adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

27999 Commits

Author SHA1 Message Date
Brendan Coles d8ab6a552b Add lkrg_installed? checks 2018-12-08 13:37:12 +00:00
Brent Cook 2e5e392085 Land #11079, add kernel configuration checks to local exploits 2018-12-08 06:58:48 -06:00
Brent Cook 0ce05f0c07 update payload sizes 2018-12-08 06:24:02 -06:00
Imran E. Dawoodjee fdb0a80442 Improved version check, made requests more organic, 
and improved made PowerShell work on version 6.0.2.
 2018-12-08 19:48:26 +08:00
Brent Cook df76521100 Land #11066, add rpc output locking, fix logging 2018-12-07 13:49:10 -06:00
Brent Cook 7f4d97ef46 don't embed status characters in messages, use correct logging instead 2018-12-07 13:29:56 -06:00
Imran E. Dawoodjee 2918acc0d2 Added links to functionality and cleaned up check 
to make it much cleaner per @bcoles's recommendations.
 2018-12-08 03:17:52 +08:00
Brendan Coles 80d83720df Add Msf::Post::Linux::Kernel.lkrg_installed? method 2018-12-07 14:42:16 +00:00
Imran E. Dawoodjee 29627331cf Implemented @bcole's recommendations. 2018-12-07 18:48:57 +08:00
Imran E. Dawoodjee 0573caafc3 Improved check method. 2018-12-07 17:21:38 +08:00
Brendan Coles 275c043cfd Add kernel_config checks 2018-12-07 03:28:17 +00:00
Brent Cook 0345c8f66c update mettle payloads 
This is a large update to mettle payloads including:

 * Adds globbing support to the `ls` command (https://github.com/rapid7/mettle/pull/139)
 * Fixes crashes on iOS platforms when cryptTLV is enabled (https://github.com/rapid7/mettle/pull/142)
 * Fixes display of the OS version on macOS and iOS (https://github.com/rapid7/mettle/pull/143)
 * Fixes the local port handling for pivoted client network connections (https://github.com/rapid7/mettle/pull/144)
 * Fixes an unaligned memory access in TLV packet handling, needed for some CPUs (https://github.com/rapid7/mettle/pull/145)
 * Fixes some compatibility issues building on Solaris (https://github.com/rapid7/mettle/pull/147)
 * Updated libpcap, mbedtls, and libcurl to the latest versions (https://github.com/rapid7/mettle/pull/146)
 2018-12-06 21:16:41 -06:00
Brent Cook 7d8458d8d4 Land #11076, Prevent storing empty config files as loot 2018-12-06 20:30:08 -06:00
epi c3a40d3752 Remove trailing whitespace at EOL. 2018-12-06 20:18:21 -06:00
Brent Cook 71f84fe6a7 Land #11060, Add checks to post/linux/gather/enum_protections 2018-12-06 20:17:50 -06:00
epi 392ad18dba Implement reverse_ipv6 shellcode via metasm in lib. 
Per the linked request
    https://github.com/rapid7/metasploit-framework/pull/11039#issuecomment-443915955
Rewrote previous version of payload module to make use of metasm for
more reusable shellcode.
 2018-12-06 20:10:07 -06:00
epi f728b46a80 WIP on add-linux-x64-ipv6-bind-shell: 87fa3af6b9 Implement shellcode via metasm in lib. 2018-12-06 16:23:20 -06:00
Tod Beardsley 140833215f Add CVE as issued by DWF 
See discussion on #10987.

