adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
63,786 Commits 27 Branches 1,043 Tags
78d4ac85926baee5d9cd4e6cd67415a8d3d8858f
Commit Graph

891 Commits

Author SHA1 Message Date
Grant Willcox 78d4ac8592 Update module reliability and also fix issues from bcoles's review 2022-04-20 19:04:27 -05:00
bwatters d9a241defb Fix overzealous source code edit and some version copy/pasta errors 2022-04-20 14:31:32 -05:00
Grant Willcox b83a4b2a7a Add in fixes to module and documentation from final review 2022-04-14 12:45:15 -05:00
bwatters 83f4473c2a Correct Ubuntu target version 2022-04-14 12:01:38 -05:00
bwatters 03d01d2f72 Remove stray markup 2022-04-14 10:29:54 -05:00
bwatters f32443b477 Update with debug source code and options, cleanup module code per gwillcox-r7 2022-04-14 10:25:55 -05:00
bwatters 147d6e1df7 Added docs, reverted strip_comments, rubocop'd 2022-04-12 21:14:11 -05:00
space-r7 872b9c9a7c modify docs to reflect changes, remove 'return' 2022-03-10 10:39:32 -06:00
Tim W bcc9d01958 add documentation 2022-03-09 08:34:20 +00:00
red 23a09be333 Fix typo in document of cve_2021_4034 
ContOS => CentOS
 2022-03-05 23:58:31 +08:00
Spencer McIntyre 6be3443680 Land #16103, LPE in polkit's pkexec (CVE-2021-4034) 2022-03-03 09:24:11 -05:00
bwatters e649fe3f69 Fix some markdown issues, update docs and add arch check for payloads 2022-03-02 16:30:52 -06:00
bwatters 06e897436c Add Fedora results to docs and some minor final cleanup 2022-03-02 09:12:01 -06:00
bwatters 58aed837b2 Update docs and options 2022-03-01 14:48:48 -06:00
bwatters ecaf8b1ba9 Land #16204, Hikvision Unauthenticated RCE (CVE-2021-36260) 
Merge branch 'land-16204' into upstream-master
 2022-02-25 16:37:08 -06:00
Grant Willcox 217afa0f3b Land #16190, Axis Camera App RCE (No CVE) 2022-02-25 11:35:03 -06:00
Jake Baines d055a7d811 Altered some randomization, the json extracted by check, and fixed some wording 2022-02-24 18:48:21 -08:00
Jake Baines e1616a520f Fixed a couple of typos. Changed a CheckCode. Randomized the replaced tmp file name 2022-02-24 06:38:36 -08:00
Jake Baines 4cd3563bc7 Initial commit of exploit for CVE-2021-36260 2022-02-19 13:13:24 -08:00
bwatters 3ea032472d Updated exploit with better check method, added OnSessionCmd option 
to run a command when a session is bootstrapped, added more
documentation.
 2022-02-18 16:30:47 -06:00
Jake Baines 5ac3330802 Initial commit of Axis camera app install exploit 2022-02-14 17:54:18 -08:00
space-r7 db00991f26 Land #16150, add nagios xi web shell upload 2022-02-11 11:45:06 -06:00
Jake Baines 0a78dd78ec Used suggested method for defining user webshell, used suggested depth configuration, and used vars_get in a couple of places 2022-02-08 18:20:03 -08:00
space-r7 bed067dda0 Land #16125, add ARCH_CMD for GXV3140 support 2022-02-08 12:24:42 -06:00
Jake Baines 0fcc7e7733 Fixed spelling errors in descriptions 2022-02-06 02:55:17 -08:00
Jake Baines 9758251278 Initial commit of CVE-2021-37343 2022-02-05 18:21:18 -08:00
space-r7 837fdf7c5e Land #16128, add cisco rv unauth rce 2022-02-01 10:34:57 -06:00
Jake Baines 78312fb300 Update documentation/modules/exploit/linux/http/cisco_rv_series_authbypass_and_rce.md 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2022-02-01 06:41:26 -05:00
Jake Baines ccedcfefab Added exploit for CVE-2021-1472/CVE-2021-1473 2022-01-29 18:56:53 -08:00
Brendan Coles feebf25ad4 Add support for GXV3140 models and ARCH_CMD busybox telnetd payload 2022-01-29 19:38:57 +00:00
Brendan Coles a4fcddca8e Rename to grandstream_gxv31xx_settimezone_unauth_cmd_exec 2022-01-29 19:24:09 +00:00
Dhiraj Mishra 97d83f3fd5 cve_2021_4034_pwnkit_lpe_pkexec.md 2022-01-27 18:32:46 +04:00
Grant Willcox 44f040ad78 Land #16056, Exploit Module for Grandstream UCM62xx IP PBX (CVE-2020-5722) 2022-01-24 21:03:46 -06:00
Grant Willcox 15751a0f78 Minor langauge fix and final typo 2022-01-24 21:01:34 -06:00
Jake Baines 2c989ec714 Addressed multiple review comments (spelling, doc details, randomization, etc) 2022-01-22 14:09:58 -08:00
Grant Willcox 8bb3e39fd7 Land #16036, Add Grandstream GXV3175 'settimezone' Unauthenticated Command Execution 2022-01-19 10:58:42 -06:00
Brendan Coles ee2feb1207 Add Grandstream GXV3175 'settimezone' Unauthenticated Command Execution 2022-01-19 00:04:15 +00:00
Jake Baines 4ebb702405 Added an exploit for Grandstream UCM62xx IP PBX (CVE-2020-5722) 2022-01-15 12:46:56 -08:00
Jake Baines d4ee9a0183 Initial commit of CVE-2021-20039 exploit 2022-01-10 12:43:50 -08:00
bwatters 77812ae4c4 Update documentation for multiple binaries, add targeting data, 
other bcoles improvements
 2021-12-02 09:57:48 -06:00
bwatters 1f33305ce1 Add documentation 2021-12-01 14:54:48 -06:00
Grant Willcox 725c5f8d8c Add in another scenario into documentation and add additional detail to one setup step 2021-11-18 17:01:25 -06:00
Grant Willcox a915c3ce5c Add fixes for some of the issues raised during the review process on both the documentation and module side of things 2021-11-17 17:25:50 -06:00
Spencer McIntyre 0b3f95abca Writeup the module docs and move the protocol code 2021-11-12 15:15:51 -05:00
space-r7 1dd26bca03 Land #15802, add OMIGOD LPE 2021-11-09 10:30:50 -06:00
Spencer McIntyre 1ca9f48266 Land #15783, Add Sophos UTM CVE-2020-25223 exploit 2021-10-28 09:00:08 -04:00
William Vu 2a36287d9d Add more words to module doc 2021-10-27 19:31:03 -05:00
William Vu 76aa872ff5 Add (empty) Options header to module doc 
For consistency.
 2021-10-27 19:31:03 -05:00
William Vu 7bbf0305c0 Fix elapsed time calculation using monotonic clock 
Hat tip @adfoster-r7.
 2021-10-27 19:31:03 -05:00
William Vu 365365bfb0 Add module doc 2021-10-27 19:31:03 -05:00