adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
60,213 Commits 27 Branches 1,043 Tags
d020b2fb5fa3c19360bff5d694e5446d6f331bd4
Commit Graph

15231 Commits

Author SHA1 Message Date
William Vu d020b2fb5f Update f5_icontrol_rest_ssrf_rce for AKB reference 2021-04-03 12:58:42 -05:00
Christophe De La Fuente 401a4ff8c7 Land #14975, Fix uninitialized constant in cve_2020_1054_drawiconex_lpe 2021-04-02 17:23:03 +02:00
Shelby Pace 71914a1ddb Land #14813, additional dup scout bof targets 2021-04-01 13:03:57 -05:00
Shelby Pace 2cbd1a6be9 Land #14935, add F5 iControl REST API SSRF RCE 2021-04-01 08:40:38 -05:00
Shelby Pace 8cdaf9791d Land #14950, add saltstack salt api rce 2021-03-31 14:50:30 -05:00
William Vu cb3f1238f3 Add F5 iControl REST CVE-2021-22986 exploit 2021-03-31 14:02:32 -05:00
William Vu 51200c4b22 Remove CmdStagerFlavor from a couple modules 
Not strictly necessary. We need a better way to limit by platform.
 2021-03-31 12:08:46 -05:00
Christophe De La Fuente 9806026ab9 Update from code review 2021-03-31 17:48:35 +02:00
Tim W 70c8e802d8 Fix #14974, fix uninitialized constant in cve_2020_1054_drawiconex_lpe 2021-03-31 12:06:15 +01:00
ryanpohlner d92d0e59d8 Fixed generic cmd payload not echoing 2021-03-29 20:06:12 -04:00
ryanpohlner c55303863a Fixed payload triggering twice 2021-03-29 18:27:25 -04:00
Spencer McIntyre 9d85af51cb Land #14945, Proxylogon RCE (Praetorian update) 2021-03-29 12:04:19 -04:00
Spencer McIntyre 11f4946817 Tweak some ProxyLogon verbiage for clarity 2021-03-29 10:07:43 -04:00
RAMELLA Sébastien 02b240b22a code review 2021-03-29 14:23:39 +04:00
Christophe De La Fuente fca8bf37e2 Update description & add Stability trait 2021-03-29 11:14:35 +02:00
Christophe De La Fuente 00698d20bf Add waiting status message and update doc 2021-03-26 14:59:27 +01:00
Christophe De La Fuente b069fec866 Add module and doc for Saltstack Salt API wheel_async RCE 2021-03-26 13:54:06 +01:00
RAMELLA Sébastien c64b1b200e remove ClientID, seem useless 2021-03-26 16:37:08 +04:00
William Vu fb387d940d Land #14946, fail_with corrections for two modules 2021-03-26 01:51:14 -05:00
William Vu b517372e4d Fix sharepoint_ssi_viewstate, too 2021-03-26 01:32:46 -05:00
William Vu a6df15c8c2 Fix the rest of the optional method 2021-03-26 01:29:47 -05:00
Spencer McIntyre 006faaab9a Land #14924, Add auxiliary and exploit modules for CVE-2020-6207 in SAP Solution Manager 2021-03-25 17:48:56 -04:00
William Vu 0b8ac121d4 Fix fail_with usage in advantech_iview_unauth_rce 
Brain fart. Should be print_warning so as not to fail the session.
