adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
59,036 Commits 27 Branches 1,043 Tags
7e99025dd3eb4f5b6e134dfd2a804fc8e2afbe07
Commit Graph

2765 Commits

Author SHA1 Message Date
Shelby Pace 83943adf8b Land #14466, add Aerospike UDF rce 2020-12-10 11:07:56 -06:00
William Vu e52084242f Remove unused vprint_status conditional 2020-12-09 22:45:41 -06:00
William Vu 399c8dbb79 Don't be lazy about sending the request 
Don't telegraph our command injection _quite_ so much. We still
"complete" the initial command line to minimize disruption.

I am now backgrounding ssh-keygen to improve the speed of the exploit.
 2020-12-09 22:07:08 -06:00
dwelch-r7 1617b3ec9b Use zeitwerk for lib/msf/core folder 2020-12-07 10:31:45 +00:00
Brendan Coles 6cdb484d7c Add Aerospike Database UDF Lua Code Execution exploit 2020-12-05 14:15:22 +00:00
Pedro Ribeiro a99ce581dd Update TP-Link AC1750 Pwn2Own 2019 module 2020-11-26 12:56:02 +00:00
William Vu f73a88a39c Land #14396, hadoop_unauth_exec clarification 2020-11-16 12:44:13 -06:00
Tod Beardsley 06a0634828 Describe the Hadoop vuln as not-a-vuln clearly 2020-11-16 11:31:59 -06:00
A Galway 0328e3f815 Land #14359, gives preference to default target options 2020-11-13 14:44:13 +00:00
William Vu fcb507e412 Fix AutoCheck 
I'm a big dummy.
 2020-11-11 15:57:38 -06:00
William Vu 42bdae919b Add SaltStack Salt REST API RCE (CVE-2020-16846) 
Leveraging CVE-2020-25592.
 2020-11-11 13:09:26 -06:00
William Vu 67ae309896 Set plat/arch in saltstack_salt_unauth_rce targets 
Looks like I forgot this, and it affects compatible payloads.
 2020-11-11 13:09:26 -06:00
Alan Foster 5b438fd933 Preference target values when registering options 2020-11-05 23:16:37 +00:00
Spencer McIntyre 659137da94 Remove the DRuby remote code execution module 2020-11-02 08:32:52 -05:00
Spencer McIntyre ba17a5d67f Apply rubocop fixes for the DRuby RCE module 2020-10-22 12:35:35 -04:00
Spencer McIntyre 8aca08f80b Add the DRuby RCE check method 2020-10-22 12:34:51 -04:00
Spencer McIntyre 34e41e66ec Fix the syscall DRuby target by adding a small delay before execve 2020-10-22 12:18:12 -04:00
Spencer McIntyre 49145bfd31 Don't start the DRuby service, it appears unnecessary 2020-10-22 12:15:39 -04:00
youkergav c855857506 Cleaned up more code 2020-10-11 02:26:02 -04:00
youkergav 1cba6080cd Cleaned up code 2020-10-09 22:04:26 -04:00
youkergav d623d85040 Added AutoCheck mixin 2020-10-09 19:45:28 -04:00
youkergav a59558f03c Made password optional parameter 2020-10-09 06:33:57 -04:00
youkergav 5726db44d0 Bug fixed 2020-10-09 06:01:25 -04:00
youkergav 583e77db60 Cleaned up code 2020-10-09 05:38:54 -04:00
youkergav 263b6bc070 Merge branch 'master' of github.com:rapid7/metasploit-framework into su_login 2020-10-09 05:26:48 -04:00
youkergav 23c6c415eb Added python alternative and check function 2020-10-09 03:58:55 -04:00
Grant Willcox 2c391e9edc Fix up last of the module that had incorrect disclosure dates 2020-10-07 12:09:35 -05:00
Alan Foster 30809787c4 Convert disclosure dates to iso8601 2020-10-02 21:00:37 +01:00
Alan Foster 26ff912291 Fix invalid disclosure date formats 2020-10-02 12:20:05 +01:00
youkergav 809584da68 Fixed bug that was crashing orignal session 2020-10-02 04:00:40 -04:00
youkergav 9cf07e499f Replaced payload encoding function 2020-09-29 01:49:40 -04:00
youkergav 38fb644169 Architecture updates; base64 password; compliance 2020-09-25 23:58:48 -04:00
youkergav d45dfe865a Check noexec mount for payload; Coding comliance 2020-09-25 04:01:39 -04:00
youkergav 17483f838e Bug fixes per requests 2020-09-25 00:01:52 -04:00
youkergav 49a5dfc139 Spelling and grammer fixes 2020-09-24 03:29:07 -04:00
youkergav 35dd9cb517 Add Login to User with Su on Linux / Unix Systems 2020-09-24 02:36:26 -04:00
Christophe De La Fuente 7c575223a2 Sync with master 2020-09-23 10:08:07 +02:00
Christophe De La Fuente 2d1b378a18 Land #14122, Jenkins Deserialization RCE (CVE-2017-1000353) 2020-09-22 12:32:09 +02:00
Shelby Pace 2ae50e9304 Land #14025, add Artica Proxy auth bypass / rce 2020-09-21 15:27:53 -05:00
Shelby Pace 18fa28f96b change date format / default payload 2020-09-21 15:26:39 -05:00
h00die ee77cc8e78 Land #14123, vyos restricted shell escape and priv escalation 2020-09-19 09:13:38 -04:00
Brendan Coles 6208f8795a vyos_restricted_shell_privesc: support login as admin user 2020-09-18 15:49:25 +00:00
Shelby Pace 74669f4052 Land #14135, add tp-link command injection 2020-09-18 09:47:02 -05:00
Pietro Oliva 5f204257a5 Remove unnecessary comma, fix docs 2020-09-18 10:15:23 -04:00
Pietro Oliva e2c169d7d3 Remove unnecessarily setting SSL via datastore 2020-09-18 09:32:45 -04:00
0xsysenter 3144a1aede Add SSL in DefaultOptions 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-09-18 15:31:23 +02:00
Pietro Oliva d3f68d0fe4 Fix double shell issue 2020-09-18 09:23:02 -04:00
Shelby Pace 09c5b906af change notes and primary command stager flavor 2020-09-17 13:25:14 -05:00
Shelby Pace 8c1968e01c use more generic regex for versioning 
Co-authored-by: cdelafuente-r7 <56716719+cdelafuente-r7@users.noreply.github.com>
 2020-09-17 09:12:20 -05:00
Pietro Oliva 072f35c270 -Updated module to work using CmdStager 
-Updated documentation accordingly
-Removed unnecessary includes and simplified code
 2020-09-16 19:51:15 -04:00