adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
44,126 Commits 27 Branches 1,043 Tags
a78d8f83fc71ca5fe97aec3d32efea329e63cb44
Commit Graph

132 Commits

Author SHA1 Message Date
Steven Patterson df2b62dc27 Add Mako Server CMD injection Linux support, update docs, move to multi 2017-11-10 16:28:39 -05:00
h00die 52888871e3 Land #8747 RCE for Geutebrueck GCore on Windows 2017-11-08 20:22:54 -05:00
h00die 7ad151e68b gcore formatting update 2017-11-08 20:21:40 -05:00
Adam Cammack 39916ef61a Land #9133, Command injection in Mako Server examples 2017-11-08 15:11:01 -06:00
bwatters-r7 5a07be9b96 Land #9041, Add LPE on Windows using CVE-2017-8464 2017-11-08 10:09:03 -06:00
bwatters-r7 19e3e181c1 Fix compiling instructions 2017-11-08 09:36:32 -06:00
Spencer McIntyre fa8d017579 Change documentation from a first person context 2017-11-08 09:29:46 -05:00
bwatters-r7 11093b8393 Added documentation 2017-11-08 08:07:06 -06:00
Steven Patterson 8613852ee8 Add Mako Server v2.5 command injection module/docs 2017-10-26 23:29:11 -04:00
Wei Chen c67a5872cd Land #9055, Add exploit for Sync Breeze HTTP Server 
Land #9055
 2017-10-13 17:34:03 -05:00
bwatters-r7 294230c455 Land #8509, add Winsxs bypass for UAC 2017-10-11 16:24:52 -05:00
Ernesto Fernandez ffa29de6c9 Update bypassuac_injection_winsxs.md 2017-10-11 11:43:28 +02:00
bwatters-r7 59d03ec4db Added markdown doc for documentation. 2017-10-10 13:05:29 -05:00
jakxx fd0ce33341 Updated Module Documentation 2017-10-10 12:36:32 -04:00
h00die b796c0be16 fixing docs 2017-10-09 20:31:23 -04:00
Mehmet Ince c14c93d450 Integrate OfficeScan 11 exploitation and fix grammer issues 2017-10-09 22:11:42 +03:00
Mehmet Ince 79c9123261 Adding Trend Micro OfficeScan widget rce module 2017-10-08 17:54:18 +03:00
M4P0 7fe750422e Update geutebrueck_gcore_x64_rce_bo.md 2017-10-06 15:41:12 +02:00
Maurice Popp 770547269b added documentation, and fixed 4 to 2 indentation 2017-10-06 15:39:25 +02:00
loftwing e3deaadcc7 Documentation added 2017-09-14 11:52:15 -05:00
h00die be66ed8af3 Land #8788 exploits for Gh0st and PlugX malware controllers 2017-09-05 20:42:07 -04:00
h00die d05c401866 modules cleanup and add docs 2017-09-04 20:57:23 -04:00
james 5bf1d916bc Fix uneven quotes in various documentation files 
Uneven quotes lead to malformed markdown, which will not render as intended.
Even out the quotes in several files.
 2017-08-26 19:12:48 -05:00
h00die a0585dcb9e Land #8872 docs for octopusdeploy_deploy 2017-08-22 21:36:44 -04:00
james 7f8e6b83dc Update documentation for exploit/windows/http/octopusdeploy_deploy 
Remove self explanatory options.
 2017-08-21 19:47:24 -05:00
james 60215297be Update documentation for exploit/windows/http/octopusdeploy_deploy 
Fix awkward wording.
 2017-08-21 19:17:41 -05:00
james de9392995a Add documentation for exploit/windows/http/octopusdeploy_deploy 2017-08-21 19:11:36 -05:00
Brent Cook 2eba188166 Land #8789, Add COM class ID hijack method for bypassing UAC 2017-08-20 13:57:17 -05:00
OJ 408a83a36b Added comhijack module documentation 2017-08-16 13:05:27 +10:00
Brent Cook da3ca9eb90 update some documentation 2017-08-03 17:09:44 -05:00
Yorick Koster 67dddd2402 Typo reported by @nixawk 2017-08-02 15:47:21 -05:00
Yorick Koster 3229320ba9 Code review feedback from @nixawk 2017-08-02 15:46:51 -05:00
Yorick Koster 565a3355be CVE-2017-8464 LNK Remote Code Execution Vulnerability 
This module exploits a vulnerability in the handling of Windows
Shortcut files (.LNK) that contain a dynamic icon, loaded from a
malicious DLL.

This vulnerability is a variant of MS15-020 (CVE-2015-0096). The
created LNK file is similar except in an additional
SpecialFolderDataBlock is included. The folder ID set in this
SpecialFolderDataBlock is set to the Control Panel. This is enought to
bypass the CPL whitelist. This bypass can be used to trick Windows into
loading an arbitrary DLL file.
 2017-08-02 15:46:30 -05:00
Brent Cook 7c55cdc1c8 fix some module documentation 
3 modules got documentation landed in the wrong spot. This also fixes a few
typos and improves formatting.
 2017-07-23 07:46:52 -07:00
William Webb 6349026134 Land #8442, Exploit module for Backup Exec Windows Agent UaF 2017-06-28 10:39:28 -05:00
Pearce Barry 24d9bec0ae Land #8260, OpManager Version Check 2017-06-20 17:58:10 -05:00
Pearce Barry 700d392106 Add markdown docs. 2017-06-20 17:45:44 -05:00
bwatters-r7 99fa52e660 Land #8434, Add Windows 10 Bypassuac fodhelper module 2017-06-07 11:15:01 -05:00
h00die 1c23be91a7 sample output to scenarios conversion in docs 2017-05-31 21:21:38 -04:00
Matthew Daley d530c49645 Add documentation for CVE-2017-8895 exploit module 2017-05-24 00:28:37 +12:00
amaloteaux 2fbbc98b5d document little trick for those who read :) 2017-05-22 19:50:40 +01:00
amaloteaux 93bb47d546 msftidy fix 2017-05-22 19:27:15 +01:00
amaloteaux 6f1f630b0e add documentation 2017-05-22 19:17:26 +01:00
William Webb 467f1ce0ca Land #8411, Buffer overflow in VXSearch Enterprise v9.5.12 2017-05-22 07:37:31 -05:00
Daniel Teixeira ca6b00161d VX Search Enterprise GET Buffer Overflow Doc 2017-05-18 17:12:10 +01:00
wchen-r7 c0bf2cc6e7 Land #8401, Buffer Overflow on Sync Breeze Enterprise 9.4.28 2017-05-17 23:39:50 -05:00
Daniel Teixeira 57eac49222 Add files via upload 2017-05-17 10:52:36 +01:00
William Webb 7e2dab4ddc Land #8303, Buffer Overflow on Dupscout Enterprise v9.5.14 2017-05-17 01:04:59 -05:00
William Vu 21e741b530 Comment out x86 targets in ms17_010_eternalblue.md 
Still under development.
 2017-05-16 19:52:44 -05:00
wchen-r7 77a9676efb Land #8347, Add Serviio Media Server checkStreamUrl Command Execution 2017-05-16 16:20:39 -05:00