adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
54,859 Commits 27 Branches 1,043 Tags
703dc797101fa4a2fed65e87cccbe13e9dbf2c57
Commit Graph

1598 Commits

Author SHA1 Message Date
Alan Foster 4dcb2fbd96 Land #12889, Add OpenSMTPD MAIL FROM RCE 2020-02-07 11:43:18 +00:00
William Vu 8c07e17912 Update module docs 2020-02-06 15:57:54 -06:00
bwatters-r7 7f3c0c9314 Land #12906, Add module for CVE-2019-19363 
Merge branch 'land-12906' into upstream-master
 2020-02-06 15:22:17 -06:00
Shelby Pace e736588795 change method of exploitation for reliability 
This commit changes a few things:
  1. The module first writes the dll to a
     temp location.
  2. The module writes a batch file to a
     temp location.
  3. The batch file copies the dll until
     the copy command fails (presumably
     because the dll is now in use by
     PrintIsolationHost.exe).
  4. The dropped files are deleted.
  5. Docs updated to reflect changes.
 2020-02-06 12:51:36 -06:00
William Vu 62c98710ad Reword vulnerable commit range 2020-02-06 11:03:20 -06:00
William Vu 95fa8602bc Refactor modules that use Expect 2020-02-05 21:16:21 -06:00
William Vu b98c0c6876 Add module doc 2020-02-05 17:01:58 -06:00
Shelby Pace a154efa250 Land #12887, add dlink ssdpcgi cmd inject 2020-02-05 13:19:05 -06:00
Shelby Pace 691a18c997 move docs file, add options 2020-02-05 12:58:46 -06:00
bwatters-r7 9db6b5184b Land #12894, Add Windscribe WindscribeService Named Pipe Privilege Escalation 
Merge branch 'land-12894' into upstream-master
 2020-02-05 12:37:34 -06:00
Shelby Pace 772431a29e add documentation 2020-02-03 16:25:16 -06:00
William Vu fa6573f8e7 Note arch in supported target 2020-02-03 11:16:16 -06:00
William Vu e12d993027 Move SMB DOPU module to match new naming scheme 2020-02-03 11:16:16 -06:00
William Vu 4ba0762089 Update module doc with service pack 2020-02-03 11:16:16 -06:00
William Vu 3074e5bece Update module doc once more 2020-02-03 11:16:16 -06:00
William Vu 4d21b0e88e Update prints in check for visibility 
vprint_good should be print_warning, and most vprints should be print,
even if in check, since check is critical functionality.
 2020-02-03 11:16:16 -06:00
William Vu 51ab58f7c9 Add module doc 2020-02-03 11:16:16 -06:00
Brendan Coles 34621c0adc Add Windscribe WindscribeService Named Pipe Privilege Escalation 2020-02-01 00:41:07 +00:00
tperry-r7 3ffc79aa85 Land #12878, msftidy_docs 
Land #12878, msftidy_docs
 2020-01-31 11:59:50 -06:00
h00die bd48588fd5 catch false positive spaces at eol from code indent 2020-01-28 14:28:18 -05:00
s1kr10s 63612e9647 Add documentation for CVE-2019-20215 exploit 2020-01-28 16:21:34 -03:00
bwatters-r7 0d8d17c63d Land #12736, Add support for PPID spoofing 2020-01-24 08:49:51 -06:00
Tim W cfffb65a21 Land #12859, update AF_PACKET chocobo_root linux LPE 2020-01-24 17:30:13 +08:00
tperry-r7 3518b9465c Merge pull request #12831 from h00die/doc_cleanup 
Documentation standardization. This is the first step in standardizing the module documentation.
 2020-01-22 14:53:12 -06:00
bwatters-r7 208aa3454f Add documentation and warning for PPID interaction 2020-01-22 13:36:34 -06:00
Brent Cook 6f6cc00871 Land #12751, add Linux RDS socket NP deref privesc 2020-01-22 07:08:47 -06:00
Shelby Pace e7e42b7a59 Land #12768, add dlink command injection module 2020-01-21 07:37:43 -06:00
h00die bc312420ca module doc standardizations 2020-01-20 21:41:32 -05:00
h00die ca59b06fd3 module doc standardizations 2020-01-20 21:26:59 -05:00
Brendan Coles 19b1f567b2 Update AF_PACKET chocobo_root Privilege Escalation module 2020-01-19 11:51:01 +00:00
Brendan Coles 36b6ceb56f Add rds_atomic_free_op_null_pointer_deref_priv_esc (CVE-2018-5333) 2020-01-18 08:34:52 +00:00
secenv 09801b2507 Add router module/firmware version tested 
... under Scenarios, as suggested by @space-r7
 2020-01-17 20:57:44 -03:00
secenv 52c7bf6375 Add "Verification Steps" 
as suggested by @space-r7.
 2020-01-17 20:48:37 -03:00
secenv 7fbdf0ca57 documentation: s/Setup/Vulnerable Application/ 
Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-01-17 20:35:27 -03:00
secenv bd8840fb09 documentation: s/Usage/Scenarios/ 
Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-01-17 20:32:27 -03:00
secenv c0800f4742 Fix typo in documentation 
Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-01-17 20:31:47 -03:00
h00die f3c75e93f3 remove tailing double pounds 2020-01-16 11:57:52 -05:00
h00die 50881c899a h1 to h2 2020-01-16 11:46:36 -05:00
h00die dc01f2e99b remove s from application 2020-01-16 11:45:10 -05:00
h00die f970ea7963 example output to scenarios 2020-01-16 11:41:12 -05:00
h00die e4013846d3 more standardizations 2020-01-16 11:32:02 -05:00
h00die 947102e2fe sample output to scenarios 2020-01-16 11:15:06 -05:00
h00die b2e0950bba caps 2020-01-16 11:09:29 -05:00
h00die a1978c76a6 fix up spaces on options header 2020-01-16 10:52:13 -05:00
h00die 4b0ab94043 module options to options 2020-01-16 10:49:22 -05:00
h00die 2fff1f66e9 vulnerable application h1 to h2 2020-01-16 10:44:35 -05:00
h00die 3a4209a092 verification to verification steps 2020-01-16 10:41:12 -05:00
h00die c904b9d2f2 scenario to scenarios 2020-01-16 10:36:38 -05:00
Spencer McIntyre 033a0d1868 Land #12782, add the Plantronics LPE module 2020-01-15 11:17:41 -05:00
h00die fa73709b3e documentation standardization 2020-01-14 21:02:53 -05:00