adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
62,075 Commits 27 Branches 1,043 Tags
6acdced3f094e9df0eaf4e5872138e108feee2f7
Commit Graph

31527 Commits

Author SHA1 Message Date
Spencer McIntyre 6acdced3f0 Land #15506, Add evasion module syscall_inject 2021-09-22 10:17:13 -04:00
Spencer McIntyre 48b76e6149 Revert a change that caused a bug 
Using the capital W in Windows.h would raise a fatal error when
compiling.
 2021-09-22 09:55:17 -04:00
Spencer McIntyre ca6f957de0 Land #15632, Winrm improvements 2021-09-21 16:43:24 -04:00
space-r7 b24b6d8063 Land #15695, fix crash / add logging nmap module 2021-09-21 14:13:11 -05:00
Ashley Donaldson 9d8193150f Allow running a shell command separately to the currently interactive shell 2021-09-21 19:12:49 +10:00
adfoster-r7 c86f52a3ec Land #15679, bug fix for tomcat_mgr_upload module not undeploying app after exploit 2021-09-21 03:34:43 +01:00
adfoster-r7 ed72ca217a Improve setuid nmap module 2021-09-21 01:47:59 +01:00
space-r7 fee037ac18 Land #15670, add opmanager sumpdu deser module 2021-09-20 12:15:26 -05:00
Ashley Donaldson 91d0a6cc55 Re-auth after the session times out 
This seems to happen after 8 hours. WinRM doesn't like having bodies
in the authentication requests, so we force the HTTP client to send
an empty one first
 2021-09-17 07:32:18 +10:00
Spencer McIntyre 4bccc0541f Add a note about exploitable versions 2021-09-16 17:08:23 -04:00
Spencer McIntyre fd0f565095 Add automatic targeting for the CVEs 2021-09-16 15:15:52 -04:00
space-r7 12af64c4d8 Land #15604, add buffer overflow G-Cam module 2021-09-16 13:02:57 -05:00
Spencer McIntyre 9f971e8716 Update the module for CVE-2021-3287 2021-09-16 12:58:30 -04:00
Your Name a2f83c22ba Add Pattern Create 2021-09-16 08:22:57 +01:00
Naveen Sunkavally d1da74d329 bug fix to undeploy app after exploit 2021-09-15 21:54:21 -04:00
Spencer McIntyre 56cd43a8b8 Land #15624, Add module for CVE-2020-27955 2021-09-15 14:54:19 -04:00
space-r7 c491687b78 Land #14631, add Jira user enum module 2021-09-15 12:37:17 -05:00
space-r7 c151937226 Update versions tested and vulnerable versions 2021-09-15 12:35:34 -05:00
space-r7 50301f9045 rubocop changes 2021-09-15 10:30:07 -05:00
space-r7 1dedffded1 use array for user names, skip empty user names 2021-09-15 09:29:40 -05:00
Spencer McIntyre fb74888a31 Correct the CVE reference 2021-09-15 08:42:55 -04:00
Robin fcf48c5817 Fixing a problem where the module reported failure but actually 
succeeded
 2021-09-15 10:59:03 +01:00
Spencer McIntyre 1bd3a764a6 Fixup issues from testing 2021-09-14 16:32:25 -04:00
Spencer McIntyre 480dec9a1e Land #15658, Add module for CVE-2021-32682 2021-09-14 14:09:27 -04:00
space-r7 278807be98 check contents of json after attempted upload 2021-09-14 11:36:28 -05:00
Grant Willcox cec3a4bc46 Land #15601, Add Geutebruck Post Exploitation Module 2021-09-14 10:03:21 -05:00
Spencer McIntyre d82ed7d4a2 Write up the module docs 2021-09-14 09:10:44 -04:00
Spencer McIntyre 3986707895 Add and test the remaining targets 2021-09-14 09:10:44 -04:00
Spencer McIntyre d640866b68 Apply rubocop changes and fix all targets 2021-09-14 09:10:44 -04:00
Spencer McIntyre d4834631c3 Add the generated YSoSerial gadget chain 2021-09-14 09:10:44 -04:00
Spencer McIntyre 02fde3ac51 Initial work on CVE-2021-3287 2021-09-14 09:10:44 -04:00
adfoster-r7 1499b1988e Land #15609, Add Meterpreter compatibility commands 2021-09-13 15:21:03 +01:00
kensh1ro c1868d94cd add base64 encoding to shellcode 2021-09-12 17:00:24 +03:00
kensh1ro 4454a7600a add minor fixes to module code 2021-09-10 22:56:04 +03:00
adfoster-r7 46718e3390 Run Rubocop layout rules on modules 2021-09-10 12:53:39 +01:00
Ashley Donaldson 0927737948 Adapted WinRM module logging to MSF logging 
Separated WinRM module into separate files
 2021-09-10 15:54:50 +10:00
space-r7 91ae50eb27 escapeshellcmd -> escapeshellarg 2021-09-09 17:28:05 -05:00
Ashley Donaldson b0e1502c86 Implemented suggestions from code review 
- Use a literal hash
- Comment meaning of NTLM transforms
- store loot with data ready to go, to keep database in sync with file
 2021-09-10 08:25:25 +10:00
space-r7 0095613a94 add completed module and documentation 2021-09-09 16:58:40 -05:00
Grant Willcox 7d3d57817f Add in final changes so that we verify what we insert into the database more and only insert valid formats of data, and then also update the documentation accordingly 2021-09-08 17:27:53 -05:00
Grant Willcox 8057b63329 Add in documentation for various scenarios, fix up another database error, and also improve error handling of invalid responses from the server 2021-09-08 17:27:51 -05:00
Grant Willcox d813e82fa3 Fix up saving data to the database so we have all the necessary info, fix web search to save all IPs discovered and fix up a connection issue encountered during testing 2021-09-08 17:27:49 -05:00
Yvain Douard 3ba0d5e3be facets outfile 2021-09-08 17:27:48 -05:00
Grant Willcox e1cfc8d956 Bring documentation in line with standards and also update the module to fix a bug and to make it more conformant 2021-09-08 17:27:46 -05:00
Owein 9de8ad8108 with web search and possible lists of results: do not use newline to list it but pass the list as is to the table 2021-09-08 17:27:43 -05:00
Owein 8ab247066c facets will work, a little listing of options' values in the readme won't hurt. 2021-09-08 17:27:41 -05:00
Owein 1686e98d6e was missing the function for writing to a file. 
rid of a loop that we didn't want.
 2021-09-08 17:27:40 -05:00
Owein d49405df34 zoomeye more comprehensive output 2021-09-08 17:27:38 -05:00
adfoster-r7 059e39a6f0 Specify meterpreter compatibility command requirements 2021-09-08 22:59:25 +01:00
Jack Heysel 77e8de5881 Land #15645, Add Confluence OGNL exploit module. 
Merge branch 'land-15645' into upstream-master
 2021-09-08 16:51:06 -04:00