adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
77,971 Commits 27 Branches 1,043 Tags
6d9d9a70d410cc94de4d3d9afd7a75cd426d43be
Commit Graph

470 Commits

Author SHA1 Message Date
cgranleese-r7 40ca2b3b1b Adds sentinel notes to modules that are missing stability, reliability or side effects 2025-06-25 09:32:01 +01:00
cgranleese-r7 a454217bd4 Update info -d markdown 2025-06-24 11:21:49 +01:00
cgranleese-r7 37388ca1be Adds sentinel values to modules missing notes 2025-06-23 12:24:58 +01:00
cgranleese-r7 a4b14d8b64 Runs Rubocop to fix layout in modules 2025-06-20 15:18:01 +01:00
msutovsky-r7 f20e72b6c8 Land #20256, adds RCE module for Remote For Mac 2025.7 
Add Remote for Mac 2025.6 unauthenticated RCE module
 2025-06-08 16:03:58 +02:00
Martin Sutovsky 6105b99465 Fixed response parsing 2025-06-08 15:36:37 +02:00
Martin Sutovsky 16541d9f64 Fixes notes 2025-06-08 12:17:58 +02:00
Martin Sutovsky c9713a7184 Code reformat, rubocoping 2025-06-08 12:06:33 +02:00
root 8b1113d225 Update: Improved RCE detection logic and payload options for Remote for Mac 2025.6 2025-06-07 17:52:45 +01:00
root 7aa1d17124 rex version fix 2025-05-30 16:46:08 +01:00
root 11a51bf489 rex version payloads 2025-05-30 16:43:40 +01:00
Julien Voisin 0106a4440e Merge branch 'master' into aka_equationgroup 2025-05-30 17:17:54 +02:00
root dbfaece2a2 badchars fix + extend payloads 2025-05-30 14:19:56 +01:00
root ca8a3c586a added 2025.7 support 2025-05-30 14:12:52 +01:00
root 69870ee703 Update Remote for Mac 2025.6 RCE module with improvements and fixes 2025-05-30 11:21:07 +01:00
root cf3e1764c5 Finalize Remote for Mac 2025.6 RCE module (no CVE yet) 2025-05-29 04:29:15 +01:00
root 38f0178ad8 Update exploit: fix PacketStorm reference, add CVE placeholder 2025-05-28 09:27:28 +01:00
root 1860c16aa8 Add Remote for Mac 2025.6 unauthenticated RCE module 2025-05-28 07:42:34 +01:00
cgranleese-r7 0017fbdf56 Updates more dead links 2025-02-28 10:30:14 +00:00
jvoisin b988b49f27 Add Notes->AKA for EquationGroup codenames 
Sources used:
- https://www.rapid7.com/blog/post/2017/04/18/the-shadow-brokers-leaked-exploits-faq/
- https://github.com/x0rz/EQGRP
 2025-02-23 20:36:12 +01:00
gardnerapp d676bedc0f Update modules/exploits/osx/local/persistence.rb 
Co-authored-by: dwelch-r7 <Dean_Welch@rapid7.com>
 2024-08-30 18:25:02 -04:00
Corey 2437000b99 Rubocop changes 2024-08-06 15:23:03 -04:00
Corey 6c7c1cf603 Fix missing comma in opts, remove dbugging in plist_path 2024-08-02 12:19:55 -04:00
Corey 9036132b18 Update targets to include apple silicon (AARCH64) 2024-08-02 12:05:23 -04:00
Corey 94d4e17d3e Use optenum properly 2024-08-02 10:19:50 -04:00
Corey 133e6db77e Add dynamic plist path from opts 2024-08-01 11:54:38 -04:00
Corey f3d935ef07 add references to Objective-See and Apple Docs 2024-08-01 11:49:11 -04:00
Corey 7da83a1358 Add opts, update description for daemons 2024-08-01 11:47:29 -04:00
sjanusz-r7 38c5c6bb11 Add missing Platform to osx/local/persistence module 2024-03-25 16:00:25 +00:00
bcoles f6725dfc4e feedback_assistant_root: Check if OSX version is blank in check method 2023-04-28 19:52:15 +10:00
Jack Heysel f4ad778bd0 Added missing session types 2023-02-02 13:29:43 -05:00
Jack Heysel af2ef53462 Land #17415, macOS dirty cow priv esc 2023-02-02 12:15:19 -05:00
bcoles 6f4a17230d exploits/osx/local/vmware_fusion_lpe: Add notes 2023-02-02 18:46:08 +11:00
bcoles ef87a63bde modules: Check datastore ForceExploit before checking if session is root 2023-02-02 18:17:02 +11:00
Jack Heysel 3c7cbf62e6 Updated default payload 2023-02-01 16:56:28 -05:00
timwr ce260f53f3 Add CVE-2022-46689 macOS dirty cow 2022-12-28 22:46:08 +07:00
Shelby Pace 0596620de7 Update modules/exploits/osx/local/acronis_trueimage_xpc_privesc.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2022-12-13 09:49:59 -06:00
space-r7 13a557013c support 2021 version of software 
specifically, the exploit will now search
for com.acronis.helpertool in addtion to the
2020 helper tool name. This also updates the
check() method to return CheckCode::Detected
for when we find the vulnerable service but
can't detect the build number
 2022-12-12 15:53:35 -06:00
space-r7 9c7355388c add attackerkb link 2022-12-06 11:19:05 -06:00
space-r7 162b0daf3b add new options and usage of pre-compiled exploit 
also updates documentation with new option
descriptions
 2022-11-17 17:20:41 -06:00
space-r7 ea486169b4 use erb template for objective-c code 2022-11-17 11:55:19 -06:00
Shelby Pace f8dff82a78 Update modules/exploits/osx/local/acronis_trueimage_xpc_privesc.rb 
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com>
 2022-11-17 10:29:49 -06:00
space-r7 486e469682 add new reference 2022-11-16 10:32:08 -06:00
space-r7 383e121f20 add FileDropper usage and module description 2022-11-15 12:37:39 -06:00
space-r7 e0c693c5a8 add objective-c code and pid code 2022-11-14 17:57:39 -06:00
space-r7 8e59cac3a8 add check and exploit methods 2022-11-11 17:56:13 -06:00
space-r7 a43bfc9292 use safari version with specific cve 2022-04-05 10:31:51 -05:00
space-r7 4c8c32b3ff set file header to Contents dir, check safari vers 2022-04-05 10:16:59 -05:00
space-r7 e9e1e26def add support for CVE-2022-22616, update docs 2022-04-01 17:50:33 -05:00
Ashley Donaldson 9445c7824d Fix bug in safari file policy module: don't stop the service; just dereference it, and trust the service manager 2022-03-10 09:07:11 +11:00