adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
56,391 Commits 27 Branches 1,043 Tags
78bd74eaec79fc3c5454888cd501ee2258245dfe
Commit Graph

1845 Commits

Author SHA1 Message Date
Spencer McIntyre f48be0d45c Add missing docs from #13401 merging 2020-05-12 14:26:05 -04:00
bwatters-r7 9b40554ec6 Land #13370, Add Druva inSync inSyncCPHwnet64.exe RPC Type 5 Privilege Escalation 
Merge branch 'land-13370' into upstream-master
 2020-05-12 13:20:27 -05:00
Spencer McIntyre e3e82ca17e Land #13401, Add SaltStack Salt root key disclosure and RCE 2020-05-12 14:18:50 -04:00
William Vu d431cd9a6b Actually write the setup guide in the module docs 
Oops. This should have been filled out.
 2020-05-12 12:27:19 -05:00
William Vu 235f822937 Add Netsweeper WebAdmin unixlogin.php pre-auth RCE 2020-05-12 08:34:20 -05:00
William Vu f85a8c2e79 Add module docs 2020-05-11 12:05:38 -05:00
Pedro Ribeiro bba9d0a843 Update advisory link in doc 2020-05-09 14:57:32 +07:00
Spencer McIntyre b4e2599921 Remove trailing whitespace to fix build failures 2020-05-07 09:59:34 -04:00
Spencer McIntyre 9769e04b6e Land #13322, CVE-2020-0668 Service tracing file junction overwrite 2020-05-07 09:47:20 -04:00
Spencer McIntyre 26d4cb7a47 Tweak the service tracking checks and update docs markdown 2020-05-07 09:46:19 -04:00
gwillcox-r7 a1275845ec Land #13200, CVE-2019-0808 LPE for Windows 7 x86 SP0 and SP1 2020-05-06 17:23:52 -05:00
bwatters-r7 a5fe498610 Update ARCH handling, suggested changes, and last-minute fixes 2020-05-06 15:36:53 -05:00
Christophe De La Fuente 3473016aea Land #13107, Kentico deserialization RCE 2020-05-06 16:16:05 +02:00
Brendan Coles bf16307d7f Add Druva inSync inSyncCPHwnet64.exe RPC Type 5 Privilege Escalation 2020-05-06 14:09:46 +00:00
gwillcox-r7 02bc959d1b Documentation alignment to 72 character width as is standard 2020-05-05 21:01:52 -05:00
William Vu 80b64830cc Land #13304, IBM DRM SSH exploit 2020-05-05 12:08:02 -05:00
William Vu e0a67f4fd1 Land #13300, IBM DRM RCE 2020-05-05 12:07:15 -05:00
William Vu 227962d1f3 Fix EOL space 2020-05-05 11:27:31 -05:00
Pedro Ribeiro 1cb91dcb42 Address review comments 
Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update documentation/modules/exploit/linux/ssh/ibm_drm_a3user.md

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update ibm_drm_a3user.md

Update modules/exploits/linux/ssh/ibm_drm_a3user.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/ssh/ibm_drm_a3user.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/ssh/ibm_drm_a3user.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/ssh/ibm_drm_a3user.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/ssh/ibm_drm_a3user.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/ssh/ibm_drm_a3user.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/ssh/ibm_drm_a3user.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/ssh/ibm_drm_a3user.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/ssh/ibm_drm_a3user.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/ssh/ibm_drm_a3user.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/ssh/ibm_drm_a3user.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/ssh/ibm_drm_a3user.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

use fail_with
 2020-05-05 10:58:05 -05:00
Pedro Ribeiro a17d78a327 Address review comments 
Update documentation/modules/exploit/linux/http/ibm_drm_rce.md

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update documentation/modules/exploit/linux/http/ibm_drm_rce.md

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update documentation/modules/exploit/linux/http/ibm_drm_rce.md

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update ibm_drm_rce.md

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

make final changes!

