metasploit-gs

Author	SHA1	Message	Date
Tim W	0b0d4c8633	add x64 option to osx/local/persistence and update removal commands	2020-01-28 17:18:23 +08:00
Francesco Soncina	06843d0ea5	update removal commands for osx/local/persistence fixes #12870	2020-01-21 16:53:11 +01:00
Brent Cook	e50ab5cd13	Land #11726 , add exploit for CVE-2019-8513, macOS TimeMachine cmd injection	2019-06-29 05:36:12 -05:00
Wei Chen	efa00cd2d0	Update module description	2019-05-20 12:43:54 -05:00
Wei Chen	40bc0770f3	Update title	2019-05-20 12:37:46 -05:00
Wei Chen	eaaf1dd6c0	Update session types and platform metadata	2019-05-20 12:36:43 -05:00
Tim W	7968bd932a	improve arch selection	2019-05-07 22:54:58 +08:00
Tim W	be1d185a04	Add CVE-2019-8565 OSX Feedback Assistant local root exploit	2019-05-07 04:30:47 +08:00
Tim W	d20801cf12	add apple advisory	2019-04-26 13:25:26 +08:00
Tim W	f3f044ec59	add payload length check	2019-04-26 12:28:51 +08:00
Tim W	246fb6fa90	improve description docs	2019-04-22 14:40:57 +08:00
bcoles	421e250086	Update modules/exploits/osx/local/timemachine_cmd_injection.rb Co-Authored-By: timwr <timwr@users.noreply.github.com>	2019-04-21 19:59:14 +08:00
bcoles	f1f64cfbb8	Update modules/exploits/osx/local/timemachine_cmd_injection.rb Co-Authored-By: timwr <timwr@users.noreply.github.com>	2019-04-21 19:59:04 +08:00
bcoles	7a431b0690	Update modules/exploits/osx/local/timemachine_cmd_injection.rb Co-Authored-By: timwr <timwr@users.noreply.github.com>	2019-04-17 22:22:59 +08:00
Tim W	a7bd52cb2e	initial commit of CVE-2019-8513 (TimeMachine cmd injection)	2019-04-14 20:58:57 +08:00
Wei Chen	d523124faf	Land #10965 , Add the macOS LPE from pwn2own2018 (CVE-2018-4237)	2018-11-27 14:00:35 -06:00
Tim W	44b1b6fe31	fix forking	2018-11-20 15:58:55 +08:00
William Vu	90b9204703	Update DisclosureDate to ISO 8601 in my modules Basic msftidy fixer: diff --git a/tools/dev/msftidy.rb b/tools/dev/msftidy.rb index 9a21b9e398..e9ff2b21e5 100755 --- a/tools/dev/msftidy.rb +++ b/tools/dev/msftidy.rb @@ -442,6 +442,8 @@ class Msftidy # Check disclosure date format if @source =~ /["']DisclosureDate["'].\=\>[\x0d\x20]['\"](.+?)['\"]/ d = $1 #Captured date + File.write(@full_filepath, @source.sub(d, Date.parse(d).to_s)) + fixed('Probably updated traditional DisclosureDate to ISO 8601') # Flag if overall format is wrong if d =~ /^... (?:\d{1,2},? )?\d{4}$/ # Flag if month format is wrong	2018-11-16 12:18:28 -06:00
Tim W	420be60900	add CVE-2018-4237	2018-11-15 08:48:10 +08:00
Brendan Coles	c3080d69f2	Use writable? method for local modules	2018-11-04 05:28:32 +00:00
Erin Bleiweiss	eb17d9b198	Refactor AKA references for modules	2018-08-31 16:56:05 -05:00
asoto-r7	1a3a4ef5e4	Revised 88 aux and exploit modules to add CVEs / references	2018-07-12 17:34:52 -05:00
Tim W	641ffca98c	use base_dir	2018-06-08 14:53:21 +08:00
Brendan Coles	9c14bddd93	Cleanup OSX local exploit modules	2018-05-31 12:26:33 +00:00
Brendan Coles	45481f26b6	Add Msf::Post::OSX::Priv mixin	2018-05-22 22:25:39 +00:00
Brendan Coles	aa033bf5c1	Fix cleanup	2018-05-20 16:19:25 +00:00
