adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

13654 Commits

Author SHA1 Message Date
William Vu befca0f2fe Land #10949, ForceExploit for Linux local exploits 2018-11-27 11:23:03 -06:00
Aaron Ringo 9dd4017674 some modifications to WIP, changed gcc, fixed other errors 2018-11-26 21:06:37 -06:00
Brent Cook 0fddb8e31c Land #10768, Exploit for Netgear CVE-2016-1555 2018-11-26 11:45:10 -06:00
bwatters-r7 14b2cdc120 Land #10886, Bypassuac computerdefault 
Merge branch 'land-10886' into upstream-master
 2018-11-26 11:19:46 -06:00
Brent Cook 0b6c73a7d4 Land #11019, Replace WsfDelay with WfsDelay 2018-11-26 10:59:04 -06:00
Aaron Ringo 5e9c10dbe8 added modulepath, tested on centos with selinux 2018-11-25 19:48:05 -06:00
Aaron Ringo 2ad453b6e3 added modulepath 2018-11-25 15:54:37 -06:00
h00die e2d58afe13 cleaned up code, added custom 2018-11-25 10:59:53 -05:00
Brendan Coles 5c06cdca73 Replace WsfDelay with WfsDelay - Fixes #11018 2018-11-25 05:09:16 +00:00
Brendan Coles be6cfde921 Land #11015, Fix payload and console check for Xorg_privesc Linux targets 2018-11-25 04:51:27 +00:00
Aaron Ringo 93db7b399f Using Wfsdelay instead of sleep loop, users get shells ASAP 2018-11-24 22:26:04 -06:00
Brendan Coles debf79416b Replace WsfDelay with WfsDelay - Fixes #11018 2018-11-25 04:22:11 +00:00
Brendan Coles 01ed57cbb3 Remove check for nosuid 2018-11-25 01:53:07 +00:00
Brendan Coles ff23a006b7 cleanup 2018-11-25 00:16:39 +00:00
Aaron Ringo 1783617770 consolelock check updated to use id, payload upload changed, documentation updated, misc formatting 2018-11-24 15:10:21 -06:00
h00die 945755b058 add custom php_imap target 2018-11-24 14:18:13 -05:00
h00die 45f2c5beb2 update php_imap_open docs 2018-11-24 07:26:42 -05:00
h00die e36cef3b96 e107 exploitable now 2018-11-23 20:16:53 -05:00
William Vu 8a402da056 Explain "junk" in buffer for morris_fingerd_bof 
And unrelated whitespace changes because I suck.
 2018-11-22 23:15:12 -06:00
Brent Cook a59913434d Land #10916, Xorg SUID privesc 2018-11-21 19:46:11 -06:00
Green-m 2197da4cd9 Fix code as jrobles suggest. 2018-11-21 11:24:50 +08:00
h00die acf421ffb0 remove eol spaces 2018-11-20 19:45:17 -05:00
h00die 31ad58fb91 edb and author 2018-11-20 19:30:43 -05:00
h00die 4111a61e1a fix module description 2018-11-20 18:35:20 -05:00
h00die 4c59a271e2 added suitecrm to imap_open exploit 2018-11-20 18:33:42 -05:00
Brent Cook d5d8216377 Land #10977, Add documentation and some enhancement to freesshd_authbypass module 2018-11-20 11:44:49 -06:00
Brendan Coles eb17c45000 Add Linux Nested User Namespace idmap Limit Local Privilege Escalation module 2018-11-20 14:10:28 +00:00
Tim W 3829cc11bb add DEBUG_EXPLOIT option 2018-11-20 17:58:36 +08:00
Tim W 57bad6b213 move offsets to hash 
fix
 2018-11-20 17:58:34 +08:00
Green-m 9884bea84e Update the reference link. 2018-11-20 17:39:01 +08:00
Green-m 9f573d6f27 Fix code as jrobles suggest. 2018-11-20 16:54:22 +08:00
Tim W bee3c3d4d3 add documentation 2018-11-20 16:53:34 +08:00
Tim W 44b1b6fe31 fix forking 2018-11-20 15:58:55 +08:00
h00die a28feed7d8 fix normalize and date 2018-11-19 04:00:58 -05:00
h00die 4b09584047 php_imap_open_rce 2018-11-18 21:28:19 -05:00
Imran E. Dawoodjee b679bfa3d9 Carriage return errors fixed. 2018-11-18 03:29:17 +08:00
Imran E. Dawoodjee fd0f40a141 Add PowerShell as a separate target then set it as default. 2018-11-18 03:20:48 +08:00
Carsten Maartmann-Moe cbdcd367ee Minor print out mod 2018-11-16 20:31:34 +01:00
Brendan Coles 6f094799b6 Update modules/exploits/windows/http/hp_imc_java_deserialize.rb 
Print payload length

Co-Authored-By: carmaa <carsten@carmaa.com>
 2018-11-16 20:20:52 +01:00
Brendan Coles 709befea5c Update modules/exploits/windows/http/hp_imc_java_deserialize.rb 
Fixed if/else block return

Co-Authored-By: carmaa <carsten@carmaa.com>
 2018-11-16 20:19:23 +01:00
William Vu 90b9204703 Update DisclosureDate to ISO 8601 in my modules 
Basic msftidy fixer:

diff --git a/tools/dev/msftidy.rb b/tools/dev/msftidy.rb
index 9a21b9e398..e9ff2b21e5 100755
--- a/tools/dev/msftidy.rb
+++ b/tools/dev/msftidy.rb
@@ -442,6 +442,8 @@ class Msftidy
     # Check disclosure date format
     if @source =~ /["']DisclosureDate["'].*\=\>[\x0d\x20]*['\"](.+?)['\"]/
       d = $1  #Captured date
+      File.write(@full_filepath, @source.sub(d, Date.parse(d).to_s))
+      fixed('Probably updated traditional DisclosureDate to ISO 8601')
       # Flag if overall format is wrong
       if d =~ /^... (?:\d{1,2},? )?\d{4}$/
         # Flag if month format is wrong
 2018-11-16 12:18:28 -06:00
Imran E. Dawoodjee 08b3efa046 Enhanced module and added documentation. 2018-11-16 21:18:45 +08:00
Aaron Ringo a174c606aa Changed SELINUX check to use built in methods 2018-11-16 04:22:18 -06:00
Carsten Maartmann-Moe 680393d4d6 Refined check method to actually verify vulnerability 2018-11-15 22:31:31 +01:00
Tim W 420be60900 add CVE-2018-4237 2018-11-15 08:48:10 +08:00
Tim W 2c30459a1b add CVE-2018-4233 and CVE-2018-4404 2018-11-15 08:44:18 +08:00
Jacob Robles 795aa3c99c Land #10828, git submodule url exec CVE-2018-17456 2018-11-14 12:39:13 -06:00
Julien Legras 02f2a2828e Fix references CVE and WPVDB 2018-11-14 18:19:12 +01:00
Julien Legras 3daec992c8 Fix indentation 2018-11-14 18:08:31 +01:00
Jacob Robles 798d3156bc Print git command for module 2018-11-14 10:57:36 -06:00