adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
77,971 Commits 27 Branches 1,043 Tags
6d9d9a70d410cc94de4d3d9afd7a75cd426d43be
Commit Graph

892 Commits

Author SHA1 Message Date
cgranleese-r7 04a18fb3ca Updates modules to remove non-printable chars 2025-06-25 14:19:56 +01:00
cgranleese-r7 40ca2b3b1b Adds sentinel notes to modules that are missing stability, reliability or side effects 2025-06-25 09:32:01 +01:00
cgranleese-r7 a454217bd4 Update info -d markdown 2025-06-24 11:21:49 +01:00
cgranleese-r7 37388ca1be Adds sentinel values to modules missing notes 2025-06-23 12:24:58 +01:00
cgranleese-r7 ade9b54d94 Runs Style/TrailingCommaInArguments Rubocop against modules 2025-06-23 09:30:35 +01:00
cgranleese-r7 a4b14d8b64 Runs Rubocop to fix layout in modules 2025-06-20 15:18:01 +01:00
cgranleese-r7 1c72a3adc3 Fixes duplicate notes in a couple of modules 2025-06-12 14:32:12 +01:00
Martin Sutovsky f7fd84b82d Adds different approach to udev rule naming 2025-06-04 15:24:43 +02:00
msutovsky-r7 5fbf46ba7f Land #19472, adds exploits/linux/local/udev_persistence 
Add modules/exploits/linux/local/udev_persistence.rb
 2025-06-04 13:21:04 +02:00
Martin Sutovsky 6806385292 Update 2025-06-04 12:56:51 +02:00
Martin Sutovsky 0d31440722 Update the module 2025-06-04 12:19:36 +02:00
Julien Voisin 0106a4440e Merge branch 'master' into aka_equationgroup 2025-05-30 17:17:54 +02:00
adfoster-r7 8604c72ef4 Merge pull request #19895 from cgranleese-r7/update-dead-module-references 
Update dead module references
 2025-03-05 16:57:05 +00:00
cgranleese-r7 0017fbdf56 Updates more dead links 2025-02-28 10:30:14 +00:00
jvoisin b988b49f27 Add Notes->AKA for EquationGroup codenames 
Sources used:
- https://www.rapid7.com/blog/post/2017/04/18/the-shadow-brokers-leaked-exploits-faq/
- https://github.com/x0rz/EQGRP
 2025-02-23 20:36:12 +01:00
bwatters-r7 c8aea65c7a Remove errant CVE reference. 2025-02-20 08:19:23 -06:00
Brendan 66d657f385 Merge pull request #19810 from h00die/fix_loadmaster_2024 
Fix loadmaster privesc check method and refs
 2025-02-18 19:34:00 -06:00
h00die af12460274 wrap tomcat dpkg command and rex version 2025-01-22 17:06:48 -05:00
h00die ae5f0e8689 guard Rex::Version.new against crashes on local modules 2025-01-17 16:10:23 -05:00
h00die 79ac873dfa fix loadmaster 2024 cve ref 2025-01-16 16:32:00 -05:00
h00die 7eee3f0be8 fix loadmaster 2024 check method crash 2025-01-16 16:30:45 -05:00
jheysel-r7 5374c7b362 Merge pull request #19676 from h00die/needrestart 
Ubuntu needrestart LPE (CVE-2024-48990)
 2025-01-09 17:02:54 -08:00
jheysel-r7 a6ba7bf9c2 Merge pull request #19734 from h00die/runc_arch 
arch linux compatibility for runc priv esc
 2025-01-09 16:45:02 -08:00
h00die 437c9fc99e review of ubuntu_needrestart_lpe 2025-01-09 16:23:09 -05:00
Jack Heysel 23db148aa9 Add check for nosuid 2025-01-09 09:59:09 -08:00
Brendan 7ddffc790c Merge pull request #19460 from gardnerapp/game_overlay 
Land #19460, CVE-2023-2640, CVE-2023-32629 Game Overlay Ubuntu Privilege Escalation
 2024-12-18 14:44:57 -06:00
bwatters-r7 59229ee612 Update payload name, fix payload escapes & quotation, add unix cmd support 2024-12-17 16:52:24 -06:00
h00die af462f7dcf arch linux compatibility for runc priv esc 2024-12-16 05:52:29 -05:00
h00die 6911e52d55 peer review 2024-12-06 15:39:19 -05:00
h00die bca3626cf2 peer review 2024-12-04 18:39:43 -05:00
h00die e41f5ad577 needrestart exploit updates 2024-11-27 15:41:23 -05:00
h00die d778f5469b needrestart improvements 2024-11-26 18:22:48 -05:00
h00die 19394960cd needrestart improvements 2024-11-25 16:40:00 -05:00
h00die d4bd00d48e needrestart improvements 2024-11-25 16:38:18 -05:00
h00die 7fd82b89df offload files to data 2024-11-22 15:57:18 -05:00
h00die 7025871d34 ubuntu needrestart lpe 2024-11-22 15:44:52 -05:00
h00die 94e5e49052 ubuntu needrestart lpe 2024-11-22 15:44:45 -05:00
h00die 0f6da56a52 vcenter sudo module 2024-11-21 04:34:15 -05:00
bwatters-r7 441a3215b2 Catch up to head on other branch 2024-11-19 08:59:22 -06:00
h00die 6bd049e346 operator working 2024-11-18 20:09:13 -05:00
gardnerapp 19770cf870 Remove unneeded file and rudocop corrections 
Update modules/exploits/linux/local/gameoverlay_privesc.rb

