adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
61,846 Commits 27 Branches 1,043 Tags
91ae50eb27ffc2573986daa199d96fa021009be3
Commit Graph

831 Commits

Author SHA1 Message Date
space-r7 91ae50eb27 escapeshellcmd -> escapeshellarg 2021-09-09 17:28:05 -05:00
space-r7 0095613a94 add completed module and documentation 2021-09-09 16:58:40 -05:00
Grant Willcox 0e0e3bbcfb Land #15603, Add Geutebruck CVE_2021_335XX command injection module 2021-09-01 10:59:22 -05:00
bwatters ff50a94348 Land #15567, Add in Exploit for CVE-2021-3490 
Merge branch 'land-15567' into upstream-master
 2021-08-31 18:46:25 -05:00
Grant Willcox 0a57641aa4 Add in documentation and module code cleanness improvements and also make the output easier for readers to understand should something fail midway through. 2021-08-31 18:24:57 -05:00
Grant Willcox 30a7ee1bf2 Final very minor documentation fixes for better clarity 2021-08-31 18:24:56 -05:00
Your Name 56cde3eaba Add Geutebruck CVE_2021_335XX command injections module 2021-08-31 18:24:14 -05:00
Grant Willcox 3bca3b0bcb Update exploit code to use & after the command to execute as root so it executes in the background and doesn't hang Metasploit. Also update the logic of the code to check the response from executing the exploit and respond accordingly and update the documentation to match 2021-08-31 15:07:37 -05:00
Grant Willcox 6f9b06fb4b Add in Manfred Paul's original blog post and chompie1337's original PoC to the list of links. Also add in a relatively detailed description of how to add in new targets to this exploit to the documentation in case that helps anyone down the line 2021-08-25 18:09:07 -05:00
Grant Willcox bd490d35ed Add support for Linux 5.11.x on Fedora 2021-08-23 15:09:10 -05:00
Grant Willcox db5ac81ecf Fix up mistakes bcoles pointed out and also add in a check to ensure we are only targetting x64 systems 2021-08-23 13:23:40 -05:00
Grant Willcox e46611cffb Add in support for exploiting Fedora 32 with Linux kernel 5.10.12 2021-08-20 18:04:59 -05:00
Grant Willcox 75ae2b76f5 Add support for Fedora 32 Linux Kernel 5.9.8-100 and also fix an error where the wrong file was being used for Fedora 32 Linux Kernel 5.8.8. 2021-08-20 16:50:20 -05:00
Grant Willcox 5abf407228 Add support for Fedora 32 with Linux Kernel 5.8.8-200 2021-08-20 15:42:34 -05:00
Grant Willcox dd806a9d61 Add in support for Fedora 32 running kernel 5.7.11-200 2021-08-20 13:37:52 -05:00
William Vu e480e868b9 Remove dead cisco_rv130_rmi_rce documentation 
It is now cve_2019_1663_cisco_rmi_rce.
 2021-08-20 05:06:00 -05:00
Grant Willcox b479cb61a4 Add in scenario for Ubuntu 20.04.02 LTS and show that its still working as expected 2021-08-19 15:05:03 -05:00
Grant Willcox b60ad3ee26 Fix up mistakes I noticed whilst doing edits on the code as well as some mistakes identified during peer review 2021-08-19 13:55:54 -05:00
Grant Willcox d5df47692c Add in first copy of the exploit along with the supporting source code and binaries. Documentation to come 2021-08-17 18:01:14 -05:00
William Vu 521ca14773 Add Lucee Administrator CVE-2021-21307 exploit 2021-08-16 10:09:34 -05:00
space-r7 809081bc5f Land #15279, add Pi-Hole lpe 2021-07-29 11:15:17 -05:00
space-r7 0561ae978f fix typos, pihole version in docs 2021-07-29 11:13:58 -05:00
William Vu 2164d7ed5a Add log IOC 2021-07-12 20:54:54 -05:00
William Vu 1812a71d3d Add module doc 2021-07-12 13:07:05 -05:00
William Vu 6fbaecf919 Backport print changes to recent modules 2021-07-08 21:26:35 -05:00
Grant Willcox 570ba091f6 Update some typos in the documentation and also update the exploit module to handle various cases whereby the dbus-send command might end up timing out due to TIMEOUT being too low and to fix some final issues found during testing 2021-07-08 16:24:01 -05:00
Grant Willcox 9f88ef0954 Fix up review comments 2021-07-08 16:22:29 -05:00
Jack Heysel 0f67dd5212 Fixed get_cmd_delay, reponded to comments 2021-07-08 16:20:38 -05:00
Jack Heysel 9a07039e7e Updated docs 2021-07-08 16:09:15 -05:00
Jack Heysel f87f831aba Module updates + Docs 2021-07-08 16:09:02 -05:00
William Vu 8cd00bcb91 Update module doc 2021-07-06 22:25:35 -05:00
Christophe De La Fuente eca20bec92 Update from code review 
- Fix documentation typos
- Rename `MeterpreterBackground` Mettle option to `MeterpreterTryToFork`
 2021-06-30 11:02:11 +02:00
Christophe De La Fuente ccaedd6c9a Last additions and improvements 
- add binaries
- add documentation
- backup `runc` binary in the exploit C file
- add `MeterpreterBackground` options to set Mettle `background` option
- add `WsfDelay` logic
- refactor code
- add cleanup logic
- add restore `runc` binary logic
 2021-06-30 11:02:11 +02:00
Shelby Pace 3c7d96695e Land #15349, add rConfig vendors auth rce 2021-06-24 10:43:18 -05:00
Shelby Pace df1faf85ff rename files, change version check, use cookie jar 2021-06-24 09:47:38 -05:00
Spencer McIntyre 397c9ef140 Land #15333, Cisco HyperFlex File Upload RCE 2021-06-17 13:40:39 -04:00
Jack Heysel 281fce0c94 Cisco HyperFlex File Upload RCE module 
beta draft

