +00:00
Brent Cook ca4ad1d0c4 Land #9478, Improve Dup Scout BOF exploit 2018-02-07 23:51:14 -06:00
Brendan Coles 696817215b Update tested versions 2018-02-05 04:48:52 +00:00
Brendan Coles e158ccb20b Support cleanup for meterpreter sessions 2018-02-04 04:38:53 +00:00
Brendan Coles 74ab02f27b Support meterpreter sessions 2018-02-03 11:55:08 +00:00
William Vu c9473f8cbc Land #9473, new MS17-010 aux and exploit modules 2018-02-01 23:56:29 -06:00
zerosum0x0 ffc7e078e2 don't disconnect until cleanup 2018-02-01 21:46:56 -07:00
h00die 7cb0a118c1 Land #9399 a linux priv esc against apport and abrt 2018-02-01 21:54:54 -05:00
Brendan Coles 3c21eb8111 Update documentation 2018-02-02 02:27:13 +00:00
Jacob Robles bc18389284 Updated Document and Module 
Update the documentation based on analysis of the vulnerability.
Slight modifications to the exploit module as well to reduce the
size of the generated file and reduce bad characters.
 2018-02-01 10:05:50 -06:00
Brendan Coles 0d80ca6f79 Change documentation extension from rb to md 2018-01-31 23:26:30 +00:00
bwatters-r7 8be2b1f59e Land # 9407, Add BMC Server Automation RSCD Agent RCE exploit module 
Merge branch 'land-9407' into upstream-master
 2018-01-31 13:35:29 -06:00
Jacob Robles 656bb7f567 Modified DupScout Fileformat Exploit 2018-01-30 09:12:05 -06:00
Jacob Robles d4a0372238 Land #9457, Dup Scout Enterprise v10.4.16 - Import Command Buffer Overflow 2018-01-29 11:40:54 -06:00
zerosum0x0 7cc00c0e10 fixed padding/offsets for win 10 2018-01-28 21:10:51 -07:00
zerosum0x0 2723b328aa misc tidying, added more randomness 2018-01-28 18:20:18 -07:00
zerosum0x0 6c2d5b1fc2 semi-completed exploit files 2018-01-28 18:13:25 -07:00
Brendan Coles 092eb0cd11 Add glibc LD_AUDIT Arbitrary DSO Load Privilege Escalation exploit 2018-01-28 05:11:38 +00:00
Brendan Coles 23f4bf1583 Add documentation 2018-01-27 03:15:06 +00:00
Aaron Soto c390696ddf Land #9379, Oracle Weblogic RCE exploit and documentation 2018-01-25 21:47:18 -06:00
William Vu 309deb9ee7 Land #9446, Post API fix for setuid_nmap 2018-01-25 16:00:40 -06:00
Daniel Teixeira 4cd5801e6f Dup Scout Import Command Buffer Overflow 2018-01-24 20:47:46 +00:00
bwatters-r7 a27cfeaea9 Land #9416, Sync Breeze Enterprise 9.5.16 Import Command buffer overflow 
Merge branch 'land-9416' into upstream-master
 2018-01-23 16:35:51 -06:00
bwatters-r7 3922844650 ninja style changes 2018-01-23 16:34:49 -06:00
bwatters-r7 685a950077 Land #9114, Add module for Kaltura <= 13.1.0 RCE (CVE-2017-14143) 
Merge branch 'land-9114' into upstream-master
 2018-01-23 12:35:59 -06:00
William Vu 5684b9ed7c Readd dropped return during refactoring 2018-01-23 10:12:15 -06:00
William Vu d3b3946669 Use Msf::Post::File#setuid? in setuid_nmap 2018-01-23 02:05:26 -06:00
Brent Cook aae77fc1a4 Land #9349, GoAhead LD_PRELOAD CGI Module 2018-01-22 23:10:36 -06:00
Brent Cook d1569f8280 Land #9413, Expand the number of class names searched when checking for an exploitable JMX server 2018-01-22 16:49:01 -06:00
Brent Cook 682c915a09 Land #9267, Add targets to sshexec 2018-01-22 09:59:48 -06:00
Kevin Kirsche c7d3b5dfbb Update payload and disable check functionality 
The check functionality is broken as MSF cannot handle HttpServer and HttpClient at this time.

The payloads were updated to ensure CVE-2017-10271 is being exploited instead of CVE-2017-3506 as explained on https://blog.nsfocusglobal.com/threats/vulnerability-analysis/technical-analysis-and-solution-of-weblogic-server-wls-component-vulnerability/
 2018-01-18 13:26:44 -05:00
bwatters-r7 4c11eae774 Maybe that timeout is needed..... 2018-01-17 13:21:36 -06:00
Philippe Tranca 35bec8d3cd Fixed classes names and added RMI interfaces 2018-01-17 17:10:36 +01:00
Philippe Tranca d345008b20 Added all the classes that implement RMI server 2018-01-17 17:03:32 +01:00
bwatters-r7 f439edfa1a Fixes by the fabled wvu 2018-01-17 08:20:52 -06:00
Brendan Coles 5e11d36351 Add ABRT raceabrt Privilege Escalation module 2018-01-16 14:52:33 +00:00
Brendan Coles 4ade798cef Fix check for juju-run path 2018-01-16 07:19:48 +00:00
Daniel Teixeira aa9b5e4419 Sync Breeze Enterprise Import Command 2018-01-15 20:46:40 +00:00
Christian Mehlmauer 2f9eebe28b remove plugin dir 2018-01-15 14:48:59 +01:00
Philippe Tranca dfb9941e95 Fix java_jmx_server exploit 
Add test case when discovering RMI endpoint as the previous one was not complete
 2018-01-15 12:13:09 +01:00
Nicky Bloor 333ee893d3 Tidied up platform detection, check method, and minor typos. 2018-01-14 18:28:40 +00:00
Brendan Coles e1cbe4e906 Rename apport_chroot_priv_esc to apport_abrt_chroot_priv_esc 2018-01-14 08:33:43 +00:00