adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,490 Commits 27 Branches 1,043 Tags
be21ef692d401b119bb797eccf3bb9783ab27793
Commit Graph

28214 Commits

Author SHA1 Message Date
Brent Cook 346b593a18 Land #13130, Transport and pivot fixes for meterpreter 2020-03-25 15:10:47 -05:00
bwatters-r7 beb53254c7 Land #13122, Add Exploit Module For CVE-2020-0646 (SharePoint Workflows XOML RCE) 
Merge branch 'land-13122' into upstream-master
 2020-03-25 11:24:15 -05:00
bwatters-r7 d5107a1f79 Land #13030, New Windows post module: install_python 
Merge branch 'land-13030' into upstream-master
 2020-03-25 09:08:04 -05:00
bwatters-r7 37caf96ae9 Add TLS to web request in download script 2020-03-25 07:30:05 -05:00
bwatters-r7 17d78ecb4b Land #13059, Limit Option Sizes When Appropriate 
Merge branch 'land-13059' into upstream-master
 2020-03-24 17:01:21 -05:00
Spencer McIntyre 54edd201e4 Cleanup cmdstager options 2020-03-24 17:14:47 -04:00
Spencer McIntyre a69f3eb946 Use the correct its instead of it's 2020-03-24 16:44:18 -04:00
Spencer McIntyre b3b6450958 Land #12988, use the API for users and groups 
This adds and uses the functionality to leverage the Windows API for
managing users and groups via meterpreter sessions. This replaces
relevant functionality in a few modules which previously relied on shell
commands.Merge branch 'pr/12988' into upstream-master
 2020-03-24 16:06:52 -04:00
Spencer McIntyre d92d1448ef Minor whitespace and verbage cleanups 2020-03-24 16:03:40 -04:00
tperry-r7 d32640d179 Land #13133 clean up module documentation 
Land #13133 clean up module documentation
 2020-03-24 12:29:27 -05:00
Spencer McIntyre a0cd00dac7 Cleanup module doc and comments for CVE-2020-0646 2020-03-24 10:15:58 -04:00
h00die 0b4c047411 doc cleanup 2020-03-24 08:47:21 -04:00
Brent Cook 4c93933b6e HTTP pivot fixes for Meterpreter 2020-03-24 05:40:02 -05:00
Spencer McIntyre 0832604131 Finish up the CVE-2020-0646 SharePoint RCE 2020-03-23 18:14:28 -04:00
Srikanth Suresh 005601f76e Changing from Remote to Local 
Using https://github.com/rapid7/metasploit-framework/issues/13116 as the reference
 2020-03-23 20:40:25 +03:00
Shelby Pace fd8ceb0db2 Land #13082, add Horde Groupware Webmail RCE 2020-03-23 07:32:53 -05:00
Shelby Pace 475c24361d randomize file name 2020-03-23 07:28:04 -05:00
bluesentinel 597c97da45 Refactored and added support for specifying Python versions 2020-03-22 14:10:06 -04:00
Shelby Pace c6eebe4ca3 replace equality with include? 2020-03-20 21:19:29 -05:00
Spencer McIntyre 6c24ed4c96 Initial SharePoint WorkFlows XOML RCE module 2020-03-20 17:57:54 -04:00
cn-kali-team 3fd1a2cee1 remove default completely 2020-03-21 03:00:01 +08:00
cn-kali-team 10d5eda489 Check domain first on domain_mode 2020-03-21 01:34:03 +08:00
cn-kali-team f9af8ed184 get_domain with api 2020-03-20 14:15:39 +08:00
cn-kali-team a2f7551aa7 get_domain with api 2020-03-20 14:15:18 +08:00
cn-kali-team 9bff7de41b Fix moving the keyword argument to the end 2020-03-20 14:12:01 +08:00
cn-kali-team 62e60fbc81 Fix checking if the group already exists. 2020-03-20 12:08:24 +08:00
Spencer McIntyre 5b2f744cd8 Land #13070, fix Cisco DCNM directory search regex 2020-03-19 13:17:27 -04:00
Adam Galway f165527e88 Land #12851, DOS attack on Tautulli <=2.1.9 2020-03-19 16:42:07 +00:00
Andrea Cardaci 40d6dd14c4 Remove the check method 2020-03-18 20:29:49 +01:00
Andrea Cardaci 19e9848592 Remove trailing spaces 2020-03-17 19:06:57 +01:00
Andrea Cardaci bbb152a6d8 Update modules/exploits/multi/http/horde_csv_rce.rb 
Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-03-17 19:02:34 +01:00
Andrea Cardaci eccee07e8b Update modules/exploits/multi/http/horde_csv_rce.rb 
Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-03-17 19:02:07 +01:00
Andrea Cardaci a60652898f Update modules/exploits/multi/http/horde_csv_rce.rb 
Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-03-17 19:01:03 +01:00
Andrea Cardaci a4ff847170 Update modules/exploits/multi/http/horde_csv_rce.rb 
Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-03-17 18:57:06 +01:00
Shelby Pace 922f1ec708 Land #12901, add Centreon poller rce 2020-03-17 12:16:29 -05:00
Shelby Pace 2717683825 change message 2020-03-17 12:15:06 -05:00
Shelby Pace 98f4642c2d remove comments / check 2020-03-17 10:33:12 -05:00
Alan Foster 5d9d3926e4 Land #13066, add rConfig 3.9 RCE module 2020-03-16 11:18:59 +00:00
RAMELLA Sébastien 0efe53d869 fix somes code review comments. 2020-03-15 13:30:23 +04:00
Andrea Cardaci 126f5ca05d Add 'Horde CSV import arbitrary PHP code execution' (CVE-2020-8518) 2020-03-14 16:07:51 +01:00
cn-kali-team 3c46221eb3 remove original add_user file 2020-03-14 11:04:37 +08:00
cn-kali-team 44038f1bef Add my code to add_user_domain and rename add_user_domain to add_user 2020-03-14 11:04:08 +08:00
William Vu ddefafab78 Revert "Patch serialVersionUID in the library" 
This reverts commit eaf8554e69.
 2020-03-13 17:36:40 -05:00
Spencer McIntyre 2a5c43302b Land #13071, add ManageEngine Desktop Central RCE 2020-03-13 15:20:57 -04:00
William Vu 02e2072a87 Update module traits after joint testing 2020-03-13 14:01:54 -05:00
William Vu eaf8554e69 Patch serialVersionUID in the library 2020-03-13 13:17:26 -05:00
William Vu c11be38e1c Default to certutil CmdStager 2020-03-13 12:38:07 -05:00
William Vu 03ff32210e Fix CmdStager target 2020-03-13 12:26:45 -05:00
William Vu 0806e9ef42 Add CmdStager target back in so we can debug it 2020-03-13 11:17:37 -05:00
William Vu 4f6720f962 Add TARGETURI back in 2020-03-13 11:05:14 -05:00