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/ibm_drm_rce.rb

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>

final final final
 2020-05-05 10:53:08 -05:00
gwillcox-r7 d2b196f172 Land #13353, Trixbox CE endpoint_devicemap.php Authenticated RCE 2020-05-04 16:11:05 -05:00
Anastasios Stasinopoulos 18ebf5efa6 Trixbox CE <= v2.8.0.4 Authenticated RCE 
This module exploits a post-authentication OS command injection vulnerability found in Trixbox CE <= v2.8.0.4 which may allow arbitrary command execution on the underlying operating system.
 2020-05-04 15:58:38 -05:00
Spencer McIntyre c128a3ba92 Add CmdStager and Powershell targets to the Kentico RCE exploit 2020-05-04 10:07:10 -04:00
Patrick Webster 626b9be63c Update kentico_staging_syncserver.md 2020-05-04 09:26:14 -04:00
Patrick Webster affc745ed5 Update documentation/modules/exploit/windows/http/kentico_staging_syncserver.md 
Typo

Co-Authored-By: bcoles <bcoles@gmail.com>
 2020-05-04 09:26:13 -04:00
Patrick Webster 376c61bc46 Added exploit module kentico_staging_syncserver. 2020-05-04 09:26:13 -04:00
William Vu 0bcc473ded Rename option to HOSTINFO_NAME and update doc 2020-05-01 12:59:01 -05:00
William Vu b2355568f8 Update module doc 2020-05-01 12:19:12 -05:00
William Vu 84061881b8 Clarify module description 2020-05-01 12:19:12 -05:00
William Vu 64f4cb7e41 Add module doc 2020-05-01 12:19:12 -05:00
bwatters-r7 686c2f09a1 Land #13290, Cve-2014-2630 HP xglance-bin linux priv esc 
Merge branch 'land-13290' into upstream-master
 2020-05-01 10:18:21 -05:00
Tim W bcf9449b29 add basic check method 2020-05-01 19:02:21 +08:00
William Vu 4d635cdcfc Update module doc 2020-05-01 04:28:17 -05:00
bwatters-r7 01f1cfd188 Update documentation with note about prior windows versions 2020-04-30 09:37:52 -05:00
Tim W 8e9a162b1b fix 2020-04-30 18:05:00 +08:00
Tim W ea22e34b9c fix description 2020-04-30 17:51:28 +08:00
Tim W 109f0a01f7 add windows 7 sp1 scenario 2020-04-30 17:19:54 +08:00
Tim W ff0704b316 code review from grant <3 2020-04-30 17:19:54 +08:00
Tim W 7560f7de8c remove changes to other files 2020-04-30 17:19:54 +08:00
Tim W f05b50f54e add documentation for CVE-2019-0808 2020-04-30 17:19:53 +08:00
bwatters-r7 191044cdad Final fixes and documentation 2020-04-29 10:18:22 -05:00
Spencer McIntyre 3e51730ae3 Land #11359, Add the shiro_rememberme_v124_deserialize module 2020-04-28 15:35:06 -04:00
Spencer McIntyre 2c61fd0aff Update Apache Shiro RCE module docs 2020-04-28 14:24:17 -04:00
William Vu 1318faa992 Clarify the quote is from the vendor's advisory 2020-04-27 16:53:34 -05:00
William Vu cefeb9ffde Randomize dir in desktopcentral_deserialization 
Also apply RuboCop.
 2020-04-27 16:13:22 -05:00
L 70ad79dbcc change ip 2020-04-27 10:50:09 -05:00
L b283442845 Add shiro_rememberme_v124_deserialize documentation 2020-04-27 10:50:09 -05:00
Shelby Pace 640eb77403 Land #13260, add docker wincred module 2020-04-24 10:02:38 -05:00
Shelby Pace 24eeba09e8 typo 2020-04-24 10:01:31 -05:00
bwatters-r7 1c757f90db bcoles suggestions 2020-04-22 18:08:58 -05:00