adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
58,714 Commits 27 Branches 1,043 Tags
b21fccebaa8ce862d1fb4ea2006f440be3ec64a4
Commit Graph

29835 Commits

Author SHA1 Message Date
h00die b21fccebaa updates from review 2020-12-04 21:50:31 -05:00
h00die 7138f6e48b cleanup 2020-11-22 07:51:03 -05:00
h00die 98d00f47f3 tidy 2020-11-22 07:48:54 -05:00
Spencer McIntyre 1031b12c57 Land #14206, Rockwell FactoryTalk CVE-2020-12027 RCE 2020-11-20 08:49:39 -05:00
Spencer McIntyre a5024238d3 Tweak the check method to return detected and fix a typo 2020-11-19 09:24:27 -05:00
adfoster-r7 2eb2fad212 Land #14294, Allow adding details to CheckCodes, and update ms17_010_eternalblue to validate the target is x64 2020-11-19 14:09:55 +00:00
Pedro Ribeiro b56d2e00fe Update modules/exploits/windows/scada/rockwell_factorytalk_rce.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2020-11-19 19:39:59 +07:00
Pedro Ribeiro c635538e9d Update modules/exploits/windows/scada/rockwell_factorytalk_rce.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2020-11-19 19:39:47 +07:00
Pedro Ribeiro 4c8adcfd46 Update rockwell_factorytalk_rce.rb 2020-11-19 17:56:31 +07:00
William Vu d3f16c7061 Land #14361, COOKIE for sharepoint_ssi_viewstate 2020-11-18 15:55:19 -06:00
William Vu 72a6993408 Add patch bypass (CVE-2020-14750) to references 
We were already using it... but now there's a CVE.
 2020-11-18 10:57:05 -06:00
William Vu 78999bb92c Add an exploit from Exploit-DB 
Written by either (Nguyen) Jang or Mohammed Althibyani. Not used by the
module.

https://www.exploit-db.com/exploits/48971
 2020-11-18 10:56:03 -06:00
William Vu 83beae731f Add WebLogic Administration Console Handle RCE 
CVE-2020-14882
CVE-2020-14883
 2020-11-18 10:56:02 -06:00
dwelch-r7 c7b5616319 Land #14341, Fix NIL Dereference Issues 
Fix NIL Dereference Issues, Missing fail_with Statements, and Update Regex Inside SecureCRT Password Gatherer
 2020-11-18 16:17:25 +00:00
Grant Willcox d96f257842 Fix up mistake where I thought .to_s on an empty string would return an empty string 2020-11-18 09:54:50 -06:00
Grant Willcox ef108eae4c Add in Dean's suggested fix to make the check a little neater 2020-11-17 10:02:02 -06:00
William Vu f73a88a39c Land #14396, hadoop_unauth_exec clarification 2020-11-16 12:44:13 -06:00
Tod Beardsley 06a0634828 Describe the Hadoop vuln as not-a-vuln clearly 2020-11-16 11:31:59 -06:00
Grant Willcox dab01ea179 Add in fixes to use string capture group functionality and also improve the regex so that we get extra info such as port numbers and protocol info from logins other than SSH 2020-11-13 14:14:45 -06:00
A Galway 0328e3f815 Land #14359, gives preference to default target options 2020-11-13 14:44:13 +00:00
Christophe De La Fuente d6b412c58e Land #14340, Add HorizontCMS 1.0.0-beta exploit module and documentation 2020-11-13 13:03:04 +01:00
Alan Foster 79a3328cd3 Validate that AutoCheck is prepended 2020-11-11 22:15:40 +00:00
William Vu fcb507e412 Fix AutoCheck 
I'm a big dummy.
 2020-11-11 15:57:38 -06:00
William Vu 42bdae919b Add SaltStack Salt REST API RCE (CVE-2020-16846) 
Leveraging CVE-2020-25592.
 2020-11-11 13:09:26 -06:00
William Vu 67ae309896 Set plat/arch in saltstack_salt_unauth_rce targets 
Looks like I forgot this, and it affects compatible payloads.
 2020-11-11 13:09:26 -06:00
Spencer McIntyre cbc34d7cbc Tweak the logic for detecting if john is the jumbo version 2020-11-11 09:25:52 -05:00
h00die 4f37e65069 update apply_pot to the hashcat generation 2020-11-11 09:38:02 -05:00
kalba-security ce7031e263 Add suggestions from code review 2020-11-11 07:41:22 -05:00
h00die 4c39695a50 remove cwe-20 from chkrootkit 2020-11-10 12:01:08 -05:00
h00die 768fb7d3a7 remove cwe-74 from cmsms 2020-11-10 11:43:42 -05:00
Spencer McIntyre 76ab0ee849 Land #14304, execute_dotnet_assembly fix parameters management 2020-11-10 09:56:18 -05:00
Shelby Pace 65e1ef4cb8 Land #14253, add wp-file-manager rce for wordpress 2020-11-10 08:48:33 -06:00
Shelby Pace 4382f6ff55 add filedropper usage 2020-11-10 08:47:53 -06:00
adfoster-r7 a169e01aff Land #14371, Add version details to drupal_views_user_enum.rb 2020-11-10 12:55:03 +00:00
Tim W e14813485a Land #14331, add msfvenom apk template cmd injection exploit 2020-11-10 17:33:10 +08:00
h00die 8b9043c3f3 add drupal views version info 2020-11-09 16:03:23 -05:00
adfoster-r7 a0106aa603 Land #14269, Add Apache Zookeeper Information Disclosure Auxiliary Module 2020-11-09 20:12:35 +00:00
Spencer McIntyre 0ccb50ac02 Adjust how HostingCLR arguments are packed 2020-11-09 12:24:55 -05:00
chmod750 5ec0556abd Update modules/exploits/windows/http/sharepoint_ssi_viewstate.rb 
CamelCase update

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>
 2020-11-06 23:26:40 +01:00
chmod750 7a968fcd39 Update modules/exploits/windows/http/sharepoint_ssi_viewstate.rb 
CamelCase update

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>
 2020-11-06 23:20:12 +01:00
chmod750 22b0fae73c Update sharepoint_ssi_viewstate.rb 2020-11-06 16:40:16 +01:00
chmod750 8356b44892 Add cookie header functionnality 2020-11-06 16:16:59 +01:00
Alan Foster 5b438fd933 Preference target values when registering options 2020-11-05 23:16:37 +00:00
Grant Willcox e0209b34c6 Apply initial fixes from Adam's review 2020-11-05 11:53:38 -06:00
Grant Willcox 5761fe9307 Land #14349, Fix merge mistake in PR 14222 2020-11-05 09:07:51 -06:00
Christophe De La Fuente 55ccc42cde Land #14319, wp_Loginizer unauth sqli (CVE-2020-27615) 2020-11-05 15:36:10 +01:00
kalba-security e7a20ec47c Add CVE ID to module and docs 2020-11-05 07:05:32 -05:00
cgranleese-r7 70985a09e2 Merge pull request #14280 from h00die/mikrofileread 
Land #14280, Mikrotik unauthenticated directory traversal file read
 2020-11-05 09:27:47 +00:00
Karn Ganeshen f9a12e6e80 Module updated 
Improved handling of response exceptions
 2020-11-05 04:03:05 +05:30
Grant Willcox a0087842fb Fix an earlier merge mistake, was meant to replace URI.escape with Rex::Text.uri_encode() but instead replaced it with CGI.escape. Fix it to be Rex::Text.uri_encode() 2020-11-04 14:39:16 -06:00