adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,838 Commits 27 Branches 1,043 Tags
baae9db092a4eaa4e6f3df65d22eded18d5fd20c
Commit Graph

1050 Commits

Author SHA1 Message Date
Adam Galway e8d134fc56 Land #12096, DNN cookie desrialization exploit 2020-04-02 15:57:46 +01:00
Spencer McIntyre 54edd201e4 Cleanup cmdstager options 2020-03-24 17:14:47 -04:00
Spencer McIntyre a69f3eb946 Use the correct its instead of it's 2020-03-24 16:44:18 -04:00
Spencer McIntyre a0cd00dac7 Cleanup module doc and comments for CVE-2020-0646 2020-03-24 10:15:58 -04:00
Spencer McIntyre 0832604131 Finish up the CVE-2020-0646 SharePoint RCE 2020-03-23 18:14:28 -04:00
Spencer McIntyre 6c24ed4c96 Initial SharePoint WorkFlows XOML RCE module 2020-03-20 17:57:54 -04:00
William Vu ddefafab78 Revert "Patch serialVersionUID in the library" 
This reverts commit eaf8554e69.
 2020-03-13 17:36:40 -05:00
William Vu 02e2072a87 Update module traits after joint testing 2020-03-13 14:01:54 -05:00
William Vu eaf8554e69 Patch serialVersionUID in the library 2020-03-13 13:17:26 -05:00
William Vu c11be38e1c Default to certutil CmdStager 2020-03-13 12:38:07 -05:00
William Vu 03ff32210e Fix CmdStager target 2020-03-13 12:26:45 -05:00
William Vu 0806e9ef42 Add CmdStager target back in so we can debug it 2020-03-13 11:17:37 -05:00
William Vu 4f6720f962 Add TARGETURI back in 2020-03-13 11:05:14 -05:00
William Vu 83387212a7 Update language to address different patches 2020-03-12 17:50:13 -05:00
William Vu 0b117849d0 Note specific patch versions 
Hat tip @sranjit-r7.
 2020-03-12 17:40:46 -05:00
William Vu a908ceb58a Add ManageEngine Desktop Central exploit 2020-03-12 17:36:53 -05:00
Christophe De La Fuente f7d8c43722 Land #13040, SQL Server Reporting Services ViewState deserialization RCE 2020-03-12 18:26:01 +01:00
Spencer McIntyre f3d38e147d Replace another use with the target type 2020-03-09 11:43:26 -04:00
Spencer McIntyre b148e9da30 Land #13042, use VHOST when creating the full URI 2020-03-09 10:40:03 -04:00
Brent Cook b19ed20d0a Land #12990, Add initial rubocop rules to consistently format modules 2020-03-09 09:24:46 -05:00
Spencer McIntyre 9bd6fb9e76 Update cve-2020-0618 based on feedback 2020-03-09 09:18:44 -04:00
t0-n1 fe8cd52c9d Use VHOST instead of RHOST 
The 'vhost_uri: true' enables the successfully exploitation of this vulnerability in environments where you can't use an IP address (RHOST) to access the OWA web page.
 2020-03-07 10:43:51 +01:00
Spencer McIntyre 4c004d51a7 Add an exploit for CVE-2020-0618 2020-03-06 16:21:37 -05:00
Alan Foster 3a046f01da Run rubocop -a on subset of files 2020-03-06 10:41:45 +00:00
dwelch-r7 4fe7678b01 Land #12910, Add exploit module for apache activemq traversal 2020-03-05 15:05:13 +00:00
dwelch-r7 c7ca43b585 reformat date to iso standard 2020-03-05 15:03:05 +00:00
kalba-security 633899402c Split up description 2020-03-04 17:02:34 +02:00
kalba-security a87a1ae1b4 Split up description 2020-03-04 16:57:36 +02:00
William Vu ba924b3047 Land #13014, Exchange ECP ViewState exploit 2020-03-03 17:23:17 -06:00
William Vu 4759f7d39d Check for nil res 2020-03-03 17:17:28 -06:00
William Vu 573b8302ec Fix missing var and change default target 2020-03-03 17:15:19 -06:00
Spencer McIntyre a4feaec188 Implement a check method for cve-2020-0688 2020-03-03 14:22:27 -05:00
kalba-security cd6c01ae9d Add suggestions from code review. 2020-03-03 20:17:13 +02:00
Spencer McIntyre 5574eaa591 Make a new .NET serialization lib 2020-03-03 10:41:59 -05:00
Spencer McIntyre 167f1027c4 Address initial PR feedback 2020-03-02 12:21:24 -05:00
Spencer McIntyre b3867dc200 Finish up the cve-2020-0688 module 2020-03-02 10:51:25 -05:00
Spencer McIntyre 203b2486ae Commit some work on the module for a milestone 2020-03-01 11:07:32 -05:00
Spencer McIntyre 29608d13bf Save some work before changing context 2020-02-28 08:30:59 -05:00
Spencer McIntyre c9d9d3af29 Figured out how to generate the viewstate 2020-02-27 21:57:08 -05:00
Alan Foster af9d2a28de Fix msftidy warnings 2020-02-26 14:56:08 +00:00
Brent Cook 8489bcdfd9 This fixes broken links to the community.rapid7.com blog 
Performed mechanically with sed, spot-checked that the new blog can consume these links.
 2020-02-18 09:06:11 -06:00
kalba-security 2360b0e2ff clean up module using msftidy 2020-02-04 13:14:03 +02:00
kalba-security 20386f1aa4 Add apache_activemq_traversal_upload module and documentation 2020-02-04 12:01:41 +02:00
Brendan Coles 326fd26219 Check for nil response due to connection failure 2020-01-05 21:39:34 +00:00
dwelch-r7 951fd7b93e Replace double quotes with single quotes 2019-10-08 11:44:41 +01:00
dwelch-r7 25937c9e35 Use uri param and clean up logging 2019-10-07 17:15:04 +01:00
dwelch-r7 4eb068c9b0 Update target 2019-10-07 15:25:27 +01:00
dwelch-r7 02376c88fe Use httpclient over tcpclient 2019-10-07 15:20:30 +01:00
dwelch-r7 b723d026ab Address code review comments 
Use strings in info hash, port is an integer, remove version number from
name
 2019-10-06 15:27:29 +01:00
dwelch-r7 06661df510 Make rubocop happy 2019-10-04 15:12:51 +01:00