adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
60,213 Commits 27 Branches 1,043 Tags
d020b2fb5fa3c19360bff5d694e5446d6f331bd4
Commit Graph

657 Commits

Author SHA1 Message Date
Shelby Pace 71914a1ddb Land #14813, additional dup scout bof targets 2021-04-01 13:03:57 -05:00
Spencer McIntyre 11f4946817 Tweak some ProxyLogon verbiage for clarity 2021-03-29 10:07:43 -04:00
RAMELLA Sébastien 02b240b22a code review 2021-03-29 14:23:39 +04:00
bwatters 6505f9ccbd Land #14830, Adding FortiLogger 4.4.2.2 - Unauthenticated Arbitrary File Upload (CVE-2021-3378) 
Merge branch 'land-14830' into upstream-master
 2021-03-24 17:41:10 -05:00
bwatters e2dfca86f9 Add warning for failures after rebooting to the documentation. 2021-03-24 17:32:08 -05:00
Christophe De La Fuente 2dcd0fad04 Land #14860, Auxiliary/Exploit Scanner/Gather/RCE for Exchange ProxyLogon (CVE-2021-26855) 2021-03-23 13:10:15 +01:00
RAMELLA Sébastien 37b0552803 last code review before land 2021-03-22 23:20:40 +04:00
William Vu d4d9001c84 Fix typos 2021-03-22 14:16:45 -05:00
Spencer McIntyre 8605fe4529 Use POST for the check method and write the module docs 2021-03-22 15:04:21 -04:00
RAMELLA Sébastien c543b44fc2 fix: CmdStagerFlavor, add: Powershell target, ... 2021-03-21 22:47:27 +04:00
RAMELLA Sébastien f5c807590c a last round of review + rubocop 2021-03-20 01:23:43 +04:00
RAMELLA Sébastien 6e34a80693 fix. OAB + code review 2021-03-19 10:19:57 +04:00
bwatters 2c1869f9df Land #14907, Add exploit for CVE-2021-1732 
Merge branch 'land-14907' into upstream-master
 2021-03-18 14:29:59 -05:00
Spencer McIntyre 0bff88c0c0 Update the module metadata and add module docs 2021-03-16 10:40:34 -04:00
bwatters ae5d31cb39 Land # 14776, Add Window Server 2012 SrClient DLL Hijacking local exploit module 
Merge branch 'land-14776' into upstream-master
 2021-03-15 14:34:35 -05:00
kalba-security 98c04eae6c Remove TODO comment, update documentaton to include WAIT_FOR_TIWORKER option. 2021-03-15 07:51:12 -04:00
Alan Foster 9a92ac87a1 Ensure documentation files have md extension 2021-03-15 10:24:50 +00:00
RAMELLA Sébastien 59955f0a32 add. timeout and fix. CmdStagerFLavor 2021-03-15 01:10:56 +04:00
RAMELLA Sébastien dcf2b69d6d add. exploitation module doc and some changes 2021-03-14 22:49:41 +04:00
Grant Willcox 8dce1acd64 Land #14794, dup_scout_enterprise_login_bof: Add v9.9.14 target and auto targeting 2021-03-12 12:07:57 -06:00
Shelby Pace fbd6f19d04 Land #14846, add HPE SIM unauth AMF deser rce 2021-03-08 16:50:49 -06:00
Grant Willcox 514d46bd4d Rubocop module again and also update the documentation to reflect recent changes 2021-03-08 16:08:36 -06:00
Berkan 8b149a2c9b Fixed line numbers of verification steps 2021-03-06 22:50:12 +03:00
Grant Willcox 59d7288773 RuboCop module and fix small spelling mistake in documentation 2021-03-04 18:48:19 -06:00
Grant Willcox f193caa48e Also make sure that the default option is to use Windows Powershell since this supports Meterpreter and is generally a lot more reliable 2021-03-04 18:40:21 -06:00
Grant Willcox 3ef8fcd996 Update module to fix an extra print statement and write documentation 2021-03-03 10:14:41 -06:00
Brendan Coles 3da8fce9cf Add Microsoft Windows RRAS Service MIBEntryGet Overflow 2021-03-03 02:50:42 +00:00
Berkan 9617801bfd Edited document. 2021-03-02 15:05:48 +03:00
erberkan d3338e7380 fortilogger_arbitrary_fileupload 2021-03-01 19:30:39 +03:00
erberkan 648489cfe5 fortilogger_arbitrary_fileupdate 2021-03-01 17:55:55 +03:00
Brendan Coles 743248d993 Update KarjaSoft Sami FTP Server v2.0.2 USER Overflow module 2021-02-25 20:53:30 +00:00
Brendan Coles f89d67df19 dup_scout_enterprise_login_bof: Add v9.9.14 target and auto targeting 2021-02-25 17:14:25 +00:00
Brendan Coles 1f00ad011c dupscts_bof: Add additional targets and auto targeting 2021-02-25 17:12:27 +00:00
kalba-security 68d4b197fa Add SrClient DLL Hijacking local exploit module and docs 2021-02-18 13:50:28 -05:00
A Galway f227e82600 Land #14730, OBM Local PrivEsc to SYSTEM 2021-02-15 10:24:34 +00:00
Spencer McIntyre 77cc799974 Fix a target version discrepancy in the CVE-2020-17132 docs 2021-02-11 18:04:03 -05:00
Christophe De La Fuente 88eaf97e79 Land #14607, Updates for Exchange ECP DLP Policy Exploit 2021-02-11 15:15:34 +01:00
Pedro Ribeiro d884df96e2 fix msftidy docs 2021-02-09 14:37:35 +07:00
Pedro Ribeiro 90f8c1f7b9 add tested for 2019.11 too 2021-01-30 21:54:48 +07:00
Pedro Ribeiro 137664818d add obm windows privesc sploit 2021-01-29 18:45:33 +07:00
JulienBedel 8f6dd43025 Add documentation 2021-01-18 12:02:46 +01:00
Christophe De La Fuente c8819259ae Land #14414, CVE-2020-1337 - patch bypass for CVE-2020-1048 2021-01-15 19:13:14 +01:00
Spencer McIntyre 7936ce8b5e Update the documentation with additional information 2021-01-13 09:53:10 -05:00
bwatters d8e68e6487 Specify you must be SYSTEM for dll removal in docs and removed unused variable in the module 2021-01-12 11:45:53 -06:00
Spencer McIntyre 33bd712e0a Land #14585, Create module for CVE-2020-17136: Cloud Filter Arbitrary File Creation EoP 2021-01-11 17:16:40 -05:00
bwatters 50e115b414 Cleanup and edits per review from Christophe 
Removed unused method from ps script
Cleaned up some code in the module
Added removal instructions to the documentation
 2021-01-11 16:02:58 -06:00
Grant Willcox 3072391d00 Make second round of review edits to fix Spencer's comments 2021-01-08 12:50:52 -06:00
Grant Willcox 3e52debd8b Update the exploit a bit more to remove excess options and also update the documentation accordingly. 2021-01-06 12:16:06 -06:00
Christophe De La Fuente 17c393f101 Land #14046, Adding juicypotato-like privilege escalation exploit for windows 2021-01-06 16:02:05 +01:00
Grant Willcox 863417fca7 Second round of updates and some rubocop changes to conform to standards. 2021-01-06 01:30:40 -06:00