adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

2417 Commits

Author SHA1 Message Date
Green-m 2472bfdfdc Fix rand_text_alpha_lower problem. 2018-04-03 23:05:08 -04:00
Green-m bbf6d072ea Fix some errors and bugs. 2018-04-03 22:47:41 -04:00
Green-m 611a3dc19c Add exploit module apache_couchdb_cmd_exec 2018-03-27 05:43:03 -04:00
h00die 8b220e3bad minor formatting 2018-03-26 19:53:35 -04:00
h00die 1371684df7 add linux mint to docs 2018-03-25 07:58:51 -04:00
Brendan Coles 9bb6e72020 Add lastore-daemon D-Bus Privilege Escalation exploit 2018-03-24 23:16:42 +00:00
h00die 2b08c54cda bcoles suggestions 2018-03-24 13:59:37 -04:00
h00die e8d910ac08 spelling 2018-03-23 21:40:46 -04:00
h00die 6b0691a91a cve-2017-16995 2018-03-23 21:09:56 -04:00
William Vu 176fb13c84 Fix #9650, missed code from TelnetEnable refactor 
1. Functionality was added incrementally, and I missed an opportunity to
consolidate a few methods under @do_exploit.
2. The Capture mixin can raise RuntimeError for a number of different
reasons, not just a lack of root privileges.

tl;dr Fix my incompetence and laziness. :-)

I don't think EDB and friends usually get these updates. :(
 2018-03-05 14:46:27 -06:00
William Vu 6dbf9445c9 Add MAC address discovery 2018-03-02 19:18:30 -06:00
William Vu 107512498c Add check method 2018-03-02 19:16:37 -06:00
William Vu 25f36fb926 Refactor code into new methods 2018-03-02 19:16:37 -06:00
William Vu 109bc87ffb Check for nil, EOFError, and zero-length response 2018-03-02 19:15:20 -06:00
William Vu bcdfebf93c Add a vprint for creds we chose 2018-03-02 19:15:19 -06:00
William Vu 4418a0de02 Enhance detection of telnetenabled vs. telnetd 2018-03-02 19:15:19 -06:00
William Vu fba30d47a2 Use default creds specific to protocol 2018-03-02 19:15:18 -06:00
William Vu 1f40afea9c Add automatic target for detection of TCP or UDP 2018-03-02 19:15:18 -06:00
William Vu a5e5b618fd Add print statements I forgot 2018-03-02 19:15:17 -06:00
William Vu e87681f2c4 Add NETGEAR TelnetEnable 2018-03-02 19:15:17 -06:00
bwatters-r7 4b8a8fa2b1 Land #9441, Create exploit for AsusWRT LAN RCE 
Merge branch 'land-9441' into upstream-master
 2018-02-22 10:40:45 -06:00
Brent Cook 78822fd799 Land #9524, prefer 'shell' channels over 'exec' channels for ssh CommandStream 2018-02-21 06:59:09 -06:00
Steve f7271d0086 Added curl flavor 2018-02-15 13:11:25 +00:00
Steve 8976b52216 Handle error stating that SNMP has timed out 2018-02-14 17:35:19 +00:00
Steve 734a6496c5 Fix escaping of printf and echo payloads 2018-02-14 16:21:15 +00:00
Steve dd267ba438 Fix msftidy warnings 2018-02-14 09:35:25 +00:00
h00die 285b329ee1 Land #9422 abrt race condition priv esc on linux 2018-02-11 11:58:39 -05:00
Pearce Barry add7ae8fa1 Land #9536, Add Ubuntu notes to documentation 2018-02-11 07:27:00 -06:00
Pearce Barry 321b78b0fe Land #9408, Add Juju-run Agent Privilege Escalation module (CVE-2017-9232) 2018-02-11 07:19:49 -06:00
Brendan Coles 4e5cbd68b9 Add Ubuntu notes to documentation 2018-02-11 06:52:36 +00:00
Brendan Coles 0d573e1434 Support shell sessions 2018-02-09 16:15:04 -05:00
Brendan Coles 45249d582d Add partition check 2018-02-09 16:15:04 -05:00
Brendan Coles 0ba37f8104 Add glibc $ORIGIN Expansion Privilege Escalation exploit 2018-02-09 16:15:04 -05:00
h00die cb1b59545b Land #9469 linux local exploit for glibc ld audit 2018-02-09 14:00:42 -05:00
Steve 361a999dd1 Use ARCH_X64 instead 2018-02-09 18:49:04 +00:00
Steve f17b9aed0c Use cmd_stager 2018-02-09 18:38:09 +00:00
Steve 7598a5801a Fix use of local var 2018-02-09 09:36:59 +00:00
Steve 829cfbab3b Replaced string concats with interpolation 2018-02-08 16:11:47 +00:00
Steve a415a82aa3 Shortened SNMPManager.open statements 2018-02-08 16:09:53 +00:00
Steve 60e3b7be1a Clarified printf string 2018-02-08 16:06:44 +00:00
Steve 9bea263805 Changed temporary filename to local variable 2018-02-08 16:04:49 +00:00
Steve 50a1a0ae6c Add comment to space limitation 2018-02-08 16:03:17 +00:00
Steve ba528c8d50 Indented description 2018-02-08 16:01:16 +00:00
Brendan Coles 5b251ae672 Support shell sessions on Debian 2018-02-08 11:29:09 +00:00
Brent Cook b1d0529161 prefer 'shell' channels over 'exec' channels for ssh 
If a command is not specified to CommandStream, request a "shell"
session rather than running exec. This allows targets that do not have a
true "shell" which supports exec to instead return a raw shell session.
 2018-02-08 02:21:16 -06:00
Brendan Coles d078ab8033 Use 'exit' CommandShellCleanupCommand 2018-02-06 13:36:36 +00:00
Brendan Coles 696817215b Update tested versions 2018-02-05 04:48:52 +00:00
Brendan Coles e158ccb20b Support cleanup for meterpreter sessions 2018-02-04 04:38:53 +00:00
Brendan Coles 74ab02f27b Support meterpreter sessions 2018-02-03 11:55:08 +00:00
Brendan Coles 686689afc0 Rename asus_infosvr_exec to asus_infosvr_auth_bypass_exec 2018-02-02 07:53:50 +00:00