adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

55054 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
bwatters-r7 1aa412ccc0 add some of bcoles suggested fixes 2020-02-19 13:52:38 -05:00
bwatters-r7 f44f200f49 Remove problematic ruby cmd payloads and fix missing require in reverse_ssh 2020-02-19 13:52:38 -05:00
William Vu 7a9ecd76c5 Land #12946, set PAYLOAD normalization 2020-02-19 11:19:51 -06:00
William Vu c5917048fb Make quotes consistent 2020-02-19 11:19:42 -06:00
Adam Galway e25cf99ce3 improved sub! regex 2020-02-19 17:12:28 +00:00
Adam Galway 9b52ece7b7 simplifies start_with? 2020-02-19 17:06:02 +00:00
Metasploit 9010446a48 automatic module_metadata_base.json update 2020-02-19 10:45:52 -06:00
Shelby Pace db8555e007 Land #12942, add Diamorphine privilege escalation 2020-02-19 10:36:39 -06:00
Adam Galway d670276148 Land #12954, fixes typos in CrossChex exploit docs 2020-02-19 15:40:46 +00:00
dwelch-r7 a8af2a227e Land #12958, Fix broken module doc link 2020-02-19 14:07:25 +00:00
Alan Foster e1cd219d63 Fix broken module documentation link 2020-02-19 13:02:57 +00:00
0x44434241 4288632203 Applied suggestions from rubocop. 
Feedback from bwatters-r7
 2020-02-19 16:59:08 +09:00
William Vu 7dc1315dac Update logic for ForceExploit in my modules 
This lets the user opt out of running check completely.
 2020-02-19 01:06:50 -06:00
Metasploit a016ca4b4f automatic module_metadata_base.json update 2020-02-19 00:55:05 -06:00
William Vu ede90ef9a1 Land #12938, CPU vulns for Linux enum_system 2020-02-19 00:46:32 -06:00
Tim W 89dc1aebf8 add stderr output and attempt to fix utf8 2020-02-19 13:28:53 +08:00
William Vu 0264802756 Reformat module doc 2020-02-18 23:28:08 -06:00
William Vu a34ffb3694 Fix typos in module doc 2020-02-18 23:27:15 -06:00
William Vu 6ad9956af8 Correct module doc filename 2020-02-18 23:24:46 -06:00
William Vu 4fa3b25788 Correct language in crosschex_device_bof 2020-02-18 23:18:45 -06:00
William Vu 48ebd500b6 Land #12948, Zsh completions update 2020-02-18 22:21:20 -06:00
0x44434241 028285de77 Refactoring juicy potato check() logic. 
Previously, server 2016/19 was not correctly detected and falsely
reporting as vulnerable, because the check was overly trusting the
reported OS name - see PR #355 for a description of the problem.

Furthermore, I discovered a self-introduced bug in the regex of build
detection, which would in some cases first match on '2016' and not the
build number, which would be less than the five-digit build number for
the forseeable future.

Testing data included in PR comments.

Feedback from @bwatters-r7
 2020-02-19 11:19:02 +09:00
Metasploit ef108ea71d automatic module_metadata_base.json update 2020-02-18 19:43:32 -06:00
Tim W aa1fdb2075 Land #12724, server AMSI and SBL separately from psh stager in web_delivery 2020-02-19 09:33:25 +08:00
Tim W 516deaaf49 use rex-powershell 0.1.86 2020-02-19 09:29:47 +08:00
Tim W 0d8a86905a fix sessions -K 2020-02-19 08:30:45 +08:00
Tim W 5497876fd2 fix #12579, make reverse_powershell great again 2020-02-19 07:58:59 +08:00
Spencer McIntyre 0bf6d3e645 Fix a ttypo in the _msfconsole zsh completion 2020-02-18 17:25:40 -05:00
Spencer McIntyre fadb51eae3 Make the zsh completion help messages consistent 2020-02-18 13:24:20 -05:00
Spencer McIntyre 7f046a7d89 Update zsh completion definitions 2020-02-18 13:24:20 -05:00
Adam Galway 62eb756fe2 establish parity with #8882 2020-02-18 16:28:44 +00:00
Metasploit 4c11711a44 automatic module_metadata_base.json update 2020-02-18 09:41:22 -06:00
wvu-r7 6718a7dd78 Land #12950, fix for #12949 2020-02-18 09:34:37 -06:00
Brent Cook 9aac803f41 remove a scratchpad line I saved while testing blog link fixes 2020-02-18 09:26:29 -06:00
Metasploit b76e76b00e automatic module_metadata_base.json update 2020-02-18 09:22:58 -06:00
William Vu 6b940a02ca Land #12949, Rapid7 blog reference fixes 2020-02-18 09:14:36 -06:00
Brent Cook 8489bcdfd9 This fixes broken links to the community.rapid7.com blog 
Performed mechanically with sed, spot-checked that the new blog can consume these links.
 2020-02-18 09:06:11 -06:00
Spencer McIntyre c2326f07c9 Land #12932, optionally show the payload stage 
Add the -v flag to optionally show the payload stage in the generate
command.
 2020-02-18 08:55:37 -05:00
Adam Galway 235861d4ed removes greedy if 2020-02-18 10:30:36 +00:00
Adam Galway 13784bb35d replaces if statements with regex 2020-02-18 09:51:39 +00:00
Adam Galway 62e5757baa filters /payload/ from set PAYLOAD values 2020-02-17 16:00:58 +00:00
Metasploit e9f8532a68 automatic module_metadata_base.json update 2020-02-17 06:10:06 -06:00
Adam Galway 48ba1026c6 Land 12915, adds windows ssh persistence module 2020-02-17 12:02:49 +00:00
Tim W f630990b3b use random amsi resource url 2020-02-17 10:07:18 +08:00
Metasploit 36f45d5bf3 automatic module_metadata_base.json update 2020-02-16 19:34:53 -06:00
Tim W 808a158c84 Land #12931, fix the OSX password_prompt_spoof prompt module on Mojave and Catalina 2020-02-17 09:23:19 +08:00
Brendan Coles ac6d0e4391 Add Diamorphine Rootkit Signal Privilege Escalation module 2020-02-16 14:53:16 +00:00
Metasploit 8167fee11e automatic module_metadata_base.json update 2020-02-16 08:15:43 -06:00
Brendan Coles 1db1bed08f Land #12892, set default username for mysql and mssql aux login modules 
Set default username `sa` for auxiliary/scanner/mssql/mssql_login
Set default username `root` for auxiliary/scanner/mysql/mysql_login

Enable `BLANK_PASSWORDS` option by default for both modules,
as the default users make use of a blank password in by default.
 2020-02-16 14:20:56 +00:00
Metasploit c80ab651cb automatic module_metadata_base.json update 2020-02-15 22:25:36 -06:00