adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

6361 Commits

Author SHA1 Message Date
Brent Cook 5936d2c415 use a finer-grained exception here 2019-11-18 12:57:33 -06:00
bwatters-r7 2736cbc84c Land #12588, Remove unsupported session type 
Merge branch 'land-12588' into upstream-master
 2019-11-18 10:19:01 -06:00
Brent Cook 5a6e4c031d Land #12494, Add Windows backup system sdclt uac bypass module 2019-11-18 01:47:11 -06:00
Brent Cook 09730aebf4 s/http/https/ 2019-11-18 01:45:57 -06:00
Brendan Coles facf16b860 Declare correct SessionType - Fix #12586 2019-11-16 04:58:02 +00:00
Brendan Coles 9e37fb3ece Declare correct SessionType - Fix #12587 2019-11-16 04:57:18 +00:00
bwatters-r7 d093c75ae5 Stupid pry.... 2019-11-15 12:27:42 -06:00
bwatters-r7 1e95e1c956 Fix up required reg additions for different windows versions 
Add module docs
 2019-11-15 12:20:50 -06:00
William Vu 6e904ea105 Fix/clarify target documentation for BlueKeep 2019-11-15 11:14:00 -06:00
William Vu 28ecefadb8 Warn about fDisableCam in automatic mode 2019-11-14 11:08:27 -06:00
William Vu cb6d85bee2 Add suggestion about GROOMBASE 2019-11-14 11:08:14 -06:00
William Vu fc64ac42af State 2008 caveat in module description and doc 2019-11-14 10:57:42 -06:00
William Vu 45e2a3b229 Address RuboCop review 2019-11-13 02:10:03 -06:00
William Vu 7a4c48ee27 Fix style in exploit/windows/smb/doublepulsar_rce 2019-11-13 02:04:14 -06:00
William Vu 4877032e8a Update exploit/windows/smb/doublepulsar_rce info 2019-11-13 00:30:09 -06:00
lle-bout 6766d9f6f7 Fix exploit/windows/local/ms16_032_secondary_logon_handle_privesc 
- Powershell script was outdated.
   Updated from https://www.exploit-db.com/exploits/39719

 - Powershell script was buggy when current directory
   was set to e.g. C:\ProgramData. (Get-Item Error)
   Fixed.

 - Stager was being dropped to current directory, but
   it is not guaranteed that we always have permission
   to write a file there. Use %TEMP% instead.

 - Exploit only seems to work when executed under
   a powershell of the same architecture as the
   host. (Not WOW64)
   This module now ensures that no matter the
   architecture of the meterpreter, a powershell
   of the same architecture as the host is being
   run. (Using Sysnative directory when on WOW64)

 - Stager was broken, now generating stager with Rex
   and dropping stager as `.ps1` instead of `.txt`.

   Ideally the exploit should be rewritten to
   accept a shellcode payload directly or a smaller
   stager powershell should be created so that it
   fits in under 1024 bytes and can be fed directly
   to CreateProcessWithLogonW without dropping to
   disk.
 2019-11-13 05:01:47 +01:00
William Vu 4f2cab4cf1 Add references 2019-11-11 17:33:10 -06:00
bwatters-r7 ef6ae90ca6 Add case statement for admin check 2019-11-11 09:00:11 -06:00
zerosum0x0 01d84c5654 remove syscall hook 2019-11-08 19:44:52 -07:00
bwatters-r7 f426206246 update code from bcoles suggestions. 2019-11-07 15:30:53 -06:00
Cristina c9948c037d Apply suggestions from code review 
- Change executable in shebang from python3 to python
- Revert changes to files that will only run as python2

Co-Authored-By: acammack-r7 <adam_cammack@rapid7.com>
 2019-11-01 19:20:22 -07:00
Cristina Muñoz 10b5df1c4f Change all python2.7 shebangs to python3. 
Remove utf-8 encoding declarations, as this is the default for python3.
 2019-10-31 15:10:58 -07:00
Cristina Muñoz 8563a29003 Convert all python code to python3. Fixes #12506. 2019-10-31 14:16:14 -07:00
bwatters-r7 340b73f3c6 Add Windows Escalate UAC Protection Bypass (Via dot net profiler) 2019-10-30 20:38:44 -05:00
William Vu e010f48a3b Move module to coldfusion_rds_auth_bypass 2019-10-27 11:25:56 -05:00
bwatters-r7 3483c50a86 Add Windows backup system sdclt uac bypass module 2019-10-25 15:01:56 -05:00
Brent Cook aadfb843bb add module move metadata 2019-10-08 13:18:47 -05:00
Brent Cook 5ce3f5d166 Land #12400, Add File Sharing Wizard SEH exploit module 2019-10-08 07:42:47 -05:00
dwelch-r7 951fd7b93e Replace double quotes with single quotes 2019-10-08 11:44:41 +01:00
dwelch-r7 25937c9e35 Use uri param and clean up logging 2019-10-07 17:15:04 +01:00
dwelch-r7 4eb068c9b0 Update target 2019-10-07 15:25:27 +01:00
dwelch-r7 02376c88fe Use httpclient over tcpclient 2019-10-07 15:20:30 +01:00
dwelch-r7 b723d026ab Address code review comments 
Use strings in info hash, port is an integer, remove version number from
name
 2019-10-06 15:27:29 +01:00
Brendan Coles af05a33957 Land #12408, Fix spelling mistakes 2019-10-05 21:10:56 +00:00
h00die 9f29f5f419 fix spelling received 2019-10-05 14:40:27 -04:00
h00die 905eb17132 begining to fix spelling errors 2019-10-05 14:26:34 -04:00
h00die 270f1cc63a Land #12394 fix spelling of separated 2019-10-05 14:14:10 -04:00
h00die f95f952b65 fix separated spelling 2019-10-05 14:13:38 -04:00
Brent Cook 3c397b721d Land #12375, Add image execute options persistence module 2019-10-04 14:40:37 -05:00
dwelch-r7 06661df510 Make rubocop happy 2019-10-04 15:12:51 +01:00
dwelch-r7 938c3a0e76 Add module docs 2019-10-03 23:22:21 +01:00
dwelch-r7 e13463eb7c remove default exit func 2019-10-03 16:24:29 +01:00
dwelch-r7 c8c4d8ad77 Add new bad char 2019-10-03 15:46:26 +01:00
bwatters-r7 8142f22f6e shutup, rubocop 2019-10-02 14:50:00 -05:00
dwelch-r7 20d21b45de Move module location 2019-10-02 16:08:54 +01:00
bwatters-r7 477a70934f Fix copy/pasta error in options 2019-10-01 10:10:51 -05:00
bwatters-r7 273e8b6a82 Add image execute options persistence module 2019-09-30 16:34:43 -05:00
William Vu 3edb0e3ef5 Reword module title and description 2019-09-30 14:28:53 -05:00
William Vu 4b5c6002b4 Move implant neutralization code to method 2019-09-30 14:18:41 -05:00
William Vu d5a26b892a Remove unused status codes in check 2019-09-30 14:18:41 -05:00