adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

27999 Commits

Author SHA1 Message Date
yaumn 074c73236a Update modules/exploits/linux/local/exim4_deliver_message_priv_esc.rb 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-07-10 17:24:32 +01:00
yaumn 7812e0037b Update modules/exploits/linux/local/exim4_deliver_message_priv_esc.rb 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-07-10 17:24:13 +01:00
yaumn af89433c1d Update modules/exploits/linux/local/exim4_deliver_message_priv_esc.rb 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-07-10 17:23:50 +01:00
yaumn 9ffbfe0985 Update modules/exploits/linux/local/exim4_deliver_message_priv_esc.rb 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-07-10 17:23:38 +01:00
yaumn a06dffa174 Update modules/exploits/linux/local/exim4_deliver_message_priv_esc.rb 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-07-10 17:22:52 +01:00
William Vu c917ec70d1 Fix missing split in struts2_rest_xstream 2019-07-10 11:15:36 -05:00
William Vu cd3ffb92ef Land #12072, cmd_psh_payload arch string fixes 2019-07-10 10:38:22 -05:00
Guillaume Andre 5d52b0326b Add better checks at the beginning of the exploit. 
Change-Id: Ib80907f03f15b6c0cf32b48f059cf042e4d6a91f
 2019-07-10 11:33:09 +01:00
h00die 9274b1d259 Land #12024, add gatherproof to ssh_login modules 2019-07-09 20:35:49 -04:00
Pedro Ribeiro 54b6e489a8 Add full disc link 2019-07-10 01:03:01 +01:00
William Vu e6300bfd63 Fix cmd_psh_payload requiring an arch string 
We may want to update Rex::Powershell to take the first in an array.
 2019-07-09 17:43:23 -05:00
Shelby Pace 70d67f1dbb merged write_to_disk and load_dll_with_diaghub 2019-07-09 11:39:38 -05:00
Shelby Pace 86d0d1d153 remove validate_target 2019-07-09 10:52:02 -05:00
Guillaume Andre b68383141c Added Qualys and dhn to credits. Set suid bit of payload instead of shell launcher. Print detected exim version 
Change-Id: I61805a4d2b6f7f8a268b677c3c6f1d76ada034da
 2019-07-09 16:51:14 +01:00
Shelby Pace f7aa6d79d7 Update modules/exploits/windows/local/appxsvc_hard_link_privesc.rb 
Co-Authored-By: @shellfail <jrobles@rapid7.com>
 2019-07-09 10:47:57 -05:00
Shelby Pace c647d0ba52 made suggested change to write_payload 2019-07-09 10:46:46 -05:00
Shelby Pace 096857d1ad swap check codes 2019-07-09 10:01:49 -05:00
Jacob Robles a55aea33a9 Add cve-2018-8453 exploit module 2019-07-09 07:15:13 -05:00
Shelby Pace ccdb7ba262 remove unused variable 2019-07-08 12:57:47 -05:00
Shelby Pace f0f1a41ba5 add documentation and module 2019-07-08 12:49:22 -05:00
h00die b7df6c1272 juniper cisco local config eaters 2019-07-07 21:49:48 -04:00
Patrick Webster 163e85bad9 fail Spaces at EOL is effing stupid unless the line is exponentiall^y long. 2019-07-08 11:36:49 +10:00
Patrick Webster a9ecef74fd Guessing build fail must be this. 2019-07-08 09:30:52 +10:00
Patrick Webster 5a035aaf7c Owch fix syntax. 2019-07-08 09:18:39 +10:00
yaumn df46faf71f Finish documentation. Exploit is stable. 2019-07-07 23:58:29 +01:00
Patrick Webster 691c606c53 Also some bare POSTs work. 2019-07-08 05:13:38 +10:00
Patrick Webster a9791fad74 Added Lavarel PHP exploit module with fixes. 2019-07-08 00:50:13 +10:00
yaumn 7b2a1b67ed Add a documentation file 2019-07-07 00:25:54 +01:00
Pedro Ribeiro 0f32f03dfd Update cisco_dcnm_download.rb 2019-07-06 23:15:19 +08:00
Pedro Ribeiro 691dfeaf00 Add files via upload 2019-07-06 22:58:49 +08:00
Pedro Ribeiro 9465a3c143 Delete cisco_dcnm_download.rb 2019-07-06 22:58:28 +08:00
Pedro Ribeiro f45ad6f30a add exploit for CVE-2019-1621 2019-07-06 22:56:12 +08:00
yaumn a5843e48a9 Basic reverse shell does not disconnect anymore 2019-07-06 00:53:33 +01:00
Guillaume Andre 4c2cacd7d6 Add meterpreter support 2019-07-05 16:53:39 +01:00
yaumn 2c8ad0e357 First tests with meterpreter sockets 2019-07-05 01:04:15 +01:00
yaumn 74eb74e606 Pipe method with netcat now works 2019-07-04 23:15:23 +01:00
Guillaume Andre e4c27d3eab Clean pipe file 
Change-Id: Ibc78639ad44eb56ffa26fcfb4f656b5a78dbf76a
 2019-07-04 16:20:13 +01:00
Guillaume Andre 3c0b581371 Clean code 
Change-Id: I83287dcd52c4ba566396a0ff7e4f3c3125d12bb0
 2019-07-04 16:16:27 +01:00
Guillaume Andre 9b378ceb71 Add options. Add pipe netcat method 
Change-Id: I0c401add1c2ff76e3e2c3d82a8fb7f74db405a1f
 2019-07-04 15:02:03 +01:00
yaumn bddfef0cac Add options. Exploits now works with both setuid and nc methods 2019-07-04 00:16:28 +01:00
yaumn bb58160d10 Exploits now also works with netcat 2019-07-03 14:30:23 +01:00
yaumn 4f1d9af5fd Add netcat method (still buggy though) 2019-07-03 14:30:23 +01:00
Guillaume Andre a2411a1d63 First version of the exploit is now working 
Change-Id: Idf6b6d773cf71c477fe68885313f5f98d74d9c11
 2019-07-03 14:30:23 +01:00
Guillaume Andre bef6425d0e First commit 
Change-Id: If751eb1753fc8991fe7971c7123a203734396a46
 2019-07-03 14:30:23 +01:00
Brendan Coles cd1669f2b2 Use identify_hash for creds 2019-07-03 08:33:26 +00:00
William Vu ef20123c34 Land #12044, snmp_enum SNMP::NoSuchInstance fix 2019-07-02 16:26:33 -05:00
Matthew Kienow 260c369aff Fix network interface processing 
The SNMP walk operation can return an SNMP::NoSuchInstance class.
The error class must be handled rather than attempting to use it as a
valid value.
 2019-07-02 15:14:55 -04:00
William Vu 5e04ab2e66 Add lokiuox to bypassuac_silentcleanup authors 
Looks like they were removed by accident.
 2019-07-02 12:36:07 -05:00
Brendan Coles a0538a9613 Add Xymon useradm Command Execution module 2019-07-02 14:04:07 +00:00
h00die a42c7ea736 land #11990 windows tomcat cmdlinearguments 2019-07-01 17:29:02 -04:00