adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
46,291 Commits 27 Branches 1,043 Tags
ca5e496b8fd4e5f0a19c9ea618bedd705236b6be
Commit Graph

1712 Commits

Author SHA1 Message Date
William Vu ca5e496b8f Run rubocop -a 2018-07-11 21:40:19 -05:00
Green-m 0ef0fae2b2 rm test code 2018-05-10 22:17:38 -04:00
Green-m 24de2a3cd0 Merge branch 'master' into couchdb_cmd_exec 2018-05-07 02:53:13 -04:00
Green-m 96a354ffc4 Merge branch 'couchdb_cmd_exec' of https://github.com/Green-m/metasploit-framework 2018-05-06 23:07:14 -04:00
Brent Cook 79d8f5e86c autofilter = false means skip, which is reverse of intuition 2018-04-26 17:20:55 -05:00
Jeffrey Martin 54aaf1f718 Land #9937, enable autofilter on tp-link camera exploit 2018-04-26 16:08:09 -05:00
Brent Cook 4789cdc596 enable autofilter on tp-link camera exploit 2018-04-26 14:56:39 -05:00
Brent Cook 0fa0358993 Land #9853, Update Linux sock_sendpage local exploit module 2018-04-26 14:30:51 -05:00
bwatters-r7 1c92134606 Land #9756, Add lastore-daemon D-Bus Privilege Escalation exploit 
Merge branch 'land-9756' into upstream-master
 2018-04-20 15:45:37 -05:00
bwatters-r7 37a844bef0 Land # 9247, Add ASUS infosvr Auth Bypass Command Execution exploit 
Merge branch 'land-9247' into upstream-master
 2018-04-20 11:24:47 -05:00
Green-m 0286204b5d Couchdb debug code 2018-04-12 03:54:02 -04:00
Green-m 054e525a61 Couchdb debug code 2018-04-12 03:51:37 -04:00
Brendan Coles fc7040099c Update Linux sock_sendpage local exploit module 2018-04-10 11:15:42 +00:00
Green-m 3c5cbd2664 Use cmdstager method, update function to clean file, delete lots of useless code and etc. 2018-04-10 06:14:47 -04:00
Green-m c0be313691 Update the get_version and check function 2018-04-09 00:07:58 -04:00
Green-m 6682acc4db Pass range as parameter to rand_text_alpha_lower 2018-04-08 23:38:44 -04:00
Green-m dabd9c8811 Improve function get_version and check 2018-04-08 07:51:37 -04:00
Green-m fd83caf51d use Gem::Version between 2018-04-08 02:23:45 -04:00
Green-m 076a73c2ee use Gem::Version for version comparisons 2018-04-07 23:37:56 -04:00
Green-m 0d470f67ef Run bash on the script directly. 2018-04-04 05:49:35 -04:00
Green-m c53341f6c0 Fix msftidy problem. 2018-04-04 00:38:57 -04:00
Green-m 388927b933 Add advanced option Attempts to control exploit times 2018-04-04 00:08:32 -04:00
Green-m 2472bfdfdc Fix rand_text_alpha_lower problem. 2018-04-03 23:05:08 -04:00
Green-m bbf6d072ea Fix some errors and bugs. 2018-04-03 22:47:41 -04:00
Green-m 611a3dc19c Add exploit module apache_couchdb_cmd_exec 2018-03-27 05:43:03 -04:00
Brendan Coles 9bb6e72020 Add lastore-daemon D-Bus Privilege Escalation exploit 2018-03-24 23:16:42 +00:00
William Vu 176fb13c84 Fix #9650, missed code from TelnetEnable refactor 
1. Functionality was added incrementally, and I missed an opportunity to
consolidate a few methods under @do_exploit.
2. The Capture mixin can raise RuntimeError for a number of different
reasons, not just a lack of root privileges.

tl;dr Fix my incompetence and laziness. :-)

I don't think EDB and friends usually get these updates. :(
 2018-03-05 14:46:27 -06:00
William Vu 6dbf9445c9 Add MAC address discovery 2018-03-02 19:18:30 -06:00
William Vu 107512498c Add check method 2018-03-02 19:16:37 -06:00
William Vu 25f36fb926 Refactor code into new methods 2018-03-02 19:16:37 -06:00
William Vu 109bc87ffb Check for nil, EOFError, and zero-length response 2018-03-02 19:15:20 -06:00
William Vu bcdfebf93c Add a vprint for creds we chose 2018-03-02 19:15:19 -06:00
William Vu 4418a0de02 Enhance detection of telnetenabled vs. telnetd 2018-03-02 19:15:19 -06:00
William Vu fba30d47a2 Use default creds specific to protocol 2018-03-02 19:15:18 -06:00
William Vu 1f40afea9c Add automatic target for detection of TCP or UDP 2018-03-02 19:15:18 -06:00
William Vu a5e5b618fd Add print statements I forgot 2018-03-02 19:15:17 -06:00
William Vu e87681f2c4 Add NETGEAR TelnetEnable 2018-03-02 19:15:17 -06:00
bwatters-r7 4b8a8fa2b1 Land #9441, Create exploit for AsusWRT LAN RCE 
Merge branch 'land-9441' into upstream-master
 2018-02-22 10:40:45 -06:00
Brent Cook 78822fd799 Land #9524, prefer 'shell' channels over 'exec' channels for ssh CommandStream 2018-02-21 06:59:09 -06:00
h00die 285b329ee1 Land #9422 abrt race condition priv esc on linux 2018-02-11 11:58:39 -05:00
Pearce Barry add7ae8fa1 Land #9536, Add Ubuntu notes to documentation 2018-02-11 07:27:00 -06:00
Pearce Barry 321b78b0fe Land #9408, Add Juju-run Agent Privilege Escalation module (CVE-2017-9232) 2018-02-11 07:19:49 -06:00
Brendan Coles 4e5cbd68b9 Add Ubuntu notes to documentation 2018-02-11 06:52:36 +00:00
Brendan Coles 0d573e1434 Support shell sessions 2018-02-09 16:15:04 -05:00
Brendan Coles 45249d582d Add partition check 2018-02-09 16:15:04 -05:00
Brendan Coles 0ba37f8104 Add glibc $ORIGIN Expansion Privilege Escalation exploit 2018-02-09 16:15:04 -05:00
h00die cb1b59545b Land #9469 linux local exploit for glibc ld audit 2018-02-09 14:00:42 -05:00
Brendan Coles 5b251ae672 Support shell sessions on Debian 2018-02-08 11:29:09 +00:00
Brent Cook b1d0529161 prefer 'shell' channels over 'exec' channels for ssh 
If a command is not specified to CommandStream, request a "shell"
session rather than running exec. This allows targets that do not have a
true "shell" which supports exec to instead return a raw shell session.
 2018-02-08 02:21:16 -06:00
Brendan Coles d078ab8033 Use 'exit' CommandShellCleanupCommand 2018-02-06 13:36:36 +00:00