adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
77,971 Commits 27 Branches 1,043 Tags
6d9d9a70d410cc94de4d3d9afd7a75cd426d43be
Commit Graph

143 Commits

Author SHA1 Message Date
Julien Voisin 7738d146b9 Update modules/exploits/solaris/samba/trans2open.rb 
Co-authored-by: cgranleese-r7 <69522014+cgranleese-r7@users.noreply.github.com>
 2025-06-02 16:05:06 +02:00
Julien Voisin 0106a4440e Merge branch 'master' into aka_equationgroup 2025-05-30 17:17:54 +02:00
bcoles 0ef9f305f3 modules/exploits/solaris: Resolve RuboCop violations 2025-04-23 01:18:07 +10:00
bcoles 1da0ebff66 exploit/solaris/sunrpc/sadmind_*: Cleanup and add documentation 2025-04-22 13:33:25 +10:00
bcoles 703ff27e81 Move exploit/dialup/multi/login/manyargs to exploit/solaris/dialup/ 2025-04-18 11:36:34 +10:00
jvoisin b988b49f27 Add Notes->AKA for EquationGroup codenames 
Sources used:
- https://www.rapid7.com/blog/post/2017/04/18/the-shadow-brokers-leaked-exploits-faq/
- https://github.com/x0rz/EQGRP
 2025-02-23 20:36:12 +01:00
Spencer McIntyre b31abcc9b2 Mark unix encoders as compatible with linux 
Fixes #18572
 2024-01-19 13:40:43 -05:00
wvu 03c99660db Update pam_username_bof.rb 2023-08-09 00:22:57 -05:00
cgranleese-r7 40e6917b7f tests passing 2023-04-04 10:24:09 +01:00
dwelch-r7 319f15d938 Handle nil versions for rubygems 4 2021-02-25 16:47:49 +00:00
cgranleese-r7 3a2932b798 Migrate old uses of manual autocheck to use the new prepend autocheck 2021-02-02 10:15:46 +00:00
William Vu c5d47532b0 Clarify sending username where password expected 2020-12-07 01:55:18 -06:00
William Vu d1f307324b Refactor exploit to use improved CheckModule 
And add AutoCheck.
 2020-12-07 01:35:13 -06:00
William Vu 4da3e37328 Remove unchanged offset 2020-12-07 01:35:13 -06:00
William Vu 4afb4562d9 Print on failure 2020-12-07 01:35:13 -06:00
William Vu 88f0fab6f4 Don't hardcode a stack address for the payload 2020-12-07 01:35:13 -06:00
William Vu 6b45552bda Swap target priority 2020-12-07 01:35:13 -06:00
William Vu bed3f9b41c Note VMware Player support 
Thanks to @bcoles for testing.
 2020-12-07 01:35:13 -06:00
William Vu 1cfcb9b351 Clarify Solaris version 
Hat tip @bcoles.
 2020-12-07 01:35:13 -06:00
William Vu d6c64865ea Add Solaris SunSSH PAM parse_user_name() exploit 
CVE-2020-14871
 2020-12-07 01:35:13 -06:00
Alan Foster 30809787c4 Convert disclosure dates to iso8601 2020-10-02 21:00:37 +01:00
Christophe De La Fuente 9f2a29d4fe Update last batch of modules 2020-06-09 14:18:52 +02:00
Brendan Coles ab9d1470d2 Use workaround for horrific command tokenisation 2019-10-23 06:37:30 +00:00
Brendan Coles 39db3be145 Update tested versions 2019-10-22 06:35:57 +00:00
Brendan Coles 84430c2a66 Add Solaris xscreensaver log Privilege Escalation module 2019-10-21 06:14:50 +00:00
Brendan Coles 24f807490f revisionism 2019-01-10 19:19:14 +00:00
h00die 8877582086 Land #10668 rsh stack clash solaris priv esc 2018-10-14 10:34:48 -04:00
Brendan Coles 7687e6e7b7 Update tested versions 2018-09-22 03:57:03 +00:00
Brendan Coles 4fb223b293 Add Solaris RSH Stack Clash Privilege Escalation module 2018-09-18 17:38:59 +00:00
Brendan Coles 0108e41b04 Move AKA reference to Notes hash 2018-09-18 08:00:44 +00:00
Brendan Coles 2f5bd4b714 Add Solaris 'EXTREMEPARR' dtappgather Privilege Escalation module 2018-09-18 07:23:10 +00:00
h00die 5089c19453 Land #10620 Solaris 10 LPE for libnspr 2018-09-17 18:10:16 -04:00
Brendan Coles 83039781de Background payload execution 2018-09-17 08:42:04 +00:00
Brendan Coles c8906f8772 Add check for Solaris system patch revision 2018-09-17 08:32:52 +00:00
William Vu 4c036e70c1 Fix http://seclists.org links to https:// 
I have no idea how this happened in my own code. I was seeing https://.
 2018-09-15 18:54:45 -05:00
Brendan Coles 1f4a1a388e Update gcc path 2018-09-15 18:16:03 +00:00
Brendan Coles a8c459db18 Update description with correct patched release 2018-09-13 08:22:13 +00:00
Brendan Coles 0db1c34c40 Add check for Solaris system patches 2018-09-12 07:36:54 +00:00
Brendan Coles e75b5592f7 Add ForceExploit option 2018-09-11 09:23:50 +00:00
Brendan Coles 1582dacb0e Check WritableDir is writable 2018-09-11 09:06:15 +00:00
Brendan Coles d658ccf653 Add Solaris libnspr NSPR_LOG_FILE Privilege Escalation module 2018-09-11 08:11:11 +00:00
h00die 00c593e0a2 55 pages of spelling done 2017-09-07 21:18:50 -04:00
Brent Cook 6300758c46 use https for metaploit.com links 2017-07-24 06:26:21 -07:00
g0tmi1k b8d80d87f1 Remove last newline after class - Make @wvu-r7 happy 2017-07-19 11:19:49 +01:00
g0tmi1k fd843f364b Removed extra lines 2017-07-14 08:17:16 +01:00
Brent Cook 345407b0a4 Rex::Encoder::XDR conflicts with the XDR gem 2017-07-12 11:52:10 -05:00
William Vu 64452de06d Fix msf/core and self.class msftidy warnings 
Also fixed rex requires.
 2017-05-03 15:44:51 -05:00
Brent Cook b08d1ad8d8 Revert "Land #6812, remove broken OSVDB references" 
This reverts commit 2b016e0216, reversing
changes made to 7b1d9596c7.
 2016-07-15 12:00:31 -05:00
wchen-r7 816bc91e45 Resolve #6807, remove all OSVDB references. 
OSVDB is no longer a vulnerability database, therefore all the
references linked to it are invalid.

Resolve #6807
 2016-04-23 12:32:34 -05:00
Christian Mehlmauer 3123175ac7 use MetasploitModule as a class name 2016-03-08 14:02:44 +01:00