Co-authored-by: Brendan <bwatters@rapid7.com>

Give bwatters7 credit, add docs

Experiment with randomized bash copy and Rex::File.join

remove unused line

Add missing parenthesis

fix problem with bash copy

Remove rex::join, call proper method for generating payload

add exploit::exe mixin, bash copy randomization

Rubocop changes

Remove nc
 2024-11-18 17:01:08 -06:00
gardnerapp 6e09722f67 Rubocop changes and arch tracking for payload 
Update modules/exploits/linux/local/gameoverlay_privesc.rb

Co-authored-by: Brendan <bwatters@rapid7.com>

Rubocop changes
 2024-11-18 16:59:37 -06:00
gardnerapp c6425f7245 Break out command building to make it easier to read 
Update modules/exploits/linux/local/gameoverlay_privesc.rb

Co-authored-by: Brendan <bwatters@rapid7.com>
 2024-11-18 16:58:56 -06:00
gardnerapp e506c34e13 Update modules/exploits/linux/local/gameoverlay_privesc.rb 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2024-11-18 16:57:17 -06:00
gardnerapp 883a0f8985 Update modules/exploits/linux/local/gameoverlay_privesc.rb 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2024-11-18 16:57:17 -06:00
gardnerapp 51194ad0c9 Rebase and maintain authorship 
Rebase and change payload delivery

Rebase and remove cmdstager
Update modules/exploits/linux/local/game_overlay_privesc.rb

Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>

remove CmdStager Mixin

Add PrependSetuid

Remove python from exploit

Remove generate_payload_exe and add dynamic directory to upper mount layer

Change where payload is dropped

Remove FileUtils module

Call proper method for generating payload

Seperate exploit and triggering of payload

Seperate exploit and triggering payload

test
 2024-11-18 16:55:59 -06:00
gardnerapp c927f22d66 Update modules/exploits/linux/local/game_overlay_privesc.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2024-11-18 16:44:33 -06:00
Corey 5edec2525f Rebase and Squash 
init

Add moduel scaffolding

Add Opts, check and exploit methods

Rubocop changes

Add checks for vunerable kernel versions

Write check for distro type

Finish protoype of check add exploit

Make changes to check method

Add checkcode

Add x86 for payload compatability

remove check, add kernel version

add codenam, transform keys in vuln

Note

minor spelling change

Add description

Add cve references

Start trying to drop payloads on disk

Change description, include modules for file upload, use proper methods for writing payload

continue trying to upload

Use write_file instead of upload_and_chmodx

remove upload_dir opt

expirement w g1vi exploit

Include cmd_stage module, add generate_payload_exe, run payload in new namespace

Add missing call to setcap, fix description

Fix unterminated string, fix directory for calling python copy

Rubocop changes

Create dynamic payload

Add mkdir_p and WritableDir opts

Update modules/exploits/linux/local/game_overlay_privesc.rb

Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>

Revert back to python exploit, add dynamic writable dir

Add todos

Remove FileUtils

Change module name

Add checkcodes

Add more checkcodes
 2024-11-18 16:41:38 -06:00
h00die f38661d6c3 pod user working 2024-11-18 07:30:21 -05:00
h00die 773355f0e8 making bcenter lpe progress 2024-11-04 16:26:08 -05:00