2c8ad0e357
First tests with meterpreter sockets
2019-07-05 01:04:15 +01:00
74eb74e606
Pipe method with netcat now works
2019-07-04 23:15:23 +01:00
0d1385d8d5
Merge pull request #12 from jrobles-r7/tika
...
Tika module updates, check and CmdStager
2019-07-04 13:38:29 -04:00
c1c600cbe8
Bump version of framework to 5.0.36
2019-07-04 10:10:16 -07:00
e4c27d3eab
Clean pipe file
...
Change-Id: Ibc78639ad44eb56ffa26fcfb4f656b5a78dbf76a
2019-07-04 16:20:13 +01:00
3c0b581371
Clean code
...
Change-Id: I83287dcd52c4ba566396a0ff7e4f3c3125d12bb0
2019-07-04 16:16:27 +01:00
9b378ceb71
Add options. Add pipe netcat method
...
Change-Id: I0c401add1c2ff76e3e2c3d82a8fb7f74db405a1f
2019-07-04 15:02:03 +01:00
bddfef0cac
Add options. Exploits now works with both setuid and nc methods
2019-07-04 00:16:28 +01:00
c69799262d
fixed issue with hard link exe
2019-07-03 15:44:00 -05:00
a83812ad55
add source code, compiled exe for diaghub loading
2019-07-03 14:32:22 -05:00
a8e4510f53
Merge branch 'exim4-priv-esc' of github.com:yaumn/metasploit-framework into exim4-priv-esc
...
Change-Id: I6f14e91da0bc4bf692acaed1759540f4b5b5f908
2019-07-03 14:34:11 +01:00
bb58160d10
Exploits now also works with netcat
2019-07-03 14:30:23 +01:00
4f1d9af5fd
Add netcat method (still buggy though)
2019-07-03 14:30:23 +01:00
a2411a1d63
First version of the exploit is now working
...
Change-Id: Idf6b6d773cf71c477fe68885313f5f98d74d9c11
2019-07-03 14:30:23 +01:00
bef6425d0e
First commit
...
Change-Id: If751eb1753fc8991fe7971c7123a203734396a46
2019-07-03 14:30:23 +01:00
cd1669f2b2
Use identify_hash for creds
2019-07-03 08:33:26 +00:00
0897849ddf
Land #12045 , lock rex-socket to 0.1.17
2019-07-02 16:55:54 -05:00
5eb339368f
automatic module_metadata_base.json update
2019-07-02 14:35:20 -07:00
6ab02ba0bc
revert rex-socket back to 0.1.17 for now
...
This reverts a change that causes SSL certificate generation to not working properly through all of the various shim functions in rex-socket. This is the quickest fix which grants some time to ponder if the interface could be a little more robust in rex-socket in the first place.
2019-07-02 16:32:52 -05:00
ef20123c34
Land #12044 , snmp_enum SNMP::NoSuchInstance fix
2019-07-02 16:26:33 -05:00
64b385234f
Land #12036 , OpenVAS missing workspace import fix
2019-07-02 16:26:26 -05:00
260c369aff
Fix network interface processing
...
The SNMP walk operation can return an SNMP::NoSuchInstance class.
The error class must be handled rather than attempting to use it as a
valid value.
2019-07-02 15:14:55 -04:00
eeca72d39b
automatic module_metadata_base.json update
2019-07-02 10:59:24 -07:00
df85377ff3
Land #12042 , bypassuac_silentcleanup author fix
2019-07-02 12:43:14 -05:00
5e04ab2e66
Add lokiuox to bypassuac_silentcleanup authors
...
Looks like they were removed by accident.
2019-07-02 12:36:07 -05:00
a0538a9613
Add Xymon useradm Command Execution module
2019-07-02 14:04:07 +00:00
14552a7332
Update documentation
2019-07-02 13:58:19 +00:00
295c484fe4
automatic module_metadata_base.json update
2019-07-01 14:39:07 -07:00
a42c7ea736
land #11990 windows tomcat cmdlinearguments
2019-07-01 17:29:02 -04:00
9ab7b7f5e6
add cmdlineargs example
2019-07-01 17:19:04 -04:00
eb643793a2
automatic module_metadata_base.json update
2019-07-01 14:16:38 -07:00
d3056723e1
Land #12030 , CVE-2019-12181: Serv-U FTP Server prepareinstallation privesc
2019-07-01 16:01:04 -05:00
4e11dcfee1
Fix import issue caused by missing wspace key
...
Modify import module to follow pattern used in other Msf::DBManager
import modules. Test module updated for method name changes.
2019-07-01 15:58:36 -04:00
9539408e33
Add support for retrieving xymonpasswd
2019-07-01 10:51:34 +00:00
51fe61838d
Create xor_context.rb
2019-07-01 10:36:08 +02:00
f630350b1f
Add documentation
2019-06-30 04:09:54 +00:00
1a7fb79cfc
Add config retrieval
2019-06-30 04:03:17 +00:00
82b583b2b5
Use symbolic args
2019-06-30 12:31:29 +10:00
a4da66fabe
Add Xymon Daemon Gather Client Host Information module
2019-06-29 16:48:39 +00:00
b71fe69c16
Add shutdown method to Exploit::Remote::Tcp
2019-06-29 16:42:08 +00:00
d723122e0e
automatic module_metadata_base.json update
2019-06-29 03:52:23 -07:00
e50ab5cd13
Land #11726 , add exploit for CVE-2019-8513, macOS TimeMachine cmd injection
2019-06-29 05:36:12 -05:00
6fd18aaf8a
add High Sierra scenario
2019-06-29 05:35:29 -05:00
45734408a6
remove reload_search since refresh_cache_from_module_files seems to not work as expected at runtime
2019-06-29 03:51:56 -05:00
78967c3e6d
automatic module_metadata_base.json update
2019-06-29 01:46:05 -07:00
a186396836
unlink the user store if it exists
2019-06-29 03:45:53 -05:00
4756a17dfa
remove update of the base module store
2019-06-29 03:37:54 -05:00
42c0a3b96a
deprecate the db_rebuild_cache command, add reload_search
...
For a while, Metasploit has not used the old database-backed module cache in favor of the lightweight JSON data store. This also means that the db_rebuild_cache command has been broken.
While the base module cache usually stays up to date, if you delete a module as a developer, there's currently no great way to make the search function forget about that module unless you rebuild the cache manually (a procedure mostly documented inside of an automated build job).
This moves the logic from that build job into the a new reload_search command, and deprecates the old one.
2019-06-29 03:36:39 -05:00
4e544fe733
Land #11968 , only enable UDP stagers for compatible payloads
2019-06-29 03:34:15 -05:00
83e2c71b44
Land #11923 , Set sockaddr_len with x64 shell_find_port payload
2019-06-29 03:26:52 -05:00
yaumn