adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
75,481 Commits 27 Branches 1,043 Tags
94e5e49052d4f0f165a3220a488ec33a53b082a2
Commit Graph

840 Commits

Author SHA1 Message Date
h00die 94e5e49052 ubuntu needrestart lpe 2024-11-22 15:44:45 -05:00
jvoisin 811678a793 Add openrc to exploits/linux/local/service_persistence.rb 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2024-10-02 12:54:33 +02:00
Brendan dbc020a745 Merge pull request #19441 from Takahiro-Yoko/cve_2023_0386_priv_esc 
Land #19441, Add module: Linux Priv Esc (OverlayFS copying bug) CVE-2023-0386
 2024-09-26 14:07:17 -05:00
Takah1ro 6d541b625f Remove unnecessary shell_path 2024-09-24 08:18:30 +09:00
Takahiro Yokoyama 130f146819 Apply suggestions from code review 
Change to call setgid and setuid in the exploit before executing the payload

Co-authored-by: Brendan <bwatters@rapid7.com>
 2024-09-24 08:06:26 +09:00
Takah1ro 30704c494a Remove unnecessary strip_comments 2024-09-15 10:00:43 +09:00
dledda-r7 83a31c8a2a Land #19454, Persistence post module using motd 2024-09-13 09:02:22 -04:00
jvoisin 6d659e3aa8 Add modules/exploits/linux/local/motd_persistence.rb 2024-09-12 17:41:47 +02:00
Spencer McIntyre 5e71490b66 Fix a typo when the kernel is not Ubuntu 2024-09-09 14:19:20 -04:00
Takah1ro 8ddf8a04ff Remove options 2024-09-07 12:44:37 +09:00
Takah1ro 8366252ba2 Not call payload directory 2024-09-07 12:28:40 +09:00
Takah1ro 692531bb87 Call payload directory 2024-09-07 12:16:04 +09:00
Takah1ro 2b63f8bb88 Rename exploit 2024-09-07 10:29:41 +09:00
Takah1ro 731780ca1a Formatting 2024-09-07 09:21:30 +09:00
Takah1ro 9e832eb483 Use exploit_path variable 2024-09-07 09:19:17 +09:00
Takah1ro fd7321dd3f Strip_comments 2024-09-06 22:58:31 +09:00
Takah1ro b34e807277 Remove unnecessary directory existing check 2024-09-06 22:05:34 +09:00
Takah1ro a40fbb2a7b Remove unnecessary check 2024-09-06 22:04:51 +09:00
Takah1ro d4ac300d73 Fix typo 2024-09-06 21:59:16 +09:00
Takahiro Yokoyama 7a921bbeff Update modules/exploits/linux/local/cve_2023_0386_overlayfs_priv_esc.rb 
Use kernel_version.btween

Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2024-09-06 21:45:32 +09:00
Takah1ro cd97b08c62 Move C code to separate file 2024-09-06 21:09:39 +09:00
Takah1ro 1cc562c863 Use mkdir function 2024-09-06 12:55:51 +09:00
Takah1ro 920ef70105 Exploit dir existing check 2024-09-06 12:53:18 +09:00
Takahiro Yokoyama b243b86157 Update modules/exploits/linux/local/cve_2023_0386_overlayfs_priv_esc.rb 
use linux/x64/meterpreter_reverse_tcp

Co-authored-by: Brendan <bwatters@rapid7.com>
 2024-09-06 08:51:20 +09:00
Takah1ro dc81711301 Make timeout user configurable 2024-09-06 08:24:14 +09:00
Takah1ro afb8c6c27c Strip comments 2024-09-05 23:13:08 +09:00
Takah1ro 3d20dd6ddf Add module: 
Linux Priv Esc (OverlayFS copying bug) CVE-2023-0386
 2024-09-05 22:54:55 +09:00
Jack Heysel 80ee458410 Land #19151, Add Flowmon Priv Esc Feature Module 
Privilege escalation module for Progress Flowmon unpatched feature
 2024-05-29 11:35:53 -04:00
Jack Heysel cc7aeb4364 Fix module cleanup 2024-05-29 08:39:06 -04:00
Jack Heysel 2c6fc11639 Responded to comments, clean up /etc/sudoers file 2024-05-23 16:56:35 -04:00
Dave Yesland 1b55b6512f Rubocop fixes 2024-05-22 12:43:27 -07:00
Dave Yesland b3bc4a6c68 Update progress_flowmon_sudo_privesc_2024.rb 2024-05-21 13:48:20 -07:00
Dave Yesland de99a74540 Update modules/exploits/linux/local/progress_flowmon_sudo_privesc_2024.rb 
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2024-05-21 13:45:36 -07:00
Dave Yesland 5a60a9a3d9 Update modules/exploits/linux/local/progress_flowmon_sudo_privesc_2024.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2024-05-21 13:42:43 -07:00
Dave Yesland a517a218ab Update modules/exploits/linux/local/progress_flowmon_sudo_privesc_2024.rb 
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2024-05-21 13:41:44 -07:00
Dave Yesland 90a0be67b6 Update modules/exploits/linux/local/progress_flowmon_sudo_privesc_2024.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2024-05-21 13:39:54 -07:00
Dave Yesland 1ddc60b185 Update modules/exploits/linux/local/progress_flowmon_sudo_privesc_2024.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2024-05-21 13:39:44 -07:00
Spencer McIntyre 80fdde5fdc Land #19100, Add Loadmaster sudo priv esc 
Add Kemp Progress Loadmaster sudo abuse priv esc
 2024-05-10 10:21:38 -04:00
bwatters b28e263a2b Update debug statements and add protection against bad die name 2024-05-10 08:54:23 -05:00
bwatters 948b18b08c Add a check to the file delete 2024-05-09 15:52:29 -05:00
Spencer McIntyre 47c8d7252b Land #18519, Docker kernel module escape 2024-05-06 09:08:08 -04:00
bwatters b044bcab01 Add command payloads and checks for overwritten files 2024-05-03 13:06:16 -05:00
Spencer McIntyre c2bf9ead06 Add support for redhat based containers 
Containers such as Fedora use a different directory for the kernel
headers.
 2024-05-01 13:30:16 -04:00
DaveYesland c2a561630d Add local privesc module for Flowmon 2024-05-01 09:07:34 -07:00
Spencer McIntyre 2cb0e44740 Don't change the working directory 2024-05-01 10:35:24 -04:00
Spencer McIntyre 67dc01f124 Remove the unnecessary payload space 2024-04-30 16:29:43 -04:00
bwatters d94971598b Add documentation and fix some debug prints 2024-04-29 15:28:34 -05:00
RadioLogic 15a9b59ccf Made case statements more readable 2024-04-26 21:55:01 -04:00
RadioLogic b51d1b9017 Made shared function with checkcontainer 2024-04-26 21:32:20 -04:00
RadioLogic 7dabfb15be Ran rubocop again 2024-04-26 14:52:14 -04:00