metasploit-gs

Author	SHA1	Message	Date
Grant Willcox	3bca3b0bcb	Update exploit code to use & after the command to execute as root so it executes in the background and doesn't hang Metasploit. Also update the logic of the code to check the response from executing the exploit and respond accordingly and update the documentation to match	2021-08-31 15:07:37 -05:00
Grant Willcox	6f9b06fb4b	Add in Manfred Paul's original blog post and chompie1337's original PoC to the list of links. Also add in a relatively detailed description of how to add in new targets to this exploit to the documentation in case that helps anyone down the line	2021-08-25 18:09:07 -05:00
Grant Willcox	bd490d35ed	Add support for Linux 5.11.x on Fedora	2021-08-23 15:09:10 -05:00
Grant Willcox	db5ac81ecf	Fix up mistakes bcoles pointed out and also add in a check to ensure we are only targetting x64 systems	2021-08-23 13:23:40 -05:00
Grant Willcox	e46611cffb	Add in support for exploiting Fedora 32 with Linux kernel 5.10.12	2021-08-20 18:04:59 -05:00
Grant Willcox	75ae2b76f5	Add support for Fedora 32 Linux Kernel 5.9.8-100 and also fix an error where the wrong file was being used for Fedora 32 Linux Kernel 5.8.8.	2021-08-20 16:50:20 -05:00
Grant Willcox	5abf407228	Add support for Fedora 32 with Linux Kernel 5.8.8-200	2021-08-20 15:42:34 -05:00
Grant Willcox	dd806a9d61	Add in support for Fedora 32 running kernel 5.7.11-200	2021-08-20 13:37:52 -05:00
Grant Willcox	b479cb61a4	Add in scenario for Ubuntu 20.04.02 LTS and show that its still working as expected	2021-08-19 15:05:03 -05:00
Grant Willcox	b60ad3ee26	Fix up mistakes I noticed whilst doing edits on the code as well as some mistakes identified during peer review	2021-08-19 13:55:54 -05:00
Grant Willcox	d5df47692c	Add in first copy of the exploit along with the supporting source code and binaries. Documentation to come	2021-08-17 18:01:14 -05:00
space-r7	809081bc5f	Land #15279 , add Pi-Hole lpe	2021-07-29 11:15:17 -05:00
space-r7	0561ae978f	fix typos, pihole version in docs	2021-07-29 11:13:58 -05:00
Grant Willcox	570ba091f6	Update some typos in the documentation and also update the exploit module to handle various cases whereby the dbus-send command might end up timing out due to TIMEOUT being too low and to fix some final issues found during testing	2021-07-08 16:24:01 -05:00
Grant Willcox	9f88ef0954	Fix up review comments	2021-07-08 16:22:29 -05:00
Jack Heysel	0f67dd5212	Fixed get_cmd_delay, reponded to comments	2021-07-08 16:20:38 -05:00
Jack Heysel	9a07039e7e	Updated docs	2021-07-08 16:09:15 -05:00
Jack Heysel	f87f831aba	Module updates + Docs	2021-07-08 16:09:02 -05:00
Christophe De La Fuente	eca20bec92	Update from code review - Fix documentation typos - Rename `MeterpreterBackground` Mettle option to `MeterpreterTryToFork`	2021-06-30 11:02:11 +02:00
Christophe De La Fuente	ccaedd6c9a	Last additions and improvements - add binaries - add documentation - backup `runc` binary in the exploit C file - add `MeterpreterBackground` options to set Mettle `background` option - add `WsfDelay` logic - refactor code - add cleanup logic - add restore `runc` binary logic	2021-06-30 11:02:11 +02:00
h00die	3f1bb4b51e	rename module, add docs	2021-05-30 14:48:39 -04:00
Spencer McIntyre	a8a1cf75b8	Reorder the Fedora targets to be descending	2021-05-18 18:02:12 -04:00
Ashley Donaldson	5dc8d0e684	Added automatic cleanup for exploit scripts that modify /etc/passwd	2021-05-06 21:50:03 +10:00
Ashley Donaldson	0435e281d9	Updated CVE-2021-3156 documentation to reflect code changes.	2021-05-03 16:45:50 +10:00
Spencer McIntyre	cb8cd89a90	Update the module docs for cve-2021-3156	2021-02-11 11:57:05 -05:00
Spencer McIntyre	7281d00938	Implement feedback from PR review	2021-02-04 09:25:40 -05:00
Spencer McIntyre	c33c08bae9	Add a check method using the version information	2021-02-03 18:16:13 -05:00
Spencer McIntyre	c590d7b1bb	Add module docs and be more permissive with Length formatting	2021-02-03 18:16:13 -05:00
youkergav	23c6c415eb	Added python alternative and check function	2020-10-09 03:58:55 -04:00
youkergav	38fb644169	Architecture updates; base64 password; compliance	2020-09-25 23:58:48 -04:00
youkergav	17483f838e	Bug fixes per requests	2020-09-25 00:01:52 -04:00
youkergav	49a5dfc139	Spelling and grammer fixes	2020-09-24 03:29:07 -04:00
youkergav	35dd9cb517	Add Login to User with Su on Linux / Unix Systems	2020-09-24 02:36:26 -04:00
Matthew Rollings	f379f56b86	Update documentation/modules/exploit/linux/local/docker_priviledged_container_escape.md Co-authored-by: bcoles <bcoles@gmail.com>	2020-07-26 09:43:58 +01:00
stealthcopter	09994b3e51	Typos in readme	2020-07-25 12:17:56 +01:00
stealthcopter	3d3dcc503f	Added docker priviledged container escape	2020-07-25 12:14:30 +01:00
h00die	40095a8d05	glance variable	2020-04-19 22:54:38 -04:00
h00die	2772beac45	doc fix	2020-04-19 15:28:56 -04:00
h00die	e1f1ad45bc	working exploit	2020-04-19 15:19:19 -04:00
h00die	58074dc6bb	waiting on metasm question	2020-04-18 20:26:45 -04:00
h00die	fd8420cef7	fix install lines	2020-03-24 09:36:17 -04:00
Brendan Coles	ac6d0e4391	Add Diamorphine Rootkit Signal Privilege Escalation module	2020-02-16 14:53:16 +00:00
William Vu	95fa8602bc	Refactor modules that use Expect	2020-02-05 21:16:21 -06:00
Tim W	cfffb65a21	Land #12859 , update AF_PACKET chocobo_root linux LPE	2020-01-24 17:30:13 +08:00
tperry-r7	3518b9465c	Merge pull request #12831 from h00die/doc_cleanup Documentation standardization. This is the first step in standardizing the module documentation.	2020-01-22 14:53:12 -06:00
Brent Cook	6f6cc00871	Land #12751 , add Linux RDS socket NP deref privesc	2020-01-22 07:08:47 -06:00
h00die	ca59b06fd3	module doc standardizations	2020-01-20 21:26:59 -05:00
Brendan Coles	19b1f567b2	Update AF_PACKET chocobo_root Privilege Escalation module	2020-01-19 11:51:01 +00:00
Brendan Coles	36b6ceb56f	Add rds_atomic_free_op_null_pointer_deref_priv_esc (CVE-2018-5333)	2020-01-18 08:34:52 +00:00
h00die	50881c899a	h1 to h2	2020-01-16 11:46:36 -05:00

1 2 3 4 5

214 Commits