adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
74,507 Commits 27 Branches 1,043 Tags
6fcd06b36dab005fcb2bbefd214f135587c53f38
Commit Graph

2501 Commits

Author SHA1 Message Date
Takah1ro ca75714959 Change all instance of staging_key to @staging_key 2024-07-31 12:54:09 +09:00
Takah1ro a7512f70eb Change all instance of staging_key to @staging_key 2024-07-31 08:47:07 +09:00
Takah1ro 53d74f0777 Use a multi-line string 
instead of a big number on one line
 2024-07-31 08:27:35 +09:00
Takahiro Yokoyama 1c28150514 Update modules/exploits/linux/http/empire_skywalker.rb 
add prepend Msf::Exploit::Remote::AutoCheck at the beginning of the class

Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2024-07-31 08:11:44 +09:00
Takahiro Yokoyama 6f4ff80a38 Update modules/exploits/linux/http/empire_skywalker.rb 
formatting issue

Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2024-07-31 08:09:40 +09:00
Takahiro Yokoyama a35a2c1814 Update modules/exploits/linux/http/empire_skywalker.rb 
formatting issue

Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2024-07-31 08:08:25 +09:00
Takahiro Yokoyama 13f5d971ed Update modules/exploits/linux/http/empire_skywalker.rb 
use a multi-line string instead of a big number on one line

Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2024-07-31 08:04:39 +09:00
Takah1ro 706dc60f6e Use built-in Diffie-Hellman 2024-07-27 12:13:52 +09:00
Takah1ro ebcd7e0e33 rubocop formatting 2024-07-26 23:44:46 +09:00
Takahiro Yokoyama d5ce191ceb Merge branch 'rapid7:master' into master 2024-07-26 21:51:30 +09:00
Takah1ro 393aed445d Formatting 2024-07-26 21:14:51 +09:00
Takah1ro b5c4fd0e32 use the same instance 
OpenSSL::Digest.new('sha256')
 2024-07-26 21:05:59 +09:00
Takah1ro 5ee86967e5 Pass a Hash as argument 2024-07-26 20:59:54 +09:00
Takah1ro bff7e48e3c Avoid code duplication 2024-07-26 20:44:18 +09:00
Takah1ro 10b723751b Avoid code duplication 2024-07-26 13:11:26 +09:00
Takah1ro 0b9b7a49e7 Add response check 2024-07-26 08:48:45 +09:00
Takah1ro b0689971b6 Fix to_bytes 2024-07-26 08:38:14 +09:00
Takah1ro ed0720dcfd Separate write_file function 2024-07-26 08:32:32 +09:00
Takah1ro ae95bb6c0f Fix build_routing_packet 2024-07-26 08:22:57 +09:00
Takah1ro b1e304a61f Fix match 2024-07-26 08:16:30 +09:00
adfoster-r7 62a3f73e70 Update rubocop target ruby version 2024-07-24 16:47:17 +01:00
Takah1ro 0fab915abb Update to use original aes_encrypt function 2024-07-24 12:14:16 +09:00
Takah1ro b48a2089cf fix previous commit bug affecting original exploit 2024-07-24 11:55:05 +09:00
Takah1ro 79ad046f56 Refactoring skywalker 2024-07-24 11:42:19 +09:00
Takah1ro eface45c5c Refactoring skywalker 2024-07-24 10:19:03 +09:00
Takah1ro ab0433e95f Update to target both vulnerabilities 2024-07-23 22:21:08 +09:00
Takah1ro 61754f3c92 Add cve ref and update broken link 2024-07-23 08:43:45 +09:00
Takahiro Yokoyama ad82481cce Update empire_skywalker.rb 2024-07-20 21:55:39 +09:00
Christophe De La Fuente df8f281d18 Land #19204, Zyxel VPN Series Pre-auth Command Injection 2024-07-03 20:14:39 +02:00
jheysel-r7 b67f05f50d Apply suggestions from code review 2024-07-03 13:51:50 -04:00
Jack Heysel 7e4c6ca028 Added code to print stdout of payloads without reverse connections 2024-07-03 09:36:36 -07:00
Jack Heysel 1d602da6b5 Added space between command and stderr/stout redirection 2024-07-03 08:23:38 -07:00
Jack Heysel 9cfaa2e69f Lowered rank and explained mock testing 2024-06-24 09:13:46 -07:00
Christophe De La Fuente 24fa34e7b9 Land #19188, Netis MW5360 unauthenticated RCE [CVE-2024-22729] 2024-06-24 13:40:51 +02:00
Christophe De La Fuente 8fc6e20cec Update other modules to use java_class_loader_start_service and cmdstager_start_service 2024-06-14 12:57:42 +02:00
h00die-gr3y 4e26704d73 Update addressing cdelafuente-r7 comments 2024-06-12 18:57:29 +00:00
Jack Heysel 12b1936e16 Fixed typo added Options section docs 2024-06-10 07:39:24 -07:00
h00die-gr3y 6a77c2e562 Final tweaks in check method 2024-06-08 11:33:55 +00:00
h00die-gr3y 0e3471d543 Final draft 2024-06-07 19:47:06 +00:00
h00die-gr3y 55fa94995b Updated check method 2024-06-06 22:23:35 +00:00
Jack Heysel 9d47372fe6 rubocop 2024-06-03 15:43:25 -04:00
jheysel-r7 a8335478c7 Apply suggestions from code review 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2024-06-03 15:33:46 -04:00
Jack Heysel d8d1ea7ffb Added on_new_session method 2024-05-29 16:04:00 -04:00
Jack Heysel 72f332aba0 Land #19150, Add Flowmon Command Injection Module 
Unauthenticated Command Injection Module for Progress Flowmon
CVE-2024-2389
 2024-05-29 08:28:37 -04:00
Jack Heysel e57f4d3cb5 Change xml to html in get_html_document 2024-05-28 16:29:55 -04:00
Jack Heysel 5d2a6aa4a1 Updated authors 2024-05-28 16:03:56 -04:00
Jack Heysel 9955724f0a Fixed check method, responded to comments 2024-05-28 15:54:28 -04:00
Jack Heysel d13ce0b1b8 rubocop fixes 2024-05-27 15:05:07 -04:00
h00die-gr3y e7d65fe60a Update based on bwatters-r7 comments 2024-05-27 17:45:07 +00:00
Jack Heysel 92b259981f Added WRITEABLE_DIR datastore option plus minor improvements 2024-05-27 12:48:17 -04:00