adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
46,254 Commits 27 Branches 1,043 Tags
94de5a4e42cfb1dc0fdfc1233707f71b6d9a628b
Commit Graph

5637 Commits

Author SHA1 Message Date
Brent Cook 461ab4501d add 'Also known as', AKA 'AKA', to module references 2017-06-28 15:53:00 -04:00
William Webb 6349026134 Land #8442, Exploit module for Backup Exec Windows Agent UaF 2017-06-28 10:39:28 -05:00
Mzack9999 66eb89e72a Exploit now uses HTTP mixin 2017-06-25 16:38:21 +02:00
NickTyrer bc8de0fc66 fixed issue where starting waitfor.exe would hang the module 2017-06-24 20:54:31 +01:00
NickTyrer aa18598580 updated cleanup method to remove_persistence to prevent creating rc file even if module fails 2017-06-24 19:20:02 +01:00
NickTyrer 655358cdf1 added missing newline in cleanup method 2017-06-23 17:58:11 +01:00
NickTyrer 916a4da182 fixed cleanup method to include all cleanup options 2017-06-23 17:38:48 +01:00
NickTyrer 412ea9432d removed whitespace 2017-06-23 17:17:07 +01:00
NickTyrer e7d6d5350f added WAITFOR persistence method 2017-06-23 17:05:39 +01:00
Mzack9999 a8865252da Added exploit documentation 2017-06-23 14:12:04 +02:00
Brent Cook 3b248c78f3 resurrect old example modules, integrate into module tree 2017-06-22 11:36:35 -05:00
William Webb 02e4edc4cb Land #8579, Easy File Sharing HTTP Server 7.2 - Post Overflow exploit 2017-06-22 10:56:41 -05:00
Jin Qian b51fc0a34e Land #8489, more httpClient modules use store_valid_credential 2017-06-21 17:18:34 -05:00
Jeffrey Martin 99fb905bbd fix typo 2017-06-21 16:52:09 -05:00
NickTyrer 24404ae40f added heredoc to tidy formatting 
changed USER persistence method to EVENT to better describe technique
removed "auditpol.exe /set /subcategory:Logon /failure:Enable" command from subscription_event method to be more opsec safe
added CUSTOM_PS_COMMAND advanced option
updated description to reflect changes
 2017-06-21 18:15:13 +01:00
Pearce Barry 24d9bec0ae Land #8260, OpManager Version Check 2017-06-20 17:58:10 -05:00
Pearce Barry 241786e71f Update description with tested versions. 2017-06-20 15:32:08 -05:00
Pearce Barry 14f0409c6c Missing regex '+', readding so we get full API key. 2017-06-20 15:28:15 -05:00
Pearce Barry b02719e795 Attempt to appease Travis... 2017-06-20 11:36:08 -05:00
Mzack9999 c7a55ef92f Added exploit documentation 2017-06-20 09:03:40 +02:00
Mzack9999 af4eb0fbe3 Corrected shellcode 2017-06-20 00:55:18 +02:00
Mzack9999 0b04dc0584 Correct EDB Number 2017-06-20 00:52:29 +02:00
Mzack9999 bc826cb824 Easy Chat Server From 2.0 to 3.1 - Buffer Overflow (SEH) exploit 2017-06-20 00:36:59 +02:00
NickTyrer 681f9f37a6 updated check if powershell is available 2017-06-19 08:35:57 +01:00
NickTyrer 096469a8ec added PROCESS persistence method 2017-06-18 20:42:07 +01:00
L3cr0f 23831e6df9 Upload requested changes 2017-06-18 11:34:58 +02:00
Mzack9999 7fb36edd50 corrected msftidy warnings 2017-06-17 22:58:47 +02:00
Mzack9999 31a5cc94b2 Easy File Sharing HTTP Server 7.2 - Post Overflow exploit 2017-06-17 22:35:21 +02:00
NickTyrer 6096e373cc removed whitespace 2017-06-17 10:44:30 +01:00
NickTyrer 85173f36f7 moved exploit method moved to top 
added logon persistence option
fixed typo
cleaned up formatting
 2017-06-17 10:30:38 +01:00
Stephen Shkardoon (ss23) a968a74ae0 Update ms17_010_eternalblue description and ranking. 
The module has been noted to cause crashes, reboots, BSOD, etc, on
some systems.
 2017-06-09 11:01:48 +12:00
bwatters-r7 99fa52e660 Land #8434, Add Windows 10 Bypassuac fodhelper module 2017-06-07 11:15:01 -05:00
NickTyrer 09e4974b99 removed whitespace at end of lines 2017-06-06 14:44:37 +01:00
NickTyrer 1831056010 updated disclosure date 2017-06-06 14:32:19 +01:00
bwatters-r7 f47cc1a101 Rubocop readability changes 2017-06-05 14:32:45 -05:00
NickTyrer 994995671e added wmi_persistence module 2017-06-05 17:44:37 +01:00
L3cr0f 6a3fc618a4 Add bypassuac_injection_winsxs.rb module 2017-06-03 12:59:50 +02:00
Jeffrey Martin 0e145573fc more httpClient modules use store_valid_credential 2017-05-30 14:56:05 -05:00
David Maloney d5e74ffdf3 Merge branch 'master' into feature/eternal_blue/rubysmb_refactor 2017-05-30 13:59:31 -05:00
David Maloney a5f910ea63 move trans2 conditional to case statement 
this is cleaner as a case statement
 2017-05-30 13:52:29 -05:00
David Maloney b65c959347 limited port of the trans2 exploit packets 
ported some of the Trans2 packets for EternalBlue
over to RubySMB, but there is so much jacked up about these
packets I'm not sure we can do much more here
 2017-05-30 13:49:27 -05:00
William Vu 72ff4fbf48 Reword warning message, since it didn't make sense 2017-05-30 13:13:08 -05:00
William Vu 890d35cc30 Fix warning placement to be more helpful 2017-05-30 13:06:23 -05:00
David Maloney e9ac3fce5a update credential mode for EB exploit 
ExternalBlue can now just flat out take
credentials to authenticate with. If credentials
are not supplied then it will still do the
anonymous login.
 2017-05-30 10:55:28 -05:00
Brent Cook beb1cef835 rescue connection failure for netbios, suggest how to fix it 2017-05-30 08:06:39 -05:00
William Vu a781480e89 Add error handling to get_once 
And check for specific ack result/reason for 32-bit.
 2017-05-29 22:28:50 -05:00
William Vu 6e253a5be7 Use Rex::Proto::DCERPC::Response 2017-05-29 21:58:03 -05:00
William Vu 42b14a93b8 Add comments 2017-05-28 23:45:09 -05:00
William Vu 7a2944d113 Implement VerifyArch for ETERNALBLUE 2017-05-28 23:26:59 -05:00
David Maloney ee5f37d2f7 remove nt trans raw sock op 
don't send the nt transact packet as raw
socket data, instead use the client send_recv
method
 2017-05-26 15:50:18 -05:00