adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
58,189 Commits 27 Branches 1,043 Tags
bccc17e4aef2eae4bc0e736db51184fef761c7ce
Commit Graph

3703 Commits

Author SHA1 Message Date
Shelby Pace 2f083b03dd Land #14140, add software enumeration module 2020-09-23 18:43:28 -05:00
Grant Willcox 1710b98ba4 Land #14173, Unify the socks modules using a VERSION option 2020-09-22 17:09:34 -05:00
Grant Willcox 6d78a54e61 Update the documentation to include the output of 'show options' so people can see what options we are running it with, and so it uses MSF6 prompts 2020-09-22 17:08:56 -05:00
Grant Willcox 13bf1b7711 Land #14118, SecureCRT Session Credential Grabber, try 2 2020-09-22 15:38:25 -05:00
Grant Willcox a96827a823 Land #14118, SecureCRT Session Credential Grabber 2020-09-22 15:17:04 -05:00
Grant Willcox 02320dd76f Apply tidying fixes to the documentation to make it msftidy_docs.rb compatible. 2020-09-22 14:54:33 -05:00
Grant Willcox b9fa36c89b Add in option to decrypt Login Script V3 within session files and also update some of the existing regex to fix some minor mistakes 2020-09-22 14:47:28 -05:00
William Vu f74eba731e Land #14151, Zerologon (CVE-2020-1472) module 2020-09-22 14:02:23 -05:00
Spencer McIntyre 77f0d90bf0 Unify the socks modules using a VERSION option 2020-09-22 10:16:00 -04:00
Christophe De La Fuente 2d1b378a18 Land #14122, Jenkins Deserialization RCE (CVE-2017-1000353) 2020-09-22 12:32:09 +02:00
Shelby Pace 2ae50e9304 Land #14025, add Artica Proxy auth bypass / rce 2020-09-21 15:27:53 -05:00
h00die ee77cc8e78 Land #14123, vyos restricted shell escape and priv escalation 2020-09-19 09:13:38 -04:00
Spencer McIntyre a810d37c47 Move the NetrServerPasswordSet2 DCERPC data defs into RubySMB 2020-09-18 16:19:23 -04:00
Spencer McIntyre fdedcfa600 Updates to use the latest proposed RubySMB changes 2020-09-18 14:27:14 -04:00
Brendan Coles 6208f8795a vyos_restricted_shell_privesc: support login as admin user 2020-09-18 15:49:25 +00:00
Grant Willcox f6b032b744 Add warning about Linux results to documentation and to the module's description field 2020-09-18 10:35:59 -05:00
Shelby Pace 74669f4052 Land #14135, add tp-link command injection 2020-09-18 09:47:02 -05:00
Shelby Pace f4bfad0439 msftidy_docs changes 2020-09-18 09:42:14 -05:00
Pietro Oliva 5f204257a5 Remove unnecessary comma, fix docs 2020-09-18 10:15:23 -04:00
Pietro Oliva d3f68d0fe4 Fix double shell issue 2020-09-18 09:23:02 -04:00
Shelby Pace c04e8d73c3 Land #14023, spooler svc privesc (PrinterDemon) 2020-09-17 16:06:29 -05:00
Shelby Pace 510d119579 add steps for producing serialized object 2020-09-17 13:58:48 -05:00
Spencer McIntyre 27b6c8a55b Add module docs and apply rubocop fixes to the module 2020-09-17 14:28:53 -04:00
Christophe De La Fuente 7323447c0a Land #14117', Hyper-V VM Enumeration Module 2020-09-17 17:52:27 +02:00
Shelby Pace f5f010a1b0 Update documentation/modules/exploit/linux/http/jenkins_cli_deserialization.md 
Co-authored-by: cdelafuente-r7 <56716719+cdelafuente-r7@users.noreply.github.com>
 2020-09-17 09:11:43 -05:00
Pietro Oliva 072f35c270 -Updated module to work using CmdStager 
-Updated documentation accordingly
-Removed unnecessary includes and simplified code
 2020-09-16 19:51:15 -04:00
Grant Willcox 85ef2b602e Fix up regex in module to address changes noted in review. Also update documentation to remove an extra line and to address review recommendtations 2020-09-16 16:02:54 -05:00
Spencer McIntyre c2d101a06b Land #14126, Add Microsoft Exchange Server DLP Policy RCE (CVE-2020-16875) 2020-09-16 16:31:13 -04:00
William Vu 03e0b9098c Add more words about Exchange role groups 2020-09-16 12:55:08 -05:00
bwatters 198f3905ae Logic errors and typos 2020-09-16 11:17:39 -05:00
bwatters ce8033714d remove copy/pasta code and fix version check 2020-09-16 11:17:39 -05:00
bwatters c2e2a4fe2c More Rubocop, add documentation, and typo fix 2020-09-16 11:17:39 -05:00
Shelby Pace 0f0d6a233b Land #14074, add Mida eFramework command injection 2020-09-16 10:24:51 -05:00
William Vu e118ff1509 Add Microsoft Exchange Server DLP Policy RCE 
CVE-2020-16875
 2020-09-16 02:41:08 -05:00
Grant Willcox 30b8fd4d4a Upload initial documentation 2020-09-15 17:39:12 -05:00
0xsysenter b0f329a238 Update documentation/modules/exploit/linux/http/tp_link_ncxxx_bonjour_command_injection.md 
improved documentation

Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-09-15 21:00:06 +02:00
0xsysenter a987065eae Update documentation/modules/exploit/linux/http/tp_link_ncxxx_bonjour_command_injection.md 
improved documentation

Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-09-15 20:59:31 +02:00
William Vu 5ba3301d16 Fix nexus_repo_manager_el_injection.md scenario 
Missed in 966194d2b7.
 2020-09-15 13:14:36 -05:00
Pietro Oliva 19d8527275 Added module documentation 2020-09-15 12:32:27 -04:00
Niboucha Redouane 3a09337935 Remove AUTH_BYPASS target 2020-09-15 01:51:34 +02:00
Christophe De La Fuente e11840c2a5 land #14031, F5 processor 2020-09-14 18:38:58 +02:00
h00die daa10ea735 enhance user data parsing 2020-09-12 10:07:23 -04:00
bwatters f248f20b9e Land #13942, Add module for CVE-2020-9934 
Merge branch 'land-13942' into upstream-master
 2020-09-11 14:58:50 -05:00
Grant Willcox 2a520606f7 Apply fixes to module and documentation so that the output is easier to understand, contains better installation instructions, and also reflects the fact that this module really gathers SecureCRT sessions and decrypts the password if it is available, aka its still useful even if we don't decrypt the password 2020-09-11 13:41:56 -05:00
Brendan Coles 485c51c88c Add VyOS restricted-shell Escape and Privilege Escalation 2020-09-11 18:19:25 +00:00
Brendan Coles febe38e1ce resolve qa comments 2020-09-11 17:16:10 +00:00
Shelby Pace d86f9427c9 change version check and add sleep 2020-09-11 11:49:14 -05:00
cn-kali-team ea41644e73 add doc 2020-09-11 23:05:25 +08:00
Grant Willcox b3d386bdb4 Apply msftidy_docs.rb fixes and RuboCop the module 2020-09-11 09:40:37 -05:00
Tim W 93cdba483d add documentation 2020-09-11 17:31:40 +08:00