adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,516 Commits 27 Branches 1,043 Tags
97ebe82e6cf331c8eabdf2a2fbea7104b4fa568f
Commit Graph

442 Commits

Author SHA1 Message Date
bwatters-r7 beb53254c7 Land #13122, Add Exploit Module For CVE-2020-0646 (SharePoint Workflows XOML RCE) 
Merge branch 'land-13122' into upstream-master
 2020-03-25 11:24:15 -05:00
Spencer McIntyre a69f3eb946 Use the correct its instead of it's 2020-03-24 16:44:18 -04:00
Spencer McIntyre a0cd00dac7 Cleanup module doc and comments for CVE-2020-0646 2020-03-24 10:15:58 -04:00
h00die e7da6e77a5 remove and check for instruction text 2020-03-24 09:15:04 -04:00
Spencer McIntyre 0832604131 Finish up the CVE-2020-0646 SharePoint RCE 2020-03-23 18:14:28 -04:00
William Vu 0806e9ef42 Add CmdStager target back in so we can debug it 2020-03-13 11:17:37 -05:00
William Vu 83387212a7 Update language to address different patches 2020-03-12 17:50:13 -05:00
William Vu 0b117849d0 Note specific patch versions 
Hat tip @sranjit-r7.
 2020-03-12 17:40:46 -05:00
William Vu ed5dd4dd20 Add module doc 2020-03-12 17:36:53 -05:00
Spencer McIntyre 77e21de4bd Add additional docs for setting up an environment 2020-03-11 15:05:51 -04:00
Spencer McIntyre 4c004d51a7 Add an exploit for CVE-2020-0618 2020-03-06 16:21:37 -05:00
dwelch-r7 4fe7678b01 Land #12910, Add exploit module for apache activemq traversal 2020-03-05 15:05:13 +00:00
kalba-security cd6c01ae9d Add suggestions from code review. 2020-03-03 20:17:13 +02:00
Spencer McIntyre b3867dc200 Finish up the cve-2020-0688 module 2020-03-02 10:51:25 -05:00
bwatters-r7 c9e4ca34c3 Land #12921, Updating regex in ms16_075_reflection_juicy exploit windows version check 
Merge branch 'land-12921' into upstream-master
 2020-02-20 21:10:37 -06:00
William Vu de6306fa35 Fix message, once more with feeling 2020-02-20 11:26:21 -06:00
William Vu 9c69059a24 Fix DisablePayloadHandler warning once and for all 2020-02-20 10:35:47 -06:00
William Vu 0264802756 Reformat module doc 2020-02-18 23:28:08 -06:00
William Vu a34ffb3694 Fix typos in module doc 2020-02-18 23:27:15 -06:00
William Vu 6ad9956af8 Correct module doc filename 2020-02-18 23:24:46 -06:00
Brent Cook 8489bcdfd9 This fixes broken links to the community.rapid7.com blog 
Performed mechanically with sed, spot-checked that the new blog can consume these links.
 2020-02-18 09:06:11 -06:00
dwelch-r7 0e55e20c9c Land #12902, Add exploit module for crosschex buffer overflow 2020-02-13 15:43:38 +00:00
0x44434241 9e46926a0f Update documentation/modules/exploit/windows/local/ms16_075_reflection_juicy.md 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2020-02-12 08:18:49 +09:00
0x44434241 785dbb6ba3 Update documentation/modules/exploit/windows/local/ms16_075_reflection_juicy.md 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2020-02-12 08:18:27 +09:00
Adam Galway 946e244c8c Updates docs and adds basic options 2020-02-11 13:40:51 +00:00
Adam Galway a7a80e08a8 Updated docs with platform info 2020-02-11 12:55:07 +00:00
0x44434241 9c30250161 Updating documentation for juicy potato exploit. 
Added a link to information on the expiry of the bug, and explicitly
listing which versions of Microsoft Windows were and were not
vulnerable.
 2020-02-10 16:33:45 +09:00
bwatters-r7 7f3c0c9314 Land #12906, Add module for CVE-2019-19363 
Merge branch 'land-12906' into upstream-master
 2020-02-06 15:22:17 -06:00
Shelby Pace e736588795 change method of exploitation for reliability 
This commit changes a few things:
  1. The module first writes the dll to a
     temp location.
  2. The module writes a batch file to a
     temp location.
  3. The batch file copies the dll until
     the copy command fails (presumably
     because the dll is now in use by
     PrintIsolationHost.exe).
  4. The dropped files are deleted.
  5. Docs updated to reflect changes.
 2020-02-06 12:51:36 -06:00
bwatters-r7 9db6b5184b Land #12894, Add Windscribe WindscribeService Named Pipe Privilege Escalation 
Merge branch 'land-12894' into upstream-master
 2020-02-05 12:37:34 -06:00
kalba-security 20386f1aa4 Add apache_activemq_traversal_upload module and documentation 2020-02-04 12:01:41 +02:00
Shelby Pace 772431a29e add documentation 2020-02-03 16:25:16 -06:00
William Vu fa6573f8e7 Note arch in supported target 2020-02-03 11:16:16 -06:00
William Vu e12d993027 Move SMB DOPU module to match new naming scheme 2020-02-03 11:16:16 -06:00
William Vu 4ba0762089 Update module doc with service pack 2020-02-03 11:16:16 -06:00
William Vu 3074e5bece Update module doc once more 2020-02-03 11:16:16 -06:00
William Vu 4d21b0e88e Update prints in check for visibility 
vprint_good should be print_warning, and most vprints should be print,
even if in check, since check is critical functionality.
 2020-02-03 11:16:16 -06:00
William Vu 51ab58f7c9 Add module doc 2020-02-03 11:16:16 -06:00
Brendan Coles 34621c0adc Add Windscribe WindscribeService Named Pipe Privilege Escalation 2020-02-01 00:41:07 +00:00
tperry-r7 3ffc79aa85 Land #12878, msftidy_docs 
Land #12878, msftidy_docs
 2020-01-31 11:59:50 -06:00
h00die bd48588fd5 catch false positive spaces at eol from code indent 2020-01-28 14:28:18 -05:00
bwatters-r7 0d8d17c63d Land #12736, Add support for PPID spoofing 2020-01-24 08:49:51 -06:00
tperry-r7 3518b9465c Merge pull request #12831 from h00die/doc_cleanup 
Documentation standardization. This is the first step in standardizing the module documentation.
 2020-01-22 14:53:12 -06:00
bwatters-r7 208aa3454f Add documentation and warning for PPID interaction 2020-01-22 13:36:34 -06:00
h00die bc312420ca module doc standardizations 2020-01-20 21:41:32 -05:00
h00die ca59b06fd3 module doc standardizations 2020-01-20 21:26:59 -05:00
h00die f3c75e93f3 remove tailing double pounds 2020-01-16 11:57:52 -05:00
h00die dc01f2e99b remove s from application 2020-01-16 11:45:10 -05:00
h00die e4013846d3 more standardizations 2020-01-16 11:32:02 -05:00
h00die b2e0950bba caps 2020-01-16 11:09:29 -05:00