adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

27999 Commits

Author SHA1 Message Date
secenv eab0bd5755 Randomize "Callback" header URL 2020-01-13 11:39:23 -03:00
RAMELLA Sébastien 5d3ad626e6 add. documentation 2020-01-13 18:22:09 +04:00
Brent Cook 20cf419e18 Land #12797, improve BlueKeep over remote networks 2020-01-12 17:15:29 -06:00
RAMELLA Sébastien 1570118a14 fix: again chmod 644 WTF! 2020-01-13 01:43:15 +04:00
RAMELLA Sébastien a64b0fa9e7 add. python staged meterpreter support 2020-01-13 01:25:29 +04:00
RAMELLA Sébastien c323df180a fix. file perms to 664 2020-01-12 22:10:23 +04:00
RAMELLA Sébastien 50637d0d91 add initial source code 2020-01-12 21:12:14 +04:00
Brent Cook 33dadefd53 move rdp_move_mouse to rdp library, add GROOMDELAY 2020-01-12 08:19:44 -06:00
Alton Johnson b3bf82be07 Changed permission from executable to just readable 2020-01-11 19:31:38 -05:00
kalba-security 03d6d1aed5 Add citrix_directory_traversal module to /modules/auxiliary/scanner/http/ 2020-01-11 22:45:00 +02:00
Tim W 2ea5bd139a Land #12792, Fix #12791, check for nil response on connection failure in efs_fmws_userid_bof 2020-01-10 16:31:32 +08:00
bluesentinelsec 7eeb8c33eb Added new post exploitation module: 'Install OpenSSH for Windows' 2020-01-09 19:58:31 -05:00
Francesco Soncina abb95ef465 feat(web_delivery): use disown on linux too 2020-01-09 15:02:04 +01:00
Francesco Soncina 1f191bc73e feat: support osx in web_delivery 2020-01-09 14:59:47 +01:00
Jacob Baines caa02c7d2e Added exploit module for CVE-2019-3929 2020-01-09 08:03:52 -05:00
Francesco Soncina 542f582fed fix: ignore SSL cert in python web_delivery 2020-01-08 13:22:03 +01:00
zerosum0x0 b76f2a9e08 inject mouse move events, verbose groom progress/elapsed time, danger zone warnings 2020-01-06 23:42:01 -07:00
Leo Le Bouter 756879d3d6 Fix msftidy 2020-01-06 18:14:58 +01:00
leo-lb f1ae217bb0 Single-core machines are safe from this exploit. 2020-01-06 05:21:51 +01:00
Brendan Coles 326fd26219 Check for nil response due to connection failure 2020-01-05 21:39:34 +00:00
Dhiraj Mishra 8034db2c5f Update modules/auxiliary/scanner/http/tvt_nvms_traversal.rb 
Co-Authored-By: acammack-r7 <adam_cammack@rapid7.com>
 2020-01-05 12:53:46 +04:00
Dhiraj Mishra 13b72282a6 Update modules/auxiliary/scanner/http/tvt_nvms_traversal.rb 
Co-Authored-By: acammack-r7 <adam_cammack@rapid7.com>
 2020-01-05 12:53:38 +04:00
Dhiraj Mishra 4b9685005e Update modules/auxiliary/scanner/http/tvt_nvms_traversal.rb 
Co-Authored-By: acammack-r7 <adam_cammack@rapid7.com>
 2020-01-05 12:53:03 +04:00
Dhiraj Mishra da06ecc83b Update modules/auxiliary/scanner/http/tvt_nvms_traversal.rb 
Co-Authored-By: acammack-r7 <adam_cammack@rapid7.com>
 2020-01-05 12:52:47 +04:00
Brendan Coles c8fb76182c Use PROGRAMDATA environment variable 2020-01-03 20:32:01 +00:00
Brendan Coles b3e9d9aee9 Add Plantronics Hub SpokesUpdateService Privilege Escalation 2020-01-03 20:13:27 +00:00
Brent Cook 30ddabba92 add PROTOCOL option for sunrpc_portmapper 2020-01-02 09:52:18 -06:00
Dhiraj Mishra 1263292cde tvt_nvms_traversal.rb 2020-01-01 15:06:18 +05:30
secenv 0d592a3fca Replace send_request_cgi with send_request_raw 
msftidy complains about not using vars_get... Which won't work in this case.
 2019-12-31 13:36:09 -03:00
secenv b6731a6d1c Remove printf as flavor 
There is no printf in this router.
 2019-12-31 13:10:59 -03:00
secenv bedb1132b7 Convert to staged exploit 
Works with meterpreter now :D
 2019-12-31 13:08:51 -03:00
secenv 5f2c29946c Remove the prompt variable + some EOL spaces; modify rand() 
As suggested by @bcoles
 2019-12-31 11:19:59 -03:00
secenv 2eec026a28 D-Link DIR-859 Unauthenticated RCE (CVE-2019-17621) 
Exploits a vulnerability in the /gena.cgi UPnP endpoint in D-Link DIR-859 (and potentially other) SOHO routers. CVE ID: 2019-17621.
Code based on modules/exploits/linux/http/dlink_dir300_exec_telnet.rb
 2019-12-30 19:22:04 -03:00
Brent Cook e8cd136e56 Land #12712, add OpenBSD Dynamic Loader chpass privesc 2019-12-27 03:56:02 -06:00
Brent Cook 8061cdf974 Land #12760, improvements to linux/local/bpf_priv_esc module 2019-12-26 13:43:54 -06:00
Brent Cook 4de482f57a Land #12433, add Metasploit reverse_http handler DoS module 2019-12-26 13:40:14 -06:00
Brent Cook d87f752591 add module docs 2019-12-26 13:31:38 -06:00
Brent Cook b177a8235d adjust indentation 2019-12-26 13:05:21 -06:00
Brent Cook 3dac95ed32 fix enumeration handling 2019-12-26 13:00:52 -06:00
Brendan Coles a7b63557db Notify operator that cleanup of crontab is required 2019-12-26 16:21:44 +00:00
Brendan Coles d449a93b44 Add Msf::Post::File.attributes method 2019-12-25 07:34:44 +00:00
wvu-r7 e89a596e5c Land #12754, ForceExploit for 4.3BSD exploits 2019-12-23 19:13:42 -06:00
William Vu 01b6bc112d Rescue EOFError for good measure 2019-12-23 19:02:13 -06:00
William Vu 81f8f4f67f Add ForceExploit to 4.3BSD (VAX) exploits 2019-12-23 18:17:09 -06:00
Brent Cook ce991071e4 Land #12524, update most python code with python 3 compatibility 2019-12-23 14:49:08 -06:00
h00die 4f8382fc98 Land #12744, rds lpe updates and improvements 2019-12-22 10:21:03 -05:00
h00die 4e1e8d344f rds reliability, stability notes 2019-12-22 10:20:00 -05:00
Brendan Coles 4c0fc3a505 Add OpenBSD Dynamic Loader chpass Privilege Escalation (CVE-2019-19726) 2019-12-22 08:46:43 +00:00
h00die 7a027216cc Land #12701 linux priv esc on reptile_cmd rootkit 2019-12-21 15:50:07 -05:00
Shelby Pace 894927d960 Land #12693, add Comahawk privilege escalation 2019-12-18 15:40:51 -06:00