adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

55054 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Metasploit 43daaa9ce5 Bump version of framework to 5.0.69 2020-01-09 12:05:24 -06:00
Jeffrey Martin c169598819 Need to force on bunlde when using clean. 2020-01-09 11:28:43 -06:00
Metasploit fd28cdbb89 automatic module_metadata_base.json update 5.0.68 2020-01-09 09:23:05 -06:00
Tim W 2568f86d57 Land #12804, add support for macOS in web_delivery 2020-01-09 23:12:37 +08:00
Francesco Soncina abb95ef465 feat(web_delivery): use disown on linux too 2020-01-09 15:02:04 +01:00
Francesco Soncina 1f191bc73e feat: support osx in web_delivery 2020-01-09 14:59:47 +01:00
Metasploit 8e4ddf1b2b automatic module_metadata_base.json update 2020-01-09 07:38:01 -06:00
Tim W dabd0df81a Land #12799, fix python web_delivery when SSL=true 2020-01-09 21:28:42 +08:00
Jacob Baines caa02c7d2e Added exploit module for CVE-2019-3929 2020-01-09 08:03:52 -05:00
Francesco Soncina 542f582fed fix: ignore SSL cert in python web_delivery 2020-01-08 13:22:03 +01:00
Tim W 6cb1feb2a6 Land #12779, Fix #12777, add PrependSetuid and PrependSetresuid on armle 2020-01-07 14:47:56 +08:00
Tim W 13a7bf17e2 fix asm comments 2020-01-07 14:45:41 +08:00
zerosum0x0 b76f2a9e08 inject mouse move events, verbose groom progress/elapsed time, danger zone warnings 2020-01-06 23:42:01 -07:00
Leo Le Bouter 756879d3d6 Fix msftidy 2020-01-06 18:14:58 +01:00
Brendan Coles c2a12949a0 Add lwp-request CmdStager 2020-01-06 16:47:17 +00:00
leo-lb f1ae217bb0 Single-core machines are safe from this exploit. 2020-01-06 05:21:51 +01:00
Brendan Coles 326fd26219 Check for nil response due to connection failure 2020-01-05 21:39:34 +00:00
Dhiraj Mishra 8034db2c5f Update modules/auxiliary/scanner/http/tvt_nvms_traversal.rb 
Co-Authored-By: acammack-r7 <adam_cammack@rapid7.com>
 2020-01-05 12:53:46 +04:00
Dhiraj Mishra 13b72282a6 Update modules/auxiliary/scanner/http/tvt_nvms_traversal.rb 
Co-Authored-By: acammack-r7 <adam_cammack@rapid7.com>
 2020-01-05 12:53:38 +04:00
Dhiraj Mishra 4b9685005e Update modules/auxiliary/scanner/http/tvt_nvms_traversal.rb 
Co-Authored-By: acammack-r7 <adam_cammack@rapid7.com>
 2020-01-05 12:53:03 +04:00
Dhiraj Mishra da06ecc83b Update modules/auxiliary/scanner/http/tvt_nvms_traversal.rb 
Co-Authored-By: acammack-r7 <adam_cammack@rapid7.com>
 2020-01-05 12:52:47 +04:00
h00die 4d273a94b6 cleanup spaces at eol 2020-01-04 13:51:56 -05:00
h00die 0edaf1fc54 add optimize kernel to hashcat 2020-01-04 13:38:48 -05:00
Brendan Coles 30e86f3779 Land #12788, Add rds_rds_page_copy_user_priv_esc re-exploitation notes 2020-01-04 18:24:55 +00:00
Brendan Coles 424d869b2f Land #12785, Fix aux/scanner/telnet/telnet_login prompt parsing regex 2020-01-04 17:55:27 +00:00
h00die f822a13926 update rds docs 2020-01-04 12:47:36 -05:00
h00die 22a1c09715 fix telnet login with a / in it being parsed as a regex 2020-01-04 10:50:47 -05:00
Brendan Coles c8fb76182c Use PROGRAMDATA environment variable 2020-01-03 20:32:01 +00:00
Brendan Coles b3e9d9aee9 Add Plantronics Hub SpokesUpdateService Privilege Escalation 2020-01-03 20:13:27 +00:00
Nicholas Starke dd240e335c Minor formatting fixes for Setuid 2020-01-03 09:51:54 -06:00
Nicholas Starke 4aaca5031b Adding ARMLE Support for PrependSetresuid 2020-01-03 09:49:40 -06:00
Nicholas Starke 1b72d80dd2 Adding PrependSetuid support for ARMLE Targets 
This commit adds support for PrependSetuid for ARMLE targets to
msfvenom.  I tested the output binaries successfully on a
Raspberry Pi.
 2020-01-03 08:03:54 -06:00
Metasploit add7e844b0 Bump version of framework to 5.0.68 2020-01-02 12:03:33 -06:00
Brent Cook 30ddabba92 add PROTOCOL option for sunrpc_portmapper 2020-01-02 09:52:18 -06:00
Dhiraj Mishra e23c67d129 tvt_nvms_traversal.md 2020-01-01 15:34:04 +05:30
Dhiraj Mishra 1263292cde tvt_nvms_traversal.rb 2020-01-01 15:06:18 +05:30
secenv 0d592a3fca Replace send_request_cgi with send_request_raw 
msftidy complains about not using vars_get... Which won't work in this case.
 2019-12-31 13:36:09 -03:00
secenv b6731a6d1c Remove printf as flavor 
There is no printf in this router.
 2019-12-31 13:10:59 -03:00
secenv bedb1132b7 Convert to staged exploit 
Works with meterpreter now :D
 2019-12-31 13:08:51 -03:00
secenv 5f2c29946c Remove the prompt variable + some EOL spaces; modify rand() 
As suggested by @bcoles
 2019-12-31 11:19:59 -03:00
secenv 2eec026a28 D-Link DIR-859 Unauthenticated RCE (CVE-2019-17621) 
Exploits a vulnerability in the /gena.cgi UPnP endpoint in D-Link DIR-859 (and potentially other) SOHO routers. CVE ID: 2019-17621.
Code based on modules/exploits/linux/http/dlink_dir300_exec_telnet.rb
 2019-12-30 19:22:04 -03:00
Metasploit cd566846dd automatic module_metadata_base.json update 5.0.67 2019-12-27 04:04:24 -06:00
Brent Cook e8cd136e56 Land #12712, add OpenBSD Dynamic Loader chpass privesc 2019-12-27 03:56:02 -06:00
Metasploit d2e2dcf85e automatic module_metadata_base.json update 2019-12-26 13:59:49 -06:00
Brent Cook f4a0ef2ee9 Land #12640, improve Wordpress check versions 
Merge remote-tracking branch 'upstream/pr/12640' into upstream-master
 2019-12-26 13:47:04 -06:00
Brent Cook 8061cdf974 Land #12760, improvements to linux/local/bpf_priv_esc module 2019-12-26 13:43:54 -06:00
Brent Cook 4de482f57a Land #12433, add Metasploit reverse_http handler DoS module 2019-12-26 13:40:14 -06:00
Brent Cook d87f752591 add module docs 2019-12-26 13:31:38 -06:00
Brent Cook b177a8235d adjust indentation 2019-12-26 13:05:21 -06:00
Brent Cook 3dac95ed32 fix enumeration handling 2019-12-26 13:00:52 -06:00