adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
68,952 Commits 27 Branches 1,043 Tags
b8bea10296df5d66841e24093eda7c1c03c052d4
Commit Graph

7393 Commits

Author SHA1 Message Date
Spencer McIntyre 3ddcf73c2b Remove the QUICK option altogether 
Use blocks to check whether each service is exploitable as they are
enumerated. With this change, it is the service and path enumeration
halts once an exploitable one is found that yields a session.

Also all files are registered for cleanup.
 2023-01-13 17:06:42 -05:00
h00die f98d1d838b unquoted service path tweaks to check 2023-01-13 17:06:42 -05:00
h00die 90a12cf3b0 unquoted service path tweaks 2023-01-13 17:06:42 -05:00
h00die a6ec7762ea unquoted service path tweaks 2023-01-13 17:06:42 -05:00
h00die c52eb09cbb unquoted service path tweaks 2023-01-13 17:06:42 -05:00
Spencer McIntyre d09aef7dc5 Land #17350, Remove unnecesary sleep 
Remove unnecesary sleep in several bypassuac modules
 2022-12-12 17:45:10 -05:00
Spencer McIntyre 5a66666b4d Fix check methods by using #present? 2022-12-12 16:53:34 -05:00
Ashley Donaldson 8d097e0fd0 Fixes bug in s4u_persistence module 2022-12-09 11:24:16 +11:00
Ashley Donaldson c54109586c Remove unnecesary sleep in several bypassuac modules 2022-12-09 11:09:19 +11:00
Christophe De La Fuente aaef7726db Land #17330, Fix enumerating emails via ProxyShell 2022-12-06 14:02:53 +01:00
cgranleese-r7 8e9e8468f2 Land #17338, Lint modules 2022-12-05 13:17:40 +00:00
adfoster-r7 14d05c9c6c Lint modules 2022-12-05 10:41:31 +00:00
bcoles c1ff9337c8 dnn_cookie_deserialization_rce: Remove empty 'Payload' Hash key 2022-12-04 17:50:24 +11:00
bcoles 431804ef15 Fix typos: Replace 'the the' with 'the' 2022-12-04 17:41:24 +11:00
Spencer McIntyre 96da805014 Fix enumerating emails via ProxyShell 
The ResolveNames endpoint used to gather emails addresses for targeting
only returns 100 at a time. This updates the module to check if the
search result contains all entries and when it does, it recurses into
itself with a refined search prefix. All results are returned to match
the original functionality instead of enumerating and halting once one
that's suitable for exploitation has been found.
 2022-12-02 15:58:50 -05:00
Christophe De La Fuente d3057f15b2 Land #17275, Add Exploit For CVE-2022-41082 (ProxyNotShell) 2022-11-30 18:16:19 +01:00
Spencer McIntyre 264d45e04a Appease rubocop 2022-11-28 10:16:55 -05:00
Spencer McIntyre f24df8a051 Change an exception class and drop DOMAIN passing 2022-11-28 10:06:14 -05:00
Spencer McIntyre 3f58bfe11e Check that the target is Exchange Server 2019 2022-11-23 10:47:10 -05:00
h00die 7227bec259 set autocheck false 2022-11-21 15:53:37 -05:00
bwatters 8c9e2c9fc7 Add check method, update hosting IP/port 2022-11-21 15:53:37 -05:00
h00die d141efcbfe screen effects 2022-11-21 15:53:37 -05:00
h00die 181b8e4eea review comments 2022-11-21 15:53:37 -05:00
h00die d4536b24a6 remote control collection rce 2022-11-21 15:53:37 -05:00
Spencer McIntyre ed99f2f67f Bypass EEMS M1 2022-11-21 11:13:16 -05:00
Spencer McIntyre 29d57dde66 Consolidate into ProxyMaybeShell 2022-11-18 17:01:01 -05:00
Spencer McIntyre fc7594dbc8 Add exploit for CVE-2022-41082 AKA ProxyNotShell 2022-11-18 17:00:27 -05:00
h00die 05b80631f3 update remote mouse version checks 2022-10-17 15:30:17 -04:00
h00die 08deb21ae3 update remote mouse version checks 2022-10-17 15:29:10 -04:00
bwatters ef0ca2edbb Land #17057, Msf::Post::Windows::ExtAPI: Remove load_extapi method 
Merge branch 'land-17057' into upstream-master
 2022-10-07 15:54:52 -05:00
JustAnda7 36f4c702b3 Fixed #16674 2022-10-07 01:59:52 -04:00
space-r7 63af4e3702 Land #17067, add remote mouse rce 2022-10-04 11:40:33 -05:00
h00die 68b2aec6fb review comments 2022-10-03 15:25:53 -04:00
bcoles 5f92d9418d Modules: Fix Stability/SideEffects/Reliability notes for several modules 2022-10-01 17:54:59 +10:00
h00die 1215bf7784 cve 2022-09-29 16:35:09 -04:00
h00die a31e3ea96b remote mouse comments 2022-09-29 16:21:59 -04:00
h00die a070cd3a76 remote mouse comments 2022-09-27 16:52:42 -04:00
h00die 391a27b08c remote mouse rce 2022-09-27 16:37:42 -04:00
h00die 547ab00a0e review comments 2022-09-27 14:51:03 -04:00
h00die bd586962e3 add check method 2022-09-26 17:51:07 -04:00
h00die acba21a899 mobile mouse server exploit 2022-09-26 15:56:06 -04:00
h00die 61f576d3e1 mobile mouse server exploit 2022-09-26 15:45:42 -04:00
Grant Willcox 0908006466 Land #16985, wifi mouse rce - CVE-2022-3218 2022-09-23 14:46:49 -05:00
Grant Willcox 828cdb8862 Fix a typo 2022-09-23 14:20:18 -05:00
Grant Willcox b62f163696 Update documentation on module and exploit a little more to make things a bit clearer 2022-09-23 14:08:18 -05:00
bcoles 5531e3dcab Msf::Post::Windows::ExtAPI: Remove load_extapi method 2022-09-23 17:41:20 +10:00
h00die 32402c0e6d wifi mouse doc updates 2022-09-21 16:35:08 -04:00
Christophe De La Fuente 4943d86ec6 Land #16989, Unified Remote RCE 2022-09-21 14:06:33 +02:00
h00die 9e6c172dd4 unified remote review 2022-09-20 16:44:05 -04:00
h00die 5c35a8d3fd remove bad ref 2022-09-19 16:07:52 -04:00