adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
53,692 Commits 27 Branches 1,043 Tags
9b9d3013a40698890d473360ac94de945e76200d
Commit Graph

407 Commits

Author SHA1 Message Date
h00die 9f29f5f419 fix spelling received 2019-10-05 14:40:27 -04:00
William Vu 32334c2386 Update all module splats from http:// to https:// 2019-08-15 18:10:44 -05:00
Wei Chen 6847fcc199 Update CVE reference and datastore options for WebLogic exploit 2019-05-20 13:10:06 -05:00
asoto-r7 f89b0e848f Land PR#11780, exploit/multi/misc/weblogic_deserialize_asyncresponseservice 2019-05-06 15:36:47 -05:00
asoto-r7 abfe4fd2c2 weblogic_deserialize_asyncresponseservice: Added check method, improved exception handling, minimizing XML strings 2019-05-06 15:16:50 -05:00
Andrés Rodríguez d1ca87b810 Improvements to the payloads config. 2019-05-01 00:06:46 -05:00
Andrés Rodríguez 4c612efc16 Spaces at EOL (again). 2019-04-30 23:36:52 -05:00
Andrés Rodríguez 384c8b3959 Pulling the XML out into its own method. 2019-04-30 23:23:38 -05:00
Andrés Rodríguez 554f781382 Spaces at EOL. 2019-04-30 23:03:25 -05:00
Andrés Rodríguez b3a4b639c3 Use of suggested multi-line string for XML and case for the OS. 2019-04-30 22:43:45 -05:00
Andrés Rodríguez ce25253e5a Some suggested fixes. 2019-04-30 21:36:51 -05:00
bcoles 80b066ad03 Forgotten string interpolation.. 
Co-Authored-By: acamro <acamro@users.noreply.github.com>
 2019-04-25 21:56:42 -05:00
Andres Rodriguez 6cdfde7268 Some fixes for char escapes... 2019-04-25 19:32:17 -07:00
Andrés Rodríguez 64491ef690 Remove file bad chars... 2019-04-25 20:52:11 -05:00
Andres Rodriguez 9a4717f1af Weblogic deserialize AsyncResponseService module 2019-04-25 18:03:17 -07:00
Ben Schmeckpeper 7d1f6afd4a Remove trailing space from CVE reference 2019-04-03 09:21:55 -05:00
surefire 1b6cd64016 Land #11136, exploit/multi/misc/weblogic_deserialize_unicastref 2019-04-01 18:15:26 -05:00
surefire 40191e5a01 Dissected JSOs, randomized strings, copied T3 header breakdown from @acamro 2019-04-01 18:05:45 -05:00
surefire f292befed4 Land #11134, exploit/multi/misc/weblogic_serialize_marshalledobject 2019-04-01 14:11:30 -05:00
surefire 4d0e47044b Fixed a hardcoded payload length resulting in 40% failures 2019-04-01 14:05:39 -05:00
asoto-r7 399532154d Fix a git snafu when landing #11131 
While landing PR #11131, I tripped over my own shoelaces and overwrote `weblogic_deserialize_rawobject.rb` with `weblogic_deserialize_unicastref.rb`, destroying my changes and introducing a great deal of confusion.

This PR gets us back to where we should have been, with #11131 landed and a few changes to add randomization and expanding on the T3 protocol.
 2019-03-26 17:54:37 -05:00
asoto-r7 26b67bbf91 Fix two-byte error, add randomization, T3 notes from @acamro 2019-03-26 16:45:17 -05:00
asoto-r7 5f5d475c2e Add expected traceback error to documentation 2019-03-26 16:44:45 -05:00
asoto-r7 f9361324bd Merge branch 'weblogic_serialize_rawobject' of git://github.com/acamro/metasploit-framework into acamro-weblogic_serialize_rawobject 2019-03-26 16:38:27 -05:00
rwincey 59fc1ec7ab Rubocop changes 2019-03-09 12:22:04 -05:00
Andres Rodriguez ea45468639 Merge branch 'master' of github.com:rapid7/metasploit-framework into weblogic_serialize_unicastref 2019-03-02 00:49:13 -08:00
rwincey f05d86ffae Even Less Code 2019-02-28 21:49:29 -05:00
rwincey b96326ec80 Less Code 2019-02-28 21:48:25 -05:00
asoto-r7 efba6d2d9c Reverse engineered JSOs 2019-02-20 16:45:47 -06:00
asoto-r7 0f9a796d2f Reverse engineered JSOs, used new ysoserial functionality 2019-02-20 14:28:09 -06:00
asoto-r7 5f84cbc078 Reverse engineered JSOs, used new ysoserial functionality 2019-02-20 14:12:24 -06:00
rwincey a0b5291c30 Space slipped in 2019-02-13 10:25:21 -05:00
rwincey e716c24f2d Style police :P 2019-02-13 00:35:54 -05:00
rwincey b55fdc7323 Minor updates 2019-02-11 21:39:43 -05:00
rwincey f1675cddad Documentation 2019-02-10 23:16:45 -05:00
rwincey ced3ad0bfd BMC Patrol CMD Exec Module 2019-02-10 22:26:24 -05:00
Brendan Coles 24f807490f revisionism 2019-01-10 19:19:14 +00:00
Shelby Pace 29e7c49332 Land #10444, add Consul rexec RCE module 2018-12-28 09:14:28 -06:00
Shelby Pace fb8f06b2f5 Land #10443, add Consul service RCE module 2018-12-28 08:33:56 -06:00
Quentin Kaiser 18c844623a Remove extra spaces. 2018-12-24 13:48:07 +01:00
Quentin Kaiser e10792f4e6 Remove extra space. 2018-12-24 13:30:03 +01:00
Jacob Robles 4bc871c499 Add CmdStager to erlang_cookie_rce 2018-12-21 07:33:37 -06:00
Quentin Kaiser bf2de42077 Now supports all version of Consul. 2018-12-20 18:56:07 +01:00
Quentin Kaiser 2919b970cd Implement execution checks with a timeout limit so we don't leave zombie checks running in background. 2018-12-20 18:41:35 +01:00
Quentin Kaiser ba5c40db77 No need for CVE field. 2018-12-20 18:18:53 +01:00
Milton-Valencia bb758f9a61 I didn't forget msftidy I swear 2018-12-18 14:55:12 -06:00
Milton-Valencia 8a2a605a99 added targets 2018-12-18 14:50:57 -06:00
Quentin Kaiser ef8601aa71 Bail early if we receive an unexpected response. 2018-12-18 19:42:26 +01:00
Quentin Kaiser 4ee7bdee6c Merge branch 'consul_service_exec' of github.com:QKaiser/metasploit-framework into consul_service_exec 2018-12-18 19:33:51 +01:00
Quentin Kaiser b3563b1bc2 Cleaner version of check function thanks to @bcoles. 2018-12-18 19:33:30 +01:00