adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
59,500 Commits 27 Branches 1,043 Tags
9beec65ef34c4e90a00a41ee1c8de0f9e6effd2a
Commit Graph

608 Commits

Author SHA1 Message Date
CSharperMantle d99c2ac783 linguistic fixes of 'does not exists' 2020-12-23 11:36:38 +08:00
dwelch-r7 1617b3ec9b Use zeitwerk for lib/msf/core folder 2020-12-07 10:31:45 +00:00
Alan Foster 30809787c4 Convert disclosure dates to iso8601 2020-10-02 21:00:37 +01:00
William Vu a6f7c0c0de Backport miscellaneous fixes to my modules 2020-08-14 13:40:23 -05:00
Adam Galway 1a2bf98222 creates standard elog & updates exisiting usages 2020-06-22 12:48:39 +01:00
Alan Foster 6007e13379 Fix edgecase in rubocop module description rule 2020-06-10 12:11:49 +01:00
Brendan Coles ad05cf7870 Update TinyIdentD 2.2 Stack Buffer Overflow module 2020-05-23 04:43:44 +00:00
William Vu 0bcc473ded Rename option to HOSTINFO_NAME and update doc 2020-05-01 12:59:01 -05:00
William Vu c27269105e Rename CmdStager to psh_invokewebrequest 2020-05-01 12:31:53 -05:00
William Vu 1364b08c4f Make host info name configurable as an option 
Though it has to be recognized by the server.
 2020-05-01 12:19:12 -05:00
William Vu 96f802585a Update dropper payload to stageless 
We're using Invoke-WebRequest now. Or anything similar.
 2020-05-01 12:19:12 -05:00
William Vu 9adaa08ddd Use new PowerShell Invoke-WebRequest CmdStager 2020-05-01 12:19:12 -05:00
William Vu 9bfecbc2aa Print the responses if found but don't bail 
The responses aren't always in sync, causing unexpected failures.
 2020-05-01 12:19:12 -05:00
William Vu bb034acd7c Note reason for SERVICE_RESOURCE_LOSS 2020-05-01 12:19:12 -05:00
William Vu 309475259a Remove doubled-up command prefix from dropper 
The library prefixes "cmd /c" automatically.
 2020-05-01 12:19:12 -05:00
William Vu 84061881b8 Clarify module description 2020-05-01 12:19:12 -05:00
William Vu 9d601b50c2 Note how we trigger the deserialization vuln 2020-05-01 12:19:12 -05:00
William Vu efab4f04f7 Add Veeam ONE Agent .NET deserialization exploit 2020-05-01 12:19:12 -05:00
Alan Foster 3a046f01da Run rubocop -a on subset of files 2020-03-06 10:41:45 +00:00
Alan Foster 6bac1ec2aa Remove executable flags from exploit files 2020-02-26 10:39:50 +00:00
William Vu 4fa3b25788 Correct language in crosschex_device_bof 2020-02-18 23:18:45 -06:00
Brent Cook 8489bcdfd9 This fixes broken links to the community.rapid7.com blog 
Performed mechanically with sed, spot-checked that the new blog can consume these links.
 2020-02-18 09:06:11 -06:00
Adam Galway 2ca2b5c7bb replaces magic numbers with target fields 2020-02-13 14:17:23 +00:00
Adam Galway cbcf8a2a68 adds to_i and removes default options 2020-02-12 12:04:15 +00:00
Adam Galway 8fd3b483d3 improves option descriptions & timeout handling 2020-02-11 15:05:24 +00:00
Adam Galway 946e244c8c Updates docs and adds basic options 2020-02-11 13:40:51 +00:00
Adam Galway a7a80e08a8 Updated docs with platform info 2020-02-11 12:55:07 +00:00
Adam Galway ddec8a58a1 disables payload padding and describes shell code 2020-02-05 18:09:39 +00:00
Adam Galway d76546f8ee clarifies inserted shell code's function 2020-02-04 15:14:36 +00:00
Adam Galway 671f2e9616 msfTidy: set disclosure date to proper format 2020-02-04 11:55:39 +00:00
Adam Galway 37065f5ffe PR Changes: More Cleanup 2020-02-04 10:59:02 +00:00
Adam Galway 4fd865f3a9 PR Changes: Comments, fail_with, and cleanup 2020-02-04 10:57:41 +00:00
Adam Galway 2ce3cb9e86 updated description 2020-02-03 17:09:56 +00:00
Adam Galway 6b229177f1 Add crosschex buffer overflow exploit 2020-02-03 17:02:04 +00:00
h00die 9f29f5f419 fix spelling received 2019-10-05 14:40:27 -04:00
William Vu 32334c2386 Update all module splats from http:// to https:// 2019-08-15 18:10:44 -05:00
Adam Cammack cf9b94a964 Set needs_cleanup flag for exploits that need it 
The `needs_cleanup` flag needs to be set per-module when an exploit
needs an interactive session to clean up. Some `FileDropper` exploits
need additional cleanup to what the mixin provides, but since all
`FileDropper`s already mark themselves as needing cleanup those are not
covered here. A few of these could potentially be refactored to use the
original exploitation method to clean up or to compile the list of
files/commands to clean up ahead of time, but that is out of the scope
of this fix.
 2019-08-02 10:23:53 -05:00
Wietsman 3b08ed88d1 #12095 added version check if vulnerable 
#12095 cleaned up the code
#12095 added more output
#12095 added comments
 2019-07-22 16:43:24 +02:00
Wietsman 71da3b7903 #12095 Added cleaning up of trial account and dropper files. 2019-07-21 03:21:15 +02:00
Wietsman e26b650f31 #12095 Fixed Password complexity generation 
#12095 Fixed trial account creation
#12095 Fixed calling functions
 2019-07-18 13:13:39 +02:00
Wietse Boonstra 2b7d6e07b1 #12095 Fixed issue with function naming. 
Added random username and password generating
 2019-07-18 10:54:12 +02:00
Wietsman 26c87b1869 Wrap to 80 columns 2019-07-17 00:21:21 +02:00
Wietsman 73c6a11ccb Apply suggestions from code review 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-07-16 22:38:58 +02:00
Wietsman 2d86312f6c Apply suggestions from code review 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-07-16 22:37:56 +02:00
Wietsman ac454d3044 Ahsay backup v7.x - v8.1.1.50 file upload 2019-07-16 16:10:13 +02:00
p0w1 f63a2a6e58 add badchar 2019-04-25 18:24:26 +02:00
@shellfail 985285d880 Update modules/exploits/windows/misc/ais_esel_server_rce.rb 
Co-Authored-By: p0w1 <39155277+p0w1@users.noreply.github.com>
 2019-04-25 18:05:50 +02:00
@shellfail 98b054b8a4 Update modules/exploits/windows/misc/ais_esel_server_rce.rb 
Co-Authored-By: p0w1 <39155277+p0w1@users.noreply.github.com>
 2019-04-25 18:05:43 +02:00
@shellfail 537f55e9da Update modules/exploits/windows/misc/ais_esel_server_rce.rb 
Co-Authored-By: p0w1 <39155277+p0w1@users.noreply.github.com>
 2019-04-25 18:05:32 +02:00
@shellfail 9206bd404d Update modules/exploits/windows/misc/ais_esel_server_rce.rb 
Co-Authored-By: p0w1 <39155277+p0w1@users.noreply.github.com>
 2019-04-25 18:05:22 +02:00