RCE working with linux/x64/meterpreter_reverse_tcp

rubocop

Updated title, removed newlines

Responded to comments

Rubo cop offenses

Update documentation/modules/exploit/linux/http/cisco_hyperflex_file_upload_rce.md

Co-authored-by: wvu <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/cisco_hyperflex_file_upload_rce.rb

Co-authored-by: wvu <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/cisco_hyperflex_file_upload_rce.rb

Co-authored-by: wvu <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/cisco_hyperflex_file_upload_rce.rb

Co-authored-by: wvu <wvu-r7@users.noreply.github.com>

Update modules/exploits/linux/http/cisco_hyperflex_file_upload_rce.rb

Co-authored-by: wvu <wvu-r7@users.noreply.github.com>

Responded to comments

Rubocop offenses

Added support for Java Dropper

Made changes to Linux Dropper

Rubocop

Improved check method, changed to default staged paylod, removed TODO

Switched to single-quoted strings
 2021-06-17 12:38:47 -04:00
Yann Castel dca4f3f471 fix download link 2021-06-17 15:19:42 +02:00
Yann Castel 0fda6b348d initial commit 2021-06-17 15:15:59 +02:00
MucahitSaratar ea7eaba7a9 added cve 
Signed-off-by: MucahitSaratar <trregen222@gmail.com>
 2021-06-10 09:35:42 -05:00
MucahitSaratar 4796779a29 Add more fixes to the module and documentation 2021-06-10 09:35:10 -05:00
MucahitSaratar 8e16d4a1c7 ipfire 2.25 core 156 remote code execution 
Signed-off-by: MucahitSaratar <trregen222@gmail.com>
 2021-06-10 09:34:13 -05:00
Spencer McIntyre 78f97d2fa7 Land #15281, Add Cisco HyperFlex exploit 2021-06-03 17:24:27 -04:00
William Vu 6efd312430 Add Cisco HyperFlex HX Data Platform exploit 
CVE-2021-1497
CVE-2021-1498
 2021-06-03 00:43:56 -05:00
h00die 3f1bb4b51e rename module, add docs 2021-05-30 14:48:39 -04:00
M. Cory Billington e62efe0690 Added module and documentation for SuiteCRM Log File RCE 2021-05-22 00:11:19 -05:00
Spencer McIntyre 56388cd696 Land #15146, Add support for extra OSes for CVE-2021-3156 (Baron Samedit) 2021-05-18 18:02:30 -04:00
Spencer McIntyre a8a1cf75b8 Reorder the Fedora targets to be descending 2021-05-18 18:02:12 -04:00
William Vu 637e9cff48 Update vmware_vrops_mgr_ssrf_rce documentation 2021-05-06 18:30:20 -05:00
Ashley Donaldson 5dc8d0e684 Added automatic cleanup for exploit scripts that modify /etc/passwd 2021-05-06 21:50:03 +10:00