adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

6361 Commits

Author SHA1 Message Date
Jeff McJunkin 2927fd5dc8 Update bypassuac_sluihijack: Fix typo 2019-06-26 14:25:32 -07:00
Jacob Robles efc61a4934 Use cmdstager 2019-06-26 10:15:25 -05:00
Jacob Robles 7c3e566a23 Update check 
Handle nil error code and fix version extraction based
on both of the possible Apache Tika return pages.
 2019-06-26 10:15:25 -05:00
Wei Chen 2fb129ad41 Allow check in exploit to be optional 2019-06-25 17:13:55 -05:00
Carter Brainerd 5e8b076714 Final review changes 2019-06-25 07:21:08 +02:00
Carter Brainerd d2dc5f6077 Review changes 2019-06-22 00:18:44 -04:00
Carter Brainerd d90dba5d6e Hopefully final msftidy fixes 2019-06-20 17:03:38 -04:00
Carter Brainerd 1a877abe09 Msftidy was not happy 2019-06-20 14:50:56 -04:00
Carter Brainerd 534e2bc405 Make the darn thing work 2019-06-20 14:40:46 -04:00
Carter Brainerd fded7fb922 Create bypassuac_silentcleanup.rb 2019-06-20 13:53:54 -04:00
Shelby Pace d818a27a7c added check, path for diaghub exploit 2019-06-19 16:14:02 -05:00
Wei Chen 16cfd3f4ac Fix typos 2019-06-18 15:49:40 -05:00
Wei Chen 585a4340b2 Add exploit for CVE-2019-0232: Apache Tomcat CGIServlet RCE 2019-06-18 15:28:11 -05:00
Matthew Kienow d91459f2eb Correct module CVE reference 2019-06-11 09:14:40 -04:00
Shelby Pace 76ef689827 add hard link creation code 2019-06-06 15:58:44 -05:00
Jacob Robles c1572c89a8 Land #11841, IBM WAS Network Deployment RCE CVE-2019-4279 2019-06-04 11:49:05 -05:00
Brent Cook 53557cc92e replace trivial usage of expand_path with getenv 
expand_path is not implemented consistently across platforms and
sessions, which leads to confusing behavior. In places where we have trivial
single variable expansions, this changes modules and library code to just use
getenv.

We'll look at the rest individually to see if they can also be reimplemented in
terms of getenv.
 2019-05-31 17:44:35 -05:00
Jacob Robles 1069c3de4f File cleanup 2019-05-30 13:36:28 -05:00
Jacob Robles 87e9fddd2f CMD Target Update 
Generic payload auto-disables the handler so we don't have
to handle that now. Also, remove datastore modifications
in the module.
 2019-05-29 13:09:21 -05:00
Jacob Robles 55dcdace03 Land #11846, OATS Console War Deployment 2019-05-24 11:27:36 -05:00
Wei Chen fcd360891f Check #attributes for nil, and make sure target is oats console 2019-05-24 10:06:47 -05:00
Brent Cook 0559fda9db Land #11873, allow calling methods across related modules 2019-05-23 13:56:27 -05:00
Jacob Robles 1fe981b8e2 Land #11843, Update MSB references 2019-05-23 08:07:46 -05:00
Jacob Robles db353a7ba1 Fix MS reference number 2019-05-23 07:03:23 -05:00
Jacob Robles a0e90c0848 Remove references to doc.microsoft.com bulletin 
MSB references point to this location
 2019-05-23 07:01:21 -05:00
William Vu e836bdceca Force check only in ETERNALBLUE 2019-05-22 20:07:56 -05:00
William Vu 5064f2ce01 Add ForceExploit 2019-05-22 17:50:31 -05:00
William Vu 78fb72fea3 Update ms17_010_psexec 2019-05-22 17:31:24 -05:00
William Vu c7ba2ade65 Convert to mixin 2019-05-22 17:27:11 -05:00
William Vu d0a2d9533f Use CheckCode 2019-05-22 16:51:33 -05:00
William Vu db299b71ce Add datastore option 2019-05-22 16:45:01 -05:00
William Vu fdec7613c0 Update comment 2019-05-22 16:30:10 -05:00
William Vu df425d33b5 Update constant name 2019-05-22 16:29:27 -05:00
William Vu 3a8baf0dec Add comment 2019-05-22 16:28:04 -05:00
William Vu ac8b1fdb7e Add some more error checking 2019-05-22 16:26:27 -05:00
William Vu b99de521c4 Add more comments 2019-05-22 16:14:02 -05:00
William Vu a994f728dd Update comment 2019-05-22 16:10:32 -05:00
William Vu 51fc705cb3 Add ForceExploit 2019-05-22 16:06:04 -05:00
William Vu 486caa7e69 Add some error checking 2019-05-22 15:58:26 -05:00
William Vu 0f0faee680 Add check method to ms17_010_eternalblue 2019-05-22 15:42:57 -05:00
Wei Chen 388a391b9a Update oats_weblogic_console and its doc 2019-05-22 15:14:17 -05:00
William Vu f14ab6e2db Land #11868, iis_webdav_upload_asp disclosure date 2019-05-22 14:28:29 -05:00
Tod Beardsley 5523dce897 Fix disclosure date for WebDAV module 2019-05-22 09:05:56 -04:00
rwincey 99f3f6cb78 Added x64 arch and fixed exe gen 2019-05-20 23:45:26 -04:00
bwatters-r7 e1f898fe52 Land #11834, Fix ams_hndlrsvc 
Merge branch 'land-11834' into upstream-master
 2019-05-20 12:29:45 -05:00
Wei Chen 6cd943e0ce Sometimes attributes could be nil if hitting an unexpected page 2019-05-20 10:48:29 -05:00
Wei Chen 5a46fdf535 Find frsc value from hidden input instead of using rkelly (js) 2019-05-18 19:25:44 -05:00
Wei Chen 592b8302ab Make sure to calls super for setup, also update doc for output 2019-05-18 18:08:25 -05:00
Wei Chen c2567f2ee3 Fix bug on cleanup ready status & more verbose 2019-05-18 17:50:29 -05:00
Wei Chen 40d4b3dfd3 Add doc and update the module title 2019-05-16 16:31:25 -05:00