adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
50,629 Commits 27 Branches 1,043 Tags
c48a6ddbdfc02bf92b8d4e247dbe89bdfba4e821
Commit Graph

353 Commits

Author SHA1 Message Date
Brendan Coles 24f807490f revisionism 2019-01-10 19:19:14 +00:00
Shelby Pace 29e7c49332 Land #10444, add Consul rexec RCE module 2018-12-28 09:14:28 -06:00
Shelby Pace fb8f06b2f5 Land #10443, add Consul service RCE module 2018-12-28 08:33:56 -06:00
Quentin Kaiser 18c844623a Remove extra spaces. 2018-12-24 13:48:07 +01:00
Quentin Kaiser e10792f4e6 Remove extra space. 2018-12-24 13:30:03 +01:00
Jacob Robles 4bc871c499 Add CmdStager to erlang_cookie_rce 2018-12-21 07:33:37 -06:00
Quentin Kaiser bf2de42077 Now supports all version of Consul. 2018-12-20 18:56:07 +01:00
Quentin Kaiser 2919b970cd Implement execution checks with a timeout limit so we don't leave zombie checks running in background. 2018-12-20 18:41:35 +01:00
Quentin Kaiser ba5c40db77 No need for CVE field. 2018-12-20 18:18:53 +01:00
Milton-Valencia bb758f9a61 I didn't forget msftidy I swear 2018-12-18 14:55:12 -06:00
Milton-Valencia 8a2a605a99 added targets 2018-12-18 14:50:57 -06:00
Quentin Kaiser ef8601aa71 Bail early if we receive an unexpected response. 2018-12-18 19:42:26 +01:00
Quentin Kaiser 4ee7bdee6c Merge branch 'consul_service_exec' of github.com:QKaiser/metasploit-framework into consul_service_exec 2018-12-18 19:33:51 +01:00
Quentin Kaiser b3563b1bc2 Cleaner version of check function thanks to @bcoles. 2018-12-18 19:33:30 +01:00
Brendan Coles 5e134d7d8d Update modules/exploits/multi/misc/consul_service_exec.rb 
Co-Authored-By: QKaiser <QKaiser@users.noreply.github.com>
 2018-12-18 19:27:19 +01:00
Brendan Coles 5192c081ee Update modules/exploits/multi/misc/consul_service_exec.rb 
Co-Authored-By: QKaiser <QKaiser@users.noreply.github.com>
 2018-12-18 19:27:08 +01:00
Quentin Kaiser 6ad40deac3 print_status will never throw a JSON::ParseError exception. 2018-12-18 19:15:13 +01:00
Quentin Kaiser a52ffbcead Missing disclosure date. 2018-12-18 17:03:09 +01:00
Quentin Kaiser a3d020a7e2 Add support for authorization with X-Consul-Token ACL header. 2018-12-18 16:56:03 +01:00
Quentin Kaiser 1839144978 Cleaner to define this as a Hash, then call .to_json on it. 2018-12-18 16:53:49 +01:00
Quentin Kaiser 177ae2f927 fail_with is not allowed in check method. Use vprint_error and return a CheckCode instead. Cleaner response check in check function. Usage of CheckCode instead of Exploit::CheckCode. 2018-12-18 16:33:53 +01:00
Quentin Kaiser 0feadf636b Define in RPORT and SSL in register_options rather than DefaultOptions. Support for echo and printf command stager flavors + support for curl and wget command stager flavors (hence reactivation of SRVHOST, SRVPORT, URIPATH and SSLCert). 2018-12-18 16:29:36 +01:00
Quentin Kaiser 0acdcd98f2 Merge branch 'master' into consul_service_exec 2018-12-18 16:27:08 +01:00
Quentin Kaiser f487f978c2 Merge branch 'consul_exec' of github.com:QKaiser/metasploit-framework into consul_exec 2018-12-18 16:09:18 +01:00
Quentin Kaiser 08541cd7b9 Merge branch 'master' into consul_exec 2018-12-18 16:07:08 +01:00
Quentin Kaiser a1e1e4a4f4 Remove useless comment. 2018-12-18 16:05:50 +01:00
Quentin Kaiser b80e5715d4 Add support for authorization with X-Consul-Token ACL header. 2018-12-18 16:02:39 +01:00
Quentin Kaiser 551f8c5e92 Support for echo and printf command stager flavors + support for curl and wget command stager flavors (hence reactivation of SRVHOST, SRVPORT, URIPATH and SSLCert). 2018-12-18 15:48:58 +01:00
Quentin Kaiser f290221a66 Cleaner response check in check function. Usage of CheckCode instead of Exploit::CheckCode. 2018-12-18 15:36:52 +01:00
Quentin Kaiser aeec5cf23e Cleaner to define this as a Hash, then call .to_json on it. Better support of agent definition in check function. 2018-12-18 15:31:30 +01:00
Quentin Kaiser e51530688b fail_with is not allowed in check method. Use vprint_error and return a CheckCode instead. 2018-12-18 15:09:04 +01:00
Quentin Kaiser 4682cf5796 Define in register_options rather than DefaultOptions. 2018-12-18 15:04:28 +01:00
Milton-Valencia 3f1aa425b4 msftidy....lol 2018-12-13 11:03:41 -06:00
Milton-Valencia 2e26ceac8f added comments 2018-12-13 10:55:09 -06:00
Milton-Valencia 565f2e3e38 wait wrong 2018-12-09 19:23:54 -06:00
Milton-Valencia ee2ed46143 added date based on man page 2018-12-09 19:17:22 -06:00
Shelby Pace 6712363bb5 Land #10737, add TeamCity XML-RPC exploit module 2018-11-27 14:59:37 -06:00
Shelby Pace 56f14733a9 changed cmd_stager flavor to printf 2018-11-27 14:23:56 -06:00
Quentin Kaiser 1d337e9987 No debug. 2018-10-29 13:46:07 +01:00
Quentin Kaiser e76f3ab22f No debug. 2018-10-29 13:44:16 +01:00
Dylan Pindur 94e45b12b1 Replace cmd generation with built-in stager module 2018-10-07 10:15:10 +08:00
Dylan Pindur 0f34f94496 Add back SSL options for tc-agent-xmlrpc-module 2018-10-05 15:11:13 +08:00
Dylan Pindur 8ae0bcbacd Refactor if statements to be cleaner 2018-10-05 09:48:44 +08:00
Dylan Pindur 11d9b44922 Add exploit module for TeamCity Agent XMLRPC 2018-10-03 18:33:10 +08:00
William Vu 4c036e70c1 Fix http://seclists.org links to https:// 
I have no idea how this happened in my own code. I was seeing https://.
 2018-09-15 18:54:45 -05:00
Jacob Robles 9d3e1c1942 Land #10540, weblogic_deserialize, add check method and linux target 2018-08-30 06:08:03 -05:00
Jacob Robles 3161beff69 Prefer opt hash 2018-08-29 14:56:31 -05:00
Jacob Robles bc4442694e Fix Windows target options, remove comspec 2018-08-29 14:23:00 -05:00
Jacob Robles 94e8cdac37 Move files to correct location 2018-08-28 12:38:54 -05:00
Wei Chen 3d0d8f7773 Update false negatives on post auth information 2018-08-20 15:43:07 -05:00