adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
48,814 Commits 27 Branches 1,043 Tags
c6dddaa481406ee46ca2aed233c8fb7dedd05cf9
Commit Graph

24877 Commits

Author SHA1 Message Date
Wei Chen 5951f5724e Pass msftidy 2018-10-06 16:04:07 -05:00
Wei Chen 7c1fbf2c5a Update description 2018-10-06 09:22:35 -05:00
Wei Chen a25a7086b2 Rename file 2018-10-06 09:20:15 -05:00
Wei Chen c7efd57144 Sync up with master 2018-10-06 08:27:01 -05:00
Brent Cook 3d507250b0 Land #9745, Update QNX iwatchd to use newer APIs 2018-10-06 05:06:42 -04:00
Brent Cook c9ebe5ae23 Land #9745, Add ifwatchd QNX privilege escalation exploit module 2018-10-06 05:03:50 -04:00
Brendan Coles 89b6aafd85 Use register_file_for_cleanup 2018-10-06 04:37:04 +00:00
Brent Cook e2f97c75a0 Land #10616, update Unitrends UEB module to support vulnerabilities in version 10 2018-10-05 16:20:38 -05:00
Brent Cook a51243ce91 Land #10745, Update lastore_daemon_dbus_priv_esc tested versions 2018-10-05 11:35:31 -04:00
William Vu 7bc98e0ea8 Fix formatting and convert a missed AKA reference 2018-10-05 03:22:08 -05:00
William Vu d9cb052189 Fix improper use of the Ruby shovel operator (<<) 
junk would be modified and returned, and we just want to return the
concatenated string. Practically doesn't matter, but it's incorrect.

This was my first public module. I've been wanting to fix this since.
I'm noticing it again now as I look for how I used Ret in a target.
 2018-10-05 02:18:06 -05:00
bwatters-r7 28fb27187a Land #10418, Add DCOM/RPC NTLM Reflection (MS16-075) Via Reflective DLL 
Merge branch 'land-10418' into upstream-master
 2018-10-04 16:54:53 -05:00
bwatters-r7 9a45c66db4 Fixed check to you know, check. 2018-10-04 16:38:35 -05:00
Brendan Coles fe7ce02dfd Update tested versions 2018-10-04 21:13:21 +00:00
William Vu 9f30512532 Land #10707, module traits to augment module rank 2018-10-04 13:26:14 -05:00
Jacob Robles 071aa04111 Land #10738, Add Zahir Enterprise 6 build 10b BOF 2018-10-04 11:00:12 -05:00
Wei Chen fb60558777 Land #10712, Make exploit/linux/http/axis_srv_parhand_rce more stable 2018-10-04 10:10:28 -05:00
Jacob Robles 060c68d2e0 Aligment, minor modifications 2018-10-04 10:10:09 -05:00
Jacob Robles 8b955f8ec5 Land #10704, Navigate CMS Unauthenticated RCE 2018-10-04 06:44:21 -05:00
Brent Cook ff0ee51da1 Land #10686, ARGS, TIMEOUT, and output to upload_exec module 
Merge remote-tracking branch 'upstream/pr/10686' into upstream-master
 2018-10-04 04:28:02 -05:00
Thomas Gregory 144c76ecd4 Latest fix based on @jrobles-r7 recommendations 
Fixing:
- MetasploitModule class changed
- Remove the word 'exploit' from name
- Remove StackAdjustment
- Remove Privileged option
- Remove make_nops(12)
- Remove extra buffer at the end of exploit
 2018-10-04 16:18:02 +07:00
Thomas Gregory 991ac3c671 Fixing for msftidy 
Fixing some format because still throw errors
 2018-10-03 18:55:29 +07:00
Thomas Gregory cb5d68b641 Fixing based on msftidy.rb 
Makes msftidy happy
 2018-10-03 17:13:24 +07:00
William Vu e0a664c0cd Improve prints, use FileDropper, and bump TIMEOUT 2018-10-02 21:53:18 -05:00
bwatters-r7 428d368444 shut up, rubocop 2018-10-02 14:40:55 -05:00
bwatters-r7 64d53cd882 code cleanup 2018-10-02 14:06:25 -05:00
Fabio Poloni 4927f96f61 Fixed small typo 2018-10-02 15:57:57 +02:00
Jacob Robles 97729727d8 Minor modifications 2018-10-02 06:57:04 -05:00
Brent Cook faae2ac2f9 Land #10725, move post/android/gather/subinfo 2018-10-02 05:14:41 -05:00
Brent Cook 2c0d4de70b Land #10732, add api key for android wlan_geolocate 2018-10-02 05:09:10 -05:00
Tim W 6dd36bd8da Land #10427, add OSX VNC password gather module 2018-10-02 14:47:51 +08:00
Tim W b5cf682169 cleanup post/osx/gather/vnc_password_osx and add loot/credentials 2018-10-02 14:22:09 +08:00
Tim W b993d74f6c minor tweak 2018-10-02 11:41:58 +08:00
Tim W 5cfc19b804 fix post/multi/gather/wlan_geolocate on Android 2018-10-02 11:35:47 +08:00
Rob 6f5a8f8f42 Fix outdated metadata 2018-10-01 18:59:09 +01:00
space-r7 a0052c7f47 Add evasion module using HTA + JavaScript + C# 2018-10-01 12:57:05 -05:00
Tim W 37dc0ce64d fix post/android/gather/subinfo.rb path 2018-10-01 16:54:46 +08:00
modpr0be ff560ee990 Add test for Zahir 0day exploit 
Add test for Zahir 0day exploit, need to test more e.g. VirtualBox or Physical machines.
 2018-09-29 18:59:14 +07:00
William Vu ee06ec2fda Background a subshell to continue execution 
This provides a more stable injection. I should have tested this sooner.
 2018-09-27 23:51:42 -05:00
William Vu 0dab5b622f Change default target to cmd/unix 2018-09-27 23:39:32 -05:00
William Vu e999b4d81c Lower rank to AverageRanking 2018-09-27 23:28:13 -05:00
William Vu 7a2d0acee6 Add basic check method and move rand_srv 
The .srv can be random each request.
 2018-09-27 23:28:13 -05:00
William Vu d29d936d6f Bump WfsDelay to 10 for this slow-ass device 2018-09-27 23:28:13 -05:00
Wei Chen 086e2b311b Update constants 2018-09-27 12:31:04 -05:00
Pyriphlegethon 342cfe4199 Refactor again 2018-09-27 12:38:05 +02:00
Pyriphlegethon 82b1f40925 Add cleanup code 2018-09-27 11:17:53 +02:00
Pyriphlegethon 2b86297138 Refactor 2018-09-27 11:16:54 +02:00
Pyriphlegethon f55483d17d Fix incorrect session_id extraction 2018-09-27 11:07:43 +02:00
Wei Chen 9064fac1ff Fix code based on Will's feedback 2018-09-26 21:13:37 -05:00
Wei Chen 583874d370 Update use of reliability/side-effects/stability metadata 2018-09-26 18:54:08 -05:00