Brent Cook	b13f4e25e1	thanks for making this well-known	2017-12-04 18:32:31 -06:00
Brent Cook	a27bb38d51	add authors	2017-12-04 18:25:18 -06:00
Tim W	58897bf2fc	msftidy	2017-11-29 16:36:50 +08:00
Tim W	7f1f7281f1	add local exploit for osx root login with no password	2017-11-29 16:06:02 +08:00
h00die	00c593e0a2	55 pages of spelling done	2017-09-07 21:18:50 -04:00
Brent Cook	6300758c46	use https for metaploit.com links	2017-07-24 06:26:21 -07:00
g0tmi1k	b8d80d87f1	Remove last newline after class - Make @wvu-r7 happy	2017-07-19 11:19:49 +01:00
g0tmi1k	4720d1a31e	OCD fixes - Spaces	2017-07-14 08:46:59 +01:00
Brent Cook	d20036e0fb	revise spelling, add heartbleed and tidy checks	2017-06-28 18:50:20 -04:00
Brent Cook	461ab4501d	add 'Also known as', AKA 'AKA', to module references	2017-06-28 15:53:00 -04:00
William Vu	64452de06d	Fix msf/core and self.class msftidy warnings Also fixed rex requires.	2017-05-03 15:44:51 -05:00
OJ	1d617ae389	Implement first pass of architecture/platform refactor	2016-10-28 07:16:05 +10:00
jvoisin	2272e15ca2	Remove some anti-patterns, in the same spirit than #7372	2016-09-29 00:15:01 +02:00
Brent Cook	b08d1ad8d8	Revert "Land #6812 , remove broken OSVDB references" This reverts commit `2b016e0216`, reversing changes made to `7b1d9596c7`.	2016-07-15 12:00:31 -05:00
wchen-r7	816bc91e45	Resolve #6807 , remove all OSVDB references. OSVDB is no longer a vulnerability database, therefore all the references linked to it are invalid. Resolve #6807	2016-04-23 12:32:34 -05:00
Christian Mehlmauer	3123175ac7	use MetasploitModule as a class name	2016-03-08 14:02:44 +01:00
Brent Cook	f703fa21d6	Revert "change Metasploit3 class names" This reverts commit `666ae14259`.	2016-03-07 13:19:55 -06:00
Brent Cook	44990e9721	Revert "change Metasploit4 class names" This reverts commit `3da9535e22`.	2016-03-07 13:19:48 -06:00
Christian Mehlmauer	3da9535e22	change Metasploit4 class names	2016-03-07 09:57:22 +01:00
Christian Mehlmauer	666ae14259	change Metasploit3 class names	2016-03-07 09:56:58 +01:00
HD Moore	16d0d53150	Update Shellshock modules, add Advantech coverage	2015-12-01 10:40:46 -06:00
Sam H	5fcc70bea4	Fixed issue w/ msf payloads + added timeout rescue Apparently when OS X payload shells get a sudo command, it requires a full path (even though it clearly has $PATH defined in its env...) to that file. The updates here take that into account. Also, the script more directly catches a timeout error when the maximum time for sudoers file to change has passed.	2015-10-25 23:38:48 -07:00
Sam H	348a0f9e3d	Cleaned up "cleanup" method and crontab check The script now searches for the full line "ALL ALL=(ALL) NOPASSWD: ALL" written in the crontab file to ensure that it is successful rather than just "NOPASSWD". Additionally, the required argument used in the cleanup method was removed and simply turned into an instance method so it could be accessed without needing to call it with any arguments.	2015-10-21 22:53:32 -07:00
Sam H	712f9f2c83	Deleted extra reference to exploit DB	2015-10-18 19:10:47 -07:00

1 2 3 4

160 Commits