adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
45,061 Commits 27 Branches 1,043 Tags
67dc579fd3950a264a6a4be595daa02e2a500e52
Commit Graph

23436 Commits

Author SHA1 Message Date
Brent Cook 67dc579fd3 update magic numbers 2018-02-15 15:10:26 -06:00
HD Moore 7cfc17860d udp_probe is necessary for pivot scans 2018-02-14 08:45:46 -06:00
HD Moore ef13f01820 Remove actually deprecated modules 2018-02-14 08:43:20 -06:00
HD Moore 234f5a316b Revert "Remove old deprecated modules" 
This reverts commit a2c5cc0ffb.
 2018-02-14 08:42:44 -06:00
Spencer McIntyre 5063415b79 Land #9552, add private_type for stored tomcat pw 
Fixes #9513
 2018-02-13 19:25:27 -05:00
Jeffrey Martin 3811665b69 Land #7699, Add UDP handlers and payloads (redux) 2018-02-13 14:50:09 -06:00
Jeffrey Martin d56111a33c update cache sizes from new tests 2018-02-13 14:34:21 -06:00
Wei Chen fbeba8bfd2 Fix #9513, Add private_type to be able to store password for Tomcat 
If there is no :private_type, the create_credential method in
Metasploit::Credential::Creation will quietly skip the password,
which makes it look like a bug when the user is trying to view
the password from the creds command.

Fix #9513
 2018-02-13 14:31:56 -06:00
Jeffrey Martin 2221779ddd update package namespaces 2018-02-13 13:33:36 -06:00
Agahlot de24451035 Correct Typo 2018-02-13 15:57:09 +05:30
follower ecb5fffb0b Typo fix: "withint" --> "within" 2018-02-13 06:20:57 +13:00
h00die 285b329ee1 Land #9422 abrt race condition priv esc on linux 2018-02-11 11:58:39 -05:00
Pearce Barry add7ae8fa1 Land #9536, Add Ubuntu notes to documentation 2018-02-11 07:27:00 -06:00
Pearce Barry 321b78b0fe Land #9408, Add Juju-run Agent Privilege Escalation module (CVE-2017-9232) 2018-02-11 07:19:49 -06:00
Brendan Coles 4e5cbd68b9 Add Ubuntu notes to documentation 2018-02-11 06:52:36 +00:00
Brendan Coles 0d573e1434 Support shell sessions 2018-02-09 16:15:04 -05:00
Brendan Coles 45249d582d Add partition check 2018-02-09 16:15:04 -05:00
Brendan Coles 0ba37f8104 Add glibc $ORIGIN Expansion Privilege Escalation exploit 2018-02-09 16:15:04 -05:00
h00die cb1b59545b Land #9469 linux local exploit for glibc ld audit 2018-02-09 14:00:42 -05:00
Brent Cook 44b08feeb0 Land #9525, Update mysql_hashdump for MySQL 5.7 and above 2018-02-08 13:56:26 -06:00
Brent Cook 1bb5499fce fix whitespace 2018-02-08 13:55:40 -06:00
Jacob Robles c642d420c2 Land #9489, Add scanner for the Bleichenbacker oracle (AKA: ROBOT) 2018-02-08 12:55:02 -06:00
Osanda Malith Jayathissa 00ead05237 Update for MySQL 5.7 and above 
Starting from MySQL 5.7 the password column was changed to authentication_string. I've added a check to determine the version. Tested on both MySQL 5.6 and 5.7.
 2018-02-08 13:40:35 +00:00
Brendan Coles 5b251ae672 Support shell sessions on Debian 2018-02-08 11:29:09 +00:00
Brent Cook ca4ad1d0c4 Land #9478, Improve Dup Scout BOF exploit 2018-02-07 23:51:14 -06:00
Brent Cook 1af1631ef6 bump cached payload sizes 2018-02-07 08:06:37 -06:00
Brendan Coles 696817215b Update tested versions 2018-02-05 04:48:52 +00:00
Brendan Coles e158ccb20b Support cleanup for meterpreter sessions 2018-02-04 04:38:53 +00:00
Brendan Coles 74ab02f27b Support meterpreter sessions 2018-02-03 11:55:08 +00:00
Adam Cammack 51e098da35 Add scanner for Bleichenbacher oracle (ROBOT) 2018-02-02 16:29:07 -06:00
William Vu c9473f8cbc Land #9473, new MS17-010 aux and exploit modules 2018-02-01 23:56:29 -06:00
zerosum0x0 ffc7e078e2 don't disconnect until cleanup 2018-02-01 21:46:56 -07:00
h00die 7cb0a118c1 Land #9399 a linux priv esc against apport and abrt 2018-02-01 21:54:54 -05:00
Brendan Coles 3c21eb8111 Update documentation 2018-02-02 02:27:13 +00:00
Jacob Robles bc18389284 Updated Document and Module 
Update the documentation based on analysis of the vulnerability.
Slight modifications to the exploit module as well to reduce the
size of the generated file and reduce bad characters.
 2018-02-01 10:05:50 -06:00
RageLtMan 812d7ca739 Update native DNS spoofer for Dnsruby 
Fix methods relating to answer/question data structures which were
set up for Net::DNS objects in the original implementation
utilizing uppercase letters in the exact same method names.

Testing:
  None yet, completely forgot i even wrote this module till i saw
it in my merge conflicts after upstream merged the PR.
 2018-01-31 23:44:51 -05:00
Brendan Coles 0d80ca6f79 Change documentation extension from rb to md 2018-01-31 23:26:30 +00:00
Brent Cook beb4d56f7d Land #9354, Debut embedded httpd server (Brother printers) DoS 2018-01-31 17:03:13 -06:00
bwatters-r7 8be2b1f59e Land # 9407, Add BMC Server Automation RSCD Agent RCE exploit module 
Merge branch 'land-9407' into upstream-master
 2018-01-31 13:35:29 -06:00
Jacob Robles 656bb7f567 Modified DupScout Fileformat Exploit 2018-01-30 09:12:05 -06:00
h00die 08dcb5cc49 Land #9445 fixes for ssl labs scanner module 2018-01-29 20:51:05 -05:00
Jacob Robles d4a0372238 Land #9457, Dup Scout Enterprise v10.4.16 - Import Command Buffer Overflow 2018-01-29 11:40:54 -06:00
zerosum0x0 7cc00c0e10 fixed padding/offsets for win 10 2018-01-28 21:10:51 -07:00
zerosum0x0 237c3f7b2c crash 10.14393... should fail to leak transaction 2018-01-28 18:52:43 -07:00
zerosum0x0 2723b328aa misc tidying, added more randomness 2018-01-28 18:20:18 -07:00
zerosum0x0 6c2d5b1fc2 semi-completed exploit files 2018-01-28 18:13:25 -07:00
Brendan Coles 092eb0cd11 Add glibc LD_AUDIT Arbitrary DSO Load Privilege Escalation exploit 2018-01-28 05:11:38 +00:00
Brendan Coles 23f4bf1583 Add documentation 2018-01-27 03:15:06 +00:00
Aaron Soto c390696ddf Land #9379, Oracle Weblogic RCE exploit and documentation 2018-01-25 21:47:18 -06:00
William Vu 309deb9ee7 Land #9446, Post API fix for setuid_nmap 2018-01-25 16:00:40 -06:00