adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
61,306 Commits 27 Branches 1,043 Tags
aebdc0ddfca89f89840e9ff98c345eb84d0f3fa3
Commit Graph

31162 Commits

Author SHA1 Message Date
William Vu aebdc0ddfc Update module credits 
Clarified contributions.
 2021-07-14 15:10:25 -05:00
adfoster-r7 57dc806522 Land #15420, Load Net::SSH for eaton xpert backdoor module 2021-07-13 09:46:49 +01:00
William Vu 6a6c08c773 Fix edge case in method overloading 2021-07-12 20:29:56 -05:00
Alan Foster ad20954e0d Load Net::SSH for eaton xpert backdoor module 2021-07-12 22:11:20 +01:00
William Vu d29532d4c4 Add VMware vCenter Server CVE-2021-21985 exploit 2021-07-12 13:07:05 -05:00
Spencer McIntyre beb39ae5bc Mark another Powershell payload as dynamic 2021-07-12 10:06:56 -04:00
Spencer McIntyre a23ef5ec5d Set dynamic cached size on reverse powershell 2021-07-12 09:22:59 -04:00
Tim W 6300518e19 Fix #15254, set dynamic cached size on powershell payloads 2021-07-12 12:55:24 +01:00
Tim W 39455827aa Land #15254, use obfuscated powershell protection bypasses 2021-07-12 12:20:17 +01:00
Grant Willcox 02ecc22751 Land #15386, Add module for CVE-2021-35464; pre-auth RCE in ForgeRock AM (and OpenAM) server 2021-07-09 17:01:25 -05:00
Spencer McIntyre fba838f4e8 Update docs, pin version and fix the check method 2021-07-09 16:39:58 -04:00
Spencer McIntyre 9e61bf5752 Update the rex-powershell gem and unit tests 2021-07-09 15:35:37 -04:00
Grant Willcox 89b36bd1b8 Fix a small error in the logic so that we check the response body vs the response itself as per wvu's comment 2021-07-09 12:26:57 -05:00
Christophe De La Fuente 8b4bce35ca Fix issues from rubocop and msftidy_docs.rb 2021-07-09 15:47:11 +02:00
Christophe De La Fuente 5a71e7b0ee Merge remote-tracking branch 'upstream/pr/15154' into HEAD 2021-07-09 15:32:04 +02:00
adfoster-r7 f189724174 Land #15217, Combine eternalblue modules 2021-07-09 12:23:34 +01:00
William Vu 6fbaecf919 Backport print changes to recent modules 2021-07-08 21:26:35 -05:00
Grant Willcox 570ba091f6 Update some typos in the documentation and also update the exploit module to handle various cases whereby the dbus-send command might end up timing out due to TIMEOUT being too low and to fix some final issues found during testing 2021-07-08 16:24:01 -05:00
Grant Willcox 9f88ef0954 Fix up review comments 2021-07-08 16:22:29 -05:00
Jack Heysel 54ee8f7ae7 Added cmd_delay nil check, updated title 2021-07-08 16:20:45 -05:00
Jack Heysel 0f67dd5212 Fixed get_cmd_delay, reponded to comments 2021-07-08 16:20:38 -05:00
Jack Heysel 9a07039e7e Updated docs 2021-07-08 16:09:15 -05:00
Jack Heysel fdbf669da2 Fixed check for /bin/su 2021-07-08 16:09:12 -05:00
Jack Heysel 285a6338fa Print error instead of failwith when exploit commands unsuccessful 2021-07-08 16:09:12 -05:00
Jack Heysel f797f30651 Fixed call to write directory 2021-07-08 16:09:04 -05:00
Jack Heysel 1a73cfbe25 Updated check method 2021-07-08 16:09:03 -05:00
Jack Heysel c5a9ecd45b WritableDir as advanced opt 2021-07-08 16:09:03 -05:00
Jack Heysel f87f831aba Module updates + Docs 2021-07-08 16:09:02 -05:00
Jack Heysel 8d2d445699 Send one large command over many of smaller size 2021-07-08 16:08:36 -05:00
Jack Heysel e7608d79f6 Polkit authentication bypass 2021-07-08 16:08:33 -05:00
Grant Willcox 8b3d057e9e Address Spencer's comments by adding in an extra nil check and removing an unneeded library import 2021-07-08 13:07:51 -05:00
A Galway cb31ffd82f add support for authenticated login with smb1 2021-07-08 18:41:54 +01:00
A Galway ccf5c36c44 combine both verseions of eb into a single module 2021-07-08 17:42:35 +01:00
A Galway 88e64fcfae eternalblue_win8 ported from python to ruby 2021-07-08 17:42:30 +01:00
Spencer McIntyre dc9c0035ab Land #15371, check if apport-cli is in $PATH 
Fixes #15370
 2021-07-08 09:28:35 -04:00
Spencer McIntyre 636b790acb Update to using the AutoCheck mixin 2021-07-08 09:03:42 -04:00
William Vu fc1a34d7b1 Improve here doc formatting 2021-07-08 01:19:21 -05:00
Grant Willcox e9c748cccc Land #15385, Add Module For CVE-2021-1675 / CVE-2021-34527 AKA PrintNightmare 2021-07-07 17:05:40 -05:00
Grant Willcox 70fd9376e3 Final documentation improvements to explain SMB setup and improvements to module to fix one minor error output 2021-07-07 17:05:22 -05:00
Spencer McIntyre f42aa3742c Automatically reconnect to the named pipe 2021-07-07 13:25:51 -04:00
William Vu af986380d3 Fix CheckCode 
It's closer to CheckCode::Appears than CheckCode::Vulnerable.
 2021-07-06 22:22:27 -05:00
Spencer McIntyre f74903178e Add a check method that detects the service 2021-07-06 17:29:08 -04:00
Spencer McIntyre d5d48949b2 Update PrintNightmare module docs 2021-07-06 16:30:51 -04:00
Spencer McIntyre a0bd903b50 Update module docs and the TARGETURI option 2021-07-06 15:52:50 -04:00
Spencer McIntyre bfc45359ff More documentation updates and address PR feedback 2021-07-06 11:27:06 -04:00
agalway-r7 410493f729 Land #15318, NSClient priv esc post module 2021-07-06 16:07:30 +01:00
Spencer McIntyre 0f9b913b0f Remove the RPORT redefinition 2021-07-06 09:29:01 -04:00
Hakyac 8b0c4a1042 Update modules/exploits/windows/local/nscp_pe.rb 
Co-authored-by: agalway-r7 <agalway@rapid7.com>
 2021-07-06 11:18:56 +02:00
Yann Castel 1a057d321b rhost is working 2021-07-05 10:24:49 +02:00
bwatters 0a43ec7e4a Add module for CVE-2021-35464; pre-auth RCE in ForgeRock OpenAM server 2021-07-02 16:05:39 -05:00