Now that I said that out loud, I realize that the original PR for this
module is a really funny PR number.
 2018-12-06 14:59:05 -06:00
Imran E. Dawoodjee 92c56472ba Improved module and added documentation. 2018-12-07 03:02:37 +08:00
Brendan Coles eecc5d60e0 Prevent storing empty config files as loot 2018-12-06 13:06:50 +00:00
Berk Dusunur f94559a36a Update nuuo_nvrmini_upgrade_rce.rb 2018-12-06 07:09:44 +03:00
Berk Dusunur 9d7389b448 Update nuuo_nvrmini_upgrade_rce.rb 2018-12-06 07:04:24 +03:00
Berk Dusunur cbe3f0eec9 Update nuuo_nvrmini_upgrade_rce.rb 2018-12-06 06:36:29 +03:00
Berk Dusunur 4880dcbda8 Update nuuo_nvrmini_upgrade_rce.rb 2018-12-06 06:34:13 +03:00
Berk Dusunur ca558d4b14 Update nuuo_nvrmini_upgrade_rce.rb 2018-12-06 06:26:34 +03:00
Berk Dusunur c72065987b Update nuuo_nvrmini_upgrade_rce.rb 2018-12-06 06:19:16 +03:00
Berk Dusunur 3ac5096e1a Create nuuo_nvrmini_upgrade_rce.rb 2018-12-06 05:51:10 +03:00
Christopher Lee b0560c1ec8 Centralize logging sync, fix minor logging issues 2018-12-05 12:42:44 -06:00
epi 87fa3af6b9 Implement shellcode via metasm in lib. 
Per the linked request
    https://github.com/rapid7/metasploit-framework/pull/11039#issuecomment-443915955
Rewrote previous payload module to make use of metasm for more reusable
shellcode.
 2018-12-05 06:14:31 -06:00
Julien Legras 224e782772 Cleaned the create_wp_config_file function 2018-12-05 10:56:22 +01:00
Julien Legras 2774c17ca1 Replaced print_error and return with a fail_with 2018-12-05 10:11:09 +01:00
Thomas Gregory 1bc024eaa7 Update cyberlink_lpp_bof.rb 
Update includes all suggestions and new targets (Win8.1 x64 and Win10 x64)
 2018-12-05 14:53:10 +07:00
Julien Legras 2735c71bda Fixed typos, removed not working cleaning 2018-12-04 18:42:54 +01:00
Brent Cook 55a9a12670 Land #10964, add initial golang modules for enumerating owa/o365 2018-12-04 10:33:37 -06:00
Brendan Coles 40906e0b36 Add checks to post/linux/gather/enum_protections 2018-12-04 11:57:24 +00:00
Julien Legras b58342843b Refactored check 2018-12-04 12:03:49 +01:00
asoto-r7 c27c149a4d Land #10947, HPE Intelligent Management Center Java Deserialization RCE 2018-12-03 17:07:31 -06:00
asoto-r7 0f82b207c4 hp_imc_java_deserialize: Repro steps for JSONSS ysoserial payload sections 2018-12-03 17:03:04 -06:00
asoto-r7 3f930ff141 hp_imc_java_deserialize: Default WfsDelay to 10 seconds to increase reliability 2018-12-03 16:36:37 -06:00
Brent Cook ffb57387b4 Land #11049, Add Emacs movemail local exploit 2018-12-03 12:43:56 -06:00
William Vu 4242de3468 Refactor check method 2018-12-03 12:22:40 -06:00
bwatters-r7 df9c3da47e Land #10842, Add Windows Post Module to roll back Windows Defender signatures 
Merge branch 'land-10842' into upstream-master
 2018-12-03 10:57:38 -06:00
Christopher Lee b11bcd92a4 Broken into 3 modules, addressed review comments 2018-12-03 10:25:21 -06:00
Jeffrey Martin ab1bea1b22 Land #10798, Cisco device manager update 2018-12-03 01:39:19 -06:00
Brendan Coles 58dde9ff33 Apply suggestions from code review 
Co-Authored-By: defaultnamehere <defaultnamehere@users.noreply.github.com>
 2018-12-03 18:39:07 +11:00
Alex d0aca05c69 Add post/chrome/gather/cookies module 2018-12-03 16:07:50 +11:00
William Vu d1220bc170 Add Emacs movemail local exploit 2018-12-01 12:05:08 -06:00
epi 8cece2cf54 Add Linux x86_64 IPv6 Inline Bind Shell 
Implements inline x86_64 Linux bourne bind shell over IPv6.
 2018-12-01 07:39:38 -06:00
bwatters-r7 a801d741c9 Remove old module 2018-11-30 17:28:54 -06:00
bwatters-r7 70031b6721 Shut up msftidy and document updates 2018-11-30 16:41:40 -06:00