adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
58,358 Commits 27 Branches 1,043 Tags
832e2263b0efef400a1671d71a5dea975178c954
Commit Graph

29663 Commits

Author SHA1 Message Date
Grant Willcox 87b1facc5b Land #14238, Update sap_service_discovery.rb to support SAP IGS server discovery 2020-10-08 09:43:33 -05:00
Grant Willcox 69c68823d2 Land #14226, convert myworkspace.id to myworkspace_id for no db compat 2020-10-08 08:49:53 -05:00
Vladimir Ivanov d2ee5a838a Update sap_service_discovery.rb 
Add port 40080 - SAP Internet Graphics Server [HTTP]
 2020-10-08 13:51:44 +03:00
Grant Willcox 339c1941ef Add in myworkspace.id patch for the other missing modules 2020-10-07 17:08:00 -05:00
Grant Willcox a2675c13e8 Land #14213, Add disclosure date rubocop linting rule - enforce iso8601 disclosure dates 2020-10-07 12:09:59 -05:00
Grant Willcox 2c391e9edc Fix up last of the module that had incorrect disclosure dates 2020-10-07 12:09:35 -05:00
Ivanov Vladimir fa7b711d60 Change ltype in loot 2020-10-07 10:12:09 -05:00
Grant Willcox 12095f9174 Make minor updates to the error messages 2020-10-07 10:12:09 -05:00
Ivanov Vladimir df86b0c7c2 Update script to ensure action_file_read will correctly use fail_with, and to update the return types of send_first_request. 2020-10-07 10:11:12 -05:00
Grant Willcox 5ad2190c40 Apply updates to the module from the review process and a minor update to the documentation to note the renaming of the PATH option to URIPATH. Also update the check method so that it now works correctly and so that other functions return errors appropriately. 2020-10-07 10:08:57 -05:00
Ivanov Vladimir cc721fd64f Update several functions to apply review edits and also update the documentation accordingly. 2020-10-07 10:07:48 -05:00
Ivanov Vladimir 9ce3dc45f7 Delete default option: VERBOSE 2020-10-07 10:07:46 -05:00
Ivanov Vladimir 24d14f8816 Rename URN to PATH in several functions. Also change check function. 2020-10-07 10:04:55 -05:00
Grant Willcox 8a8dfafcc3 Rename the files and update some descriptions as there may be more XXE bugs in SAP in the future. Also update the documentation accordingly. 2020-10-07 10:04:03 -05:00
Grant Willcox fc462d2465 Clean up code to remove some extra options and to make the match() calls a bit cleaner, as well as make some of the explanations a bit neater. Also remove duplicate code from a few places 2020-10-07 10:04:02 -05:00
Grant Willcox a70cb25824 Remove all verbose options and tidy up one extra instance variable that was only used once 2020-10-07 10:04:02 -05:00
Vladimir Ivanov 7c682af98b Create sap_igs_xxe.rb and its associated documentation, and apply RuboCop fixes. 2020-10-07 10:03:09 -05:00
bwatters 3a6293357e Land #14190, Add the DOMAIN option to the CVE-2020-0688 Exploit 
Merge branch 'land-14190' into upstream-master
 2020-10-05 12:12:21 -05:00
h00die 15bb690308 fix vulnerability spelling 2020-10-04 13:00:48 -04:00
Alan Foster 30809787c4 Convert disclosure dates to iso8601 2020-10-02 21:00:37 +01:00
Alan Foster 26ff912291 Fix invalid disclosure date formats 2020-10-02 12:20:05 +01:00
Grant Willcox f45d9b295a Land #14204, Update the module docs for CVE-2020-1472 (Zerologon) 2020-10-01 10:09:19 -05:00
bwatters e24a81919a Land #13996, Add module for CVE-2020-9801, CVE-2020-9850 and CVE-2020-9856, 
RCE for Safari on macOS 10.15.3 (pwn2own2020)

Merge branch 'land-13996' into upstream-master
 2020-10-01 09:46:39 -05:00
Spencer McIntyre bf13ffc692 Update documentation based on feedback 2020-10-01 09:19:15 -04:00
Grant Willcox fb73be7e35 Land #14199, Fix SecureCRT missing registry key bug 2020-09-30 13:17:06 -05:00
Grant Willcox b0bad9fc85 Fix up small issue with one of the checks and update the documentation with the new SESSION_PATH option 2020-09-30 12:26:32 -05:00
Spencer McIntyre c0b42ff7a2 Land #13995, Add a Windows Secrets Dump module 2020-09-30 11:47:59 -04:00
Christophe De La Fuente 94796f5c91 Updates from review #2 2020-09-30 15:01:54 +02:00
cn-kali-team dce8bdc19a Check that the folder does not exist 2020-09-30 07:39:33 +08:00
Spencer McIntyre d53da9a83a Always show the plain password value of the machine account 2020-09-29 16:17:02 -04:00
Spencer McIntyre d91a9a0468 Consolidate the aes_cts_hmac_sha1_96_key functions 2020-09-29 16:05:06 -04:00
bwatters 3aeeede4a6 Land #14187, Added CVE-2020-3433 module 
Merge branch 'land-14187' into upstream-master
 2020-09-29 13:41:33 -05:00
bwatters 81fd2ea8a8 rubocop changes 2020-09-29 13:38:31 -05:00
Christophe De La Fuente 67821e32c4 Password cracking integration 2020-09-29 20:36:39 +02:00
Christophe De La Fuente 9cb419ae8c Resync with master branch 2020-09-28 15:45:02 +02:00
Spencer McIntyre e7d2b73600 Add a DOMAIN option to CVE-2020-0688 for consistency with other modules 2020-09-28 09:24:39 -04:00
Christophe De La Fuente 59fff3d7fe Land #14161, VyOS config processor 2020-09-28 13:02:19 +02:00
h00die 362ba1b235 more reviews 2020-09-27 08:17:32 -04:00
Shelby Pace f0f4da2b1e Land #14157, Windows update orchestrator privesc 2020-09-25 16:07:27 -05:00
Antoine GOICHOT fef88f27eb Added CVE-2020-3433 module 2020-09-25 23:04:58 +02:00
Christophe De La Fuente 7bfc47f08a Land #14175, MaraCMS 7.5 Arbitrary File Upload (CVE-2020-25042) 2020-09-25 20:24:55 +02:00
bwatters 2ed72007e0 Typos and cleanup 2020-09-25 12:27:55 -05:00
kalba-security 33b3d6efcc Use register_for_cleanup instead of on_new_session for cleanup 2020-09-25 08:11:02 -04:00
Tim W bb04041c93 Land #14172, Fix #14170, Add option to disable autorun in persistence_exe 2020-09-25 13:16:51 +08:00
Tim W 77b7cf4f65 make RUN_NOW a non-advanced option 2020-09-25 13:15:34 +08:00
Tim W 72111a9677 don't start service unless RUN_NOW is true 2020-09-25 13:15:30 +08:00
kalba-security 5b48bae4b0 Use keep_cookies instead of @cookie variable 2020-09-24 16:36:01 -04:00
kalba-security 45d13bf85e Simplify shash checks, use cgi request instead of raw, fix ctype header placement 2020-09-24 07:49:55 -04:00
Shelby Pace 2f083b03dd Land #14140, add software enumeration module 2020-09-23 18:43:28 -05:00
Shelby Pace 1b66f4a9de include Android::Priv mixin 2020-09-23 18:42:07 -05:00