adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

6361 Commits

Author SHA1 Message Date
Erin Bleiweiss 69a785ff46 Update json for python modules 2018-08-31 16:56:22 -05:00
Erin Bleiweiss eb17d9b198 Refactor AKA references for modules 2018-08-31 16:56:05 -05:00
Jacob Robles 9d3e1c1942 Land #10540, weblogic_deserialize, add check method and linux target 2018-08-30 06:08:03 -05:00
Jacob Robles 953bafc7e7 Land #10545, foxit fix generated strings, update doc 2018-08-30 05:55:44 -05:00
Austin 0887236f5e Fix spaces issue 2018-08-29 19:28:48 -04:00
Clément Notin d489cd7248 ms17_010_eternalblue: use SMBDomain value when provided instead of ignoring it 2018-08-29 23:53:58 +02:00
Adam Cammack a57e5ac5c0 Land #10594, Remove trailing space from CVE number 2018-08-29 14:31:21 -05:00
Ben Schmeckpeper c4d697a629 Remove trailing space from CVE identifier 
ASUS Net4Switch ipswcom exploit mistakenly included a trailing space at the end of its CVE reference.
 2018-08-29 14:12:49 -05:00
William Vu 468613f688 Land #10536, https:// reference check for msftidy 2018-08-29 11:14:42 -05:00
Jacob Robles d5ad683ba6 More doc updates 2018-08-29 10:59:36 -05:00
Jacob Robles 086ec5bdfb Fix generated strings in pdf 2018-08-29 06:24:20 -05:00
Ben Schmeckpeper 6335d867ec Add CVE reference to office_ms17_11882 exploit 
The CVE identifier appears in a  GitHub URI but is not referenced separately.
 2018-08-28 13:44:01 -05:00
Jacob Robles 94e8cdac37 Move files to correct location 2018-08-28 12:38:54 -05:00
Jacob Robles 2986a9538d Whitespace fix 2018-08-28 11:53:08 -05:00
Jacob Robles 49c5a91fa7 Add linux target to weblogic_deserialize module 2018-08-28 11:51:04 -05:00
Jacob Robles 12e9cf6af7 Version output 2018-08-28 08:20:02 -05:00
Jacob Robles f92d2263d0 Add check to weblogic_deserialize module 2018-08-28 08:09:30 -05:00
Christian Mehlmauer a66556b436 fix msftidy errors 2018-08-28 13:12:43 +02:00
Brendan Coles 9725e90ba7 Fix msftdiy EDB link check 2018-08-26 04:18:38 +00:00
William Vu 6df235062b Land #10505, post-auth and default creds info 2018-08-24 18:08:15 -05:00
Jacob Robles f6674a96d9 Update poc link 2018-08-24 10:52:01 -05:00
Wei Chen 2193dd662d Land #10504, add Foxit Reader UAF Module and Docs 2018-08-23 18:56:07 -05:00
Austin d6949ad792 Add check for SeImpersonatePrivilege 
Checks for the incurrence of the SeImpersonatePrivilege to be able to successfully exploit
 2018-08-23 16:54:22 -04:00
Jacob Robles 7ceae8df58 Remove '.exe' from share name 2018-08-23 14:38:46 -05:00
Mumbai c18b46ecb5 add delay 2018-08-21 11:29:44 -04:00
Jacob Robles fd6880d0d0 Add Foxit Reader UAF Module and Docs 2018-08-21 08:21:51 -05:00
Wei Chen ad0291e552 Update false negatives 2018-08-20 18:08:19 -05:00
Wei Chen 01ad152067 Update false negatives on post auth information 2018-08-20 16:05:58 -05:00
Austin 5d6aaf60bb 300 : "THIS IS FAILED TRAVIS!" 2018-08-18 07:22:59 -04:00
Austin 06a5df3ad3 Travis the the PR: A love & hate story 2018-08-18 07:12:34 -04:00
Austin 7a26960b11 Oh holy travis, accept my tabs and spaces! 
Fixes the damn tabs and spaces. im gonna be livid if this doesnt work
 2018-08-18 06:46:38 -04:00
William Vu 60c0272270 Make style consistent 2018-08-15 21:27:40 -05:00
Kevin Kirsche cd01f11fd2 Remove verifying host keys for all exploits 2018-08-15 14:54:41 -07:00
Austin 1e2d3ad2f5 offer travis a sacrifice 2018-08-12 12:40:03 -04:00
Austin b3f91394a1 Update ms16_075_reflection.rb 2018-08-12 07:13:04 -04:00
Austin 9bc21ba994 Update ms16_075_reflection.rb 2018-08-12 07:12:44 -04:00
Austin 75736415ad Update ms16_075_reflection.rb 2018-08-12 07:12:24 -04:00
Wei Chen 9122c5945e Add a comment explaining the last sleep(10) 2018-08-09 14:51:56 -05:00
James Cook c5903dc767 Travis and Format fixes 
Fixed some formating issues pointed out by @Green-m.
Changed disclosure date format for travis.
 2018-08-09 10:29:34 -07:00
Jacob Robles 66e5685ed2 Moved to exploit/windows 2018-08-09 11:35:14 -05:00
James Cook f2d2e0fce6 Add webdav delivery module 
This module simplifies the rundll32.exe Application Whitelisting Bypass technique.
The module creates a webdav server that hosts a dll file. When the user types the provided rundll32
command on a system, rundll32 will load the dll remotly and execute the provided export function.
The export function needs to be valid, but the default meterpreter function can be anything.
The process does write the dll to C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\TfsStore\Tfs_DAV
but does not load the dll from that location. This file should be removed after execution.
The extension can be anything you'd like, but you don't have to use one. Two files will be
written to disk. One named the requested name and one with a dll extension attached.
 2018-08-07 11:56:54 -07:00
Mumbai 4a88d643ba adding reflective Potato 2018-08-03 02:09:24 -04:00
bwatters-r7 cdefb88770 Added line to support SMB2 2018-07-30 12:37:06 -05:00
bwatters-r7 6d4c70d019 ughhhhh EOL 2018-07-27 11:35:31 -05:00
bwatters-r7 036e2b2247 shut up, Rubocop 2018-07-27 11:11:32 -05:00
bwatters-r7 b4792e08a4 Combine the modules and update the binaries 2018-07-27 11:08:04 -05:00
bwatters-r7 aaf1a22c7c Rubocop changes 2018-07-27 10:15:45 -05:00
bwatters-r7 eab62c18c6 Update mov_ss and add mov_ss_dll 2018-07-27 09:40:34 -05:00
Winston Ho 6173305776 Update author fields 2018-07-19 01:25:59 -04:00
Winston Ho b481855c87 Add vlc_mkv exploit module 2018-07-18 03:40:09 -04:00