adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

13654 Commits

Author SHA1 Message Date
Brent Cook 3d507250b0 Land #9745, Update QNX iwatchd to use newer APIs 2018-10-06 05:06:42 -04:00
Brent Cook c9ebe5ae23 Land #9745, Add ifwatchd QNX privilege escalation exploit module 2018-10-06 05:03:50 -04:00
Brendan Coles 89b6aafd85 Use register_file_for_cleanup 2018-10-06 04:37:04 +00:00
Brent Cook e2f97c75a0 Land #10616, update Unitrends UEB module to support vulnerabilities in version 10 2018-10-05 16:20:38 -05:00
Brent Cook a51243ce91 Land #10745, Update lastore_daemon_dbus_priv_esc tested versions 2018-10-05 11:35:31 -04:00
William Vu 7bc98e0ea8 Fix formatting and convert a missed AKA reference 2018-10-05 03:22:08 -05:00
William Vu d9cb052189 Fix improper use of the Ruby shovel operator (<<) 
junk would be modified and returned, and we just want to return the
concatenated string. Practically doesn't matter, but it's incorrect.

This was my first public module. I've been wanting to fix this since.
I'm noticing it again now as I look for how I used Ret in a target.
 2018-10-05 02:18:06 -05:00
Dylan Pindur 0f34f94496 Add back SSL options for tc-agent-xmlrpc-module 2018-10-05 15:11:13 +08:00
Dylan Pindur 8ae0bcbacd Refactor if statements to be cleaner 2018-10-05 09:48:44 +08:00
bwatters-r7 28fb27187a Land #10418, Add DCOM/RPC NTLM Reflection (MS16-075) Via Reflective DLL 
Merge branch 'land-10418' into upstream-master
 2018-10-04 16:54:53 -05:00
bwatters-r7 9a45c66db4 Fixed check to you know, check. 2018-10-04 16:38:35 -05:00
Brendan Coles fe7ce02dfd Update tested versions 2018-10-04 21:13:21 +00:00
William Vu 9f30512532 Land #10707, module traits to augment module rank 2018-10-04 13:26:14 -05:00
Jacob Robles 071aa04111 Land #10738, Add Zahir Enterprise 6 build 10b BOF 2018-10-04 11:00:12 -05:00
Wei Chen fb60558777 Land #10712, Make exploit/linux/http/axis_srv_parhand_rce more stable 2018-10-04 10:10:28 -05:00
Jacob Robles 060c68d2e0 Aligment, minor modifications 2018-10-04 10:10:09 -05:00
Jacob Robles 8b955f8ec5 Land #10704, Navigate CMS Unauthenticated RCE 2018-10-04 06:44:21 -05:00
Dhiraj Mishra 9f8f0b8885 Fixing carriage/spaces return at EOL 2018-10-04 15:41:46 +05:30
Dhiraj Mishra 783789d098 Updating 2018-10-04 15:01:06 +05:30
Thomas Gregory 144c76ecd4 Latest fix based on @jrobles-r7 recommendations 
Fixing:
- MetasploitModule class changed
- Remove the word 'exploit' from name
- Remove StackAdjustment
- Remove Privileged option
- Remove make_nops(12)
- Remove extra buffer at the end of exploit
 2018-10-04 16:18:02 +07:00
Thomas Gregory 991ac3c671 Fixing for msftidy 
Fixing some format because still throw errors
 2018-10-03 18:55:29 +07:00
Dylan Pindur 11d9b44922 Add exploit module for TeamCity Agent XMLRPC 2018-10-03 18:33:10 +08:00
Thomas Gregory cb5d68b641 Fixing based on msftidy.rb 
Makes msftidy happy
 2018-10-03 17:13:24 +07:00
bwatters-r7 428d368444 shut up, rubocop 2018-10-02 14:40:55 -05:00
bwatters-r7 64d53cd882 code cleanup 2018-10-02 14:06:25 -05:00
Fabio Poloni 4927f96f61 Fixed small typo 2018-10-02 15:57:57 +02:00
Jacob Robles 97729727d8 Minor modifications 2018-10-02 06:57:04 -05:00
Rob 6f5a8f8f42 Fix outdated metadata 2018-10-01 18:59:09 +01:00
Tim W dea3f90e0b add documentation with the current status 2018-10-01 17:54:00 +08:00
modpr0be ff560ee990 Add test for Zahir 0day exploit 
Add test for Zahir 0day exploit, need to test more e.g. VirtualBox or Physical machines.
 2018-09-29 18:59:14 +07:00
William Vu ee06ec2fda Background a subshell to continue execution 
This provides a more stable injection. I should have tested this sooner.
 2018-09-27 23:51:42 -05:00
William Vu 0dab5b622f Change default target to cmd/unix 2018-09-27 23:39:32 -05:00
William Vu e999b4d81c Lower rank to AverageRanking 2018-09-27 23:28:13 -05:00
William Vu 7a2d0acee6 Add basic check method and move rand_srv 
The .srv can be random each request.
 2018-09-27 23:28:13 -05:00
William Vu d29d936d6f Bump WfsDelay to 10 for this slow-ass device 2018-09-27 23:28:13 -05:00
asoto-r7 e4256f4595 Make ENABLE_STATIC an OptBool, as I should have done in the first place 2018-09-27 17:54:22 -05:00
Pyriphlegethon 342cfe4199 Refactor again 2018-09-27 12:38:05 +02:00
Pyriphlegethon 82b1f40925 Add cleanup code 2018-09-27 11:17:53 +02:00
Pyriphlegethon 2b86297138 Refactor 2018-09-27 11:16:54 +02:00
Pyriphlegethon f55483d17d Fix incorrect session_id extraction 2018-09-27 11:07:43 +02:00
Wei Chen 9064fac1ff Fix code based on Will's feedback 2018-09-26 21:13:37 -05:00
Wei Chen 583874d370 Update use of reliability/side-effects/stability metadata 2018-09-26 18:54:08 -05:00
Pyriphlegethon f882c3aec2 Add Navigate CMS Unauthenticated Remote Code Execution 2018-09-26 21:39:15 +02:00
h00die b486708b02 Land #10663 extremeparr solaris LPE 2018-09-23 13:53:18 -04:00
Dhiraj Mishra db15340306 Fixing 2018-09-22 15:30:51 +05:30
Dhiraj Mishra 25ed5dc3a6 Moving to exploits/windows/local 2018-09-22 15:22:30 +05:30
Brendan Coles 7687e6e7b7 Update tested versions 2018-09-22 03:57:03 +00:00
bwatters-r7 849547793b Land #10643, CVE-2018-8440 ALPC Scheduler 
Merge branch 'land-10643' into upstream-master
 2018-09-21 15:38:45 -05:00
Jacob Robles 47bf780b88 specify meterpreter, update documentation 
Warning is after spell...
 2018-09-21 12:31:56 -05:00
Jacob Robles c9de43c8d0 Code cleanup, feedback from bcoles 2018-09-21 10:11:26 -05:00