 2021-03-25 11:33:41 -05:00
Grant Willcox 784927a389 Land #14941, Force smb_relay module to use the Rex SMB client over ruby_smb 2021-03-25 10:55:07 -05:00
RAMELLA Sébastien 75041c5837 update proxylogon rce 2021-03-25 19:46:58 +04:00
Vladimir Ivanov 3b8f3620d2 Minor updates 
Updated action_exec in auxiliary module cve_2020_6207_solman_rce.rb
Updated execute_command in exploit module cve_2020_6207_solman_rs.rb
 2021-03-25 15:37:29 +03:00
Vladimir Ivanov 0487e451cf Updated payload 
Updated make_rce_payload, renamed get_agent_os to check_agent in lib sap_sol_man_eem_miss_auth.rb
Updated action_ssrf, action_exec in auxiliary module cve_2020_6207_solman_rce.rb
Updated execute_command, exploit in exploit module cve_2020_6207_solman_rs.rb
 2021-03-25 14:20:54 +03:00
Vladimir Ivanov 391e013d89 Removed var lhost, lport in exploit module cve_2020_6207_solman_rs.rb 
Changed fail reason if agent_name is nil in lib sap_sol_man_eem_miss_auth.rb
 2021-03-25 11:26:14 +03:00
bwatters 6505f9ccbd Land #14830, Adding FortiLogger 4.4.2.2 - Unauthenticated Arbitrary File Upload (CVE-2021-3378) 
Merge branch 'land-14830' into upstream-master
 2021-03-24 17:41:10 -05:00
bwatters 5394464932 Fix rubocop complaint 2021-03-24 17:38:11 -05:00
dwelch-r7 a69d76d7b5 Force smb_relay module to use the Rex SMB client over ruby_smb 2021-03-24 17:36:50 +00:00
Grant Willcox f01b434160 Land #14896, Fix apache_activemq_upload_jsp exploit module for Java 8 2021-03-24 10:22:03 -05:00
Vladimir Ivanov 924f7feb76 Updated Arch in the exploit module cve_2020_6207_solman_rs.rb 
Corrected by rubocop library sap_sol_man_eem_miss_auth.rb
 2021-03-24 16:26:01 +03:00
Vladimir Ivanov 66ce45d833 Added support for CmdStager in the exploit module cve_2020_6207_solman_rs.rb 2021-03-24 16:16:43 +03:00
Vladimir Ivanov 567f78c532 Update PAYLOAD_XML, check_response in lib sap_sol_man_eem_miss_auth.rb 
Delete class var agents in auxiliary and exploit modules
 2021-03-24 11:21:57 +03:00
Vladimir Ivanov 8c7a483f6e Delete analyze_error in exploit module cve_2020_6207_solman_rs.rb 2021-03-23 23:59:48 +03:00
Vladimir Ivanov 2c18435e6e Update pretty_agents_table in lib sap_sol_man_eem_miss_auth.rb 
Change output in auxiliary and exploit modules
 2021-03-23 23:00:34 +03:00
Christophe De La Fuente 2dcd0fad04 Land #14860, Auxiliary/Exploit Scanner/Gather/RCE for Exchange ProxyLogon (CVE-2021-26855) 2021-03-23 13:10:15 +01:00
Vladimir Ivanov d76224066f Rename option URIPATH to TARGETURI 2021-03-23 13:33:39 +03:00
Vladimir Ivanov 113dce79de Move lib/metasploit/framework/sap_solman/client.rb to lib/msf/core/exploit/remote/http/sap_sol_man_eem_miss_auth.rb 2021-03-23 13:20:27 +03:00
Christophe De La Fuente a6cd7c9b30 Rubocop update - JSON Unnecessary symbol conversion 2021-03-23 10:58:03 +01:00
RAMELLA Sébastien 37b0552803 last code review before land 2021-03-22 23:20:40 +04:00
William Vu 4dc860cce3 Update Spencer credit 2021-03-22 14:14:12 -05:00
Spencer McIntyre 8605fe4529 Use POST for the check method and write the module docs 2021-03-22 15:04:21 -04:00
Vladimir Ivanov 2a48dd265d Replace class var @@agents with a class instance var in auxiliary and exploit modules. 2021-03-22 12:13:04 +03:00
RAMELLA Sébastien 09b844653b remove DisablePayloadHandler and add x86 support 2021-03-22 00:30:01 +04:00
RAMELLA Sébastien c543b44fc2 fix: CmdStagerFlavor, add: Powershell target, ... 2021-03-21 22:47:27 +04:00
Vladimir Ivanov 42726a70c0 client.rb - library for auxiliary and exploit modules 
cve_2020_6207_solman_rce.rb - auxiliary module
cve_2020_6207_solman_rce.md - documentation for auxiliary module
cve_2020_6207_solman_rs.rb - exploit module
cve_2020_6207_solman_rs.md - documentation for exploit module
 2021-03-21 16:51:21 +03:00
alanfoster 308a42e95b Fix apache_activemq_upload_jsp exploit module for Java 8 2021-03-20 15:26:34 +00:00
William Vu 30629c2405 Remove JSP stub to-do 
Spencer looked into this more thoroughly. The JSP stub is good.
 2021-03-19 17:17:01 -05:00