adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

2417 Commits

Author SHA1 Message Date
William Vu 04084f84f7 Run rubocop -a 2020-01-13 20:25:07 -06:00
William Vu a45821b706 Rename module 2020-01-13 20:25:07 -06:00
secenv 1429a496da Remove _telnet from filename 
No need to keep it, it drops meterpreter as payload now.
 2020-01-13 13:18:43 -03:00
secenv eab0bd5755 Randomize "Callback" header URL 2020-01-13 11:39:23 -03:00
Jacob Baines caa02c7d2e Added exploit module for CVE-2019-3929 2020-01-09 08:03:52 -05:00
secenv 0d592a3fca Replace send_request_cgi with send_request_raw 
msftidy complains about not using vars_get... Which won't work in this case.
 2019-12-31 13:36:09 -03:00
secenv b6731a6d1c Remove printf as flavor 
There is no printf in this router.
 2019-12-31 13:10:59 -03:00
secenv bedb1132b7 Convert to staged exploit 
Works with meterpreter now :D
 2019-12-31 13:08:51 -03:00
secenv 5f2c29946c Remove the prompt variable + some EOL spaces; modify rand() 
As suggested by @bcoles
 2019-12-31 11:19:59 -03:00
secenv 2eec026a28 D-Link DIR-859 Unauthenticated RCE (CVE-2019-17621) 
Exploits a vulnerability in the /gena.cgi UPnP endpoint in D-Link DIR-859 (and potentially other) SOHO routers. CVE ID: 2019-17621.
Code based on modules/exploits/linux/http/dlink_dir300_exec_telnet.rb
 2019-12-30 19:22:04 -03:00
Brent Cook 8061cdf974 Land #12760, improvements to linux/local/bpf_priv_esc module 2019-12-26 13:43:54 -06:00
Brendan Coles a7b63557db Notify operator that cleanup of crontab is required 2019-12-26 16:21:44 +00:00
Brendan Coles d449a93b44 Add Msf::Post::File.attributes method 2019-12-25 07:34:44 +00:00
Brent Cook ce991071e4 Land #12524, update most python code with python 3 compatibility 2019-12-23 14:49:08 -06:00
h00die 4f8382fc98 Land #12744, rds lpe updates and improvements 2019-12-22 10:21:03 -05:00
h00die 4e1e8d344f rds reliability, stability notes 2019-12-22 10:20:00 -05:00
h00die 7a027216cc Land #12701 linux priv esc on reptile_cmd rootkit 2019-12-21 15:50:07 -05:00
Brendan Coles c0da9e2202 Rename exploit/linux/local/rds_priv_esc -> exploit/linux/local/rds_rds_page_copy_user_priv_esc 2019-12-18 20:05:19 +00:00
Brent Cook fde942bc37 Land #12517, replace CheckScanner mixin with CheckModule, which works with anything 2019-12-16 17:40:10 -06:00
Christophe De La Fuente 42a60034f2 Land #12725, Bash profile persistence module 2019-12-16 09:19:08 +01:00
h00die 1ff925eac9 Land #12727, netfilter_priv_esc_ipv4 improvements 2019-12-15 07:07:40 -05:00
Brendan Coles dd41892123 Update netfilter_priv_esc_ipv4 exploit 2019-12-15 07:17:42 +00:00
bluesentinelsec c43330934b New module: Bash Profile Persistence 2019-12-14 21:40:18 -05:00
Brendan Coles d7f1c9a4a9 Land #12696, Add AKA references to several modules 2019-12-12 15:28:21 +00:00
William Vu f31930748b Remove RHOST from solarwinds_lem_exec 
This doubles as a test.
 2019-12-11 13:42:41 -06:00
Rob Fuller 5eb90d758f Update modules/exploits/linux/ssh/solarwinds_lem_exec.rb 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-12-11 13:44:37 -05:00
Rob Fuller 002b9e5b90 Fix typo and lacking RHOST 
Kinda need a RHOST to use a RCE...
 2019-12-11 12:17:53 -05:00
h00die 8cb58be4c0 style 2019-12-11 06:44:35 -05:00
Brendan Coles 1ebfe6c284 Add Reptile Rootkit reptile_cmd Privilege Escalation 2019-12-11 06:48:51 +00:00
h00die 3b2a54a599 add aka to some modules 2019-12-10 09:53:13 -05:00
William Vu 42c8420f5a Fix style 2019-12-09 20:09:52 -06:00
William Vu 7b1d54fc26 Land #12577, redis_unauth_exec fixes 2019-12-09 19:37:53 -06:00
William Vu 263c7bf235 Use CheckModule in pulse_secure_cmd_exec 2019-12-03 10:39:58 -06:00
Green-m 22412d4570 Fix bind error bug, and enhance check method. 2019-11-15 09:52:58 +08:00
Shelby Pace baf27f9654 Land #12542, add Bludit File Upload Exploit 2019-11-12 15:44:34 -06:00
William Vu 3c1fa90a75 Land #12515, Pulse Secure VPN RCE 2019-11-12 02:55:01 -06:00
William Vu a267ad9d64 Reference env(1) as the reason we have useful RCE 2019-11-12 02:17:58 -06:00
William Vu 8df559eceb Update print to warning 2019-11-12 02:09:43 -06:00
wvu-r7 0c4580f254 Calibrate timeout for hax 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-11-12 02:03:52 -06:00
William Vu de72ed8545 Print our glorious success 2019-11-12 02:02:53 -06:00
William Vu 238c931fd3 Don't fail module if blocking through timeout 2019-11-12 01:55:56 -06:00
William Vu d8e612726c Note that an admin SID is required at present 2019-11-12 01:46:23 -06:00
William Vu 1573664c78 Reduce timeout for when the shell pops 2019-11-12 01:41:19 -06:00
William Vu bc5b0645dd Fix typo 2019-11-12 01:25:36 -06:00
William Vu 2c6c46701c Update DefaultOptions 2019-11-12 01:23:53 -06:00
William Vu 8664ac9dd8 Add target print 2019-11-12 01:17:28 -06:00
William Vu e9fb4a2528 Check for nil 
Oops.
 2019-11-12 01:10:26 -06:00
William Vu f4c7690247 Print cmd/unix/generic command output, minus HTML 2019-11-12 01:08:56 -06:00
William Vu 09901fdf56 Clarify session cookie could be invalid 2019-11-12 01:08:25 -06:00
William Vu 5b825e8245 Readd cmd/unix/generic target with manual badchars 2019-11-12 01:08:09 -06:00