metasploit-gs

Author	SHA1	Message	Date
Grant Willcox	d50ac2972d	Land #14222 , Update php_fpm_rce.rb to replace depreciated URI.encode calls with Rex::Text::uri_encode	2020-11-04 14:04:28 -06:00
bwatters	8add7fb7ca	Land #14335 , Remove the DRuby remote code execution module Merge branch 'land-14335' into upstream-master	2020-11-02 18:30:54 -06:00
Grant Willcox	8a82907a0f	Land #14323 , Use the datastore nameservers when the NS option is set in enum_dns.rb for zone transfers	2020-11-02 16:44:19 -06:00
Spencer McIntyre	708de57499	Land #14297 , Modified zabbix login to work with newer versions of zabbix	2020-11-02 15:59:22 -05:00
Grant Willcox	7b72120016	Land #14252 , Update Avira password gatherer module and associated libaries and add in documentation	2020-11-02 14:37:47 -06:00
Spencer McIntyre	659137da94	Remove the DRuby remote code execution module	2020-11-02 08:32:52 -05:00
Spencer McIntyre	a1561cff46	Add some additional error handling with more readable messages	2020-10-30 14:34:44 -04:00
Grant Willcox	46c937089d	Fix up regex to properly match on Raw-MD5u only, and fix up refname to be self.refname to fit in with other modules in this directory	2020-10-30 12:37:35 -05:00
Alan Foster	17ac8dab2a	Fix smb version error handling	2020-10-30 16:26:31 +00:00
Spencer McIntyre	06d1165a8b	Remove dead code in the auxiliary/gather/enum_dns option	2020-10-30 10:45:08 -04:00
Grant Willcox	4479f4f0e1	Update library and module to fully support version 5.2. Also update the module to support guest discovery on newer versions on Zabbix	2020-10-29 19:27:12 -05:00
Spencer McIntyre	861879275e	Land #14250 , Fix how DNS enumeration displays AXFR results	2020-10-28 13:38:38 -04:00
Grant Willcox	85c3058e7d	Delete the unused axfr function from auxiliary/gather/enum_dns	2020-10-28 09:34:13 -05:00
Alan Foster	902297d199	Add service stub encoder validation	2020-10-27 15:27:24 +00:00
Grant Willcox	bd57832494	First round of changes from review	2020-10-26 16:02:06 -05:00
HuskyHacks	3a66984808	Update enum_putty_saved_sessions.rb updating enum_putty_saved_sesssion.rb with additional fields	2020-10-25 15:45:33 -04:00
h00die	79384e85f3	remove old .keep files in non-empty directories	2020-10-24 09:41:55 -04:00
bwatters	294269bd4e	Land #14300 , Fixes and updates for the DRuby RCE module Merge branch 'land-14300' into upstream-master	2020-10-23 14:36:04 -05:00
Spencer McIntyre	ba17a5d67f	Apply rubocop fixes for the DRuby RCE module	2020-10-22 12:35:35 -04:00
Spencer McIntyre	8aca08f80b	Add the DRuby RCE check method	2020-10-22 12:34:51 -04:00
Spencer McIntyre	34e41e66ec	Fix the syscall DRuby target by adding a small delay before execve	2020-10-22 12:18:12 -04:00
Spencer McIntyre	49145bfd31	Don't start the DRuby service, it appears unnecessary	2020-10-22 12:15:39 -04:00
bwatters	2f2d43e3bb	Land #14295 , update payload sizes from 2.0.22 gem Merge branch 'land-14295' into upstream-master	2020-10-22 08:52:18 -05:00
Brendan Coles	6258d5b561	Land #14296 , Move mercury_login module docs to documentation directory	2020-10-22 13:24:54 +00:00
Spencer McIntyre	3dc232aa9a	Land #14289 , Add version check to exploit/windows/http/exchange_ecp_dlp_policy	2020-10-21 17:52:38 -04:00
Jeffrey Martin	a8d41c59e2	update payload sizes from 2.0.22 gem	2020-10-21 16:35:43 -05:00
h00die	5890bc45b5	move docs out of exploits folder	2020-10-21 16:37:02 -04:00
adfoster-r7	a362b6785d	Land #14290 , set pid to nil for MS17-010 SMB1 clients	2020-10-21 16:20:08 +01:00
Spencer McIntyre	b457191eaa	Set pid to nil for MS17-010 SMB1 clients	2020-10-20 17:09:51 -04:00
William Vu	e4fb76d74f	Add version check to exchange_ecp_dlp_policy And update modules/exploits/windows/http/sharepoint_ssi_viewstate.rb.	2020-10-20 14:32:43 -05:00
William Vu	3970b69734	Land #14229 , Telerik UI for ASP.NET AJAX exploit CVE-2017-11317 && CVE-2019-18935	2020-10-20 13:24:35 -05:00
Spencer McIntyre	b58ed7f909	Update the Telerik RAU module metadata and add the TARGETURI option	2020-10-20 13:48:59 -04:00
Spencer McIntyre	57aef4367c	Adjust the exploit timeout and set the default RPORT for Telerik RAU	2020-10-19 19:31:14 -04:00
bwatters	1e568a6d1b	Merge branch 'land-14179' into upstream-master	2020-10-19 15:55:25 -05:00
William Vu	253928570b	Update module doc	2020-10-19 11:18:00 -05:00
Spencer McIntyre	0f344b0661	Land #14265 , Add SharePoint Server-Side Include (SSI) and ViewState RCE (CVE-2020-16952)	2020-10-19 10:27:58 -04:00
Spencer McIntyre	a05f8a721b	Print what the web.config loot path is	2020-10-19 10:27:41 -04:00
adfoster-r7	76d5a4e444	Land #14258 , add documentation and rubocop for several post/windows/gather modules	2020-10-19 12:59:06 +01:00
William Vu	4cb08f7426	Address outstanding issues	2020-10-15 13:24:08 -05:00
Grant Willcox	849dbeca5c	Fix up bad merge commit	2020-10-15 11:53:39 -05:00
Tim W	87104a7236	Update docs and make them msftidy_docs.rb compliant	2020-10-15 10:59:46 -05:00
Grant Willcox	59f74438da	Rename the LPE exploit to a more appropriate name since their could be future bugs in NtUserMessageCall and also update the description info a bit more	2020-10-15 10:59:44 -05:00
Grant Willcox	7c08a42401	Revamp the check method so that it will check across a lot more versions of Windows and provide full coverage for CVE-2019-1458	2020-10-15 10:59:44 -05:00
Grant Willcox	f2899186e4	Add in first round of initial updates to fix review comments	2020-10-15 10:59:40 -05:00
Tim W	dcc322436b	Update documentation files and module description to more accurately describe what the cause of the LPE bug for CVE-2019-1458 is. also apply RuboCop edits.	2020-10-15 10:58:58 -05:00
Tim W	c38064b022	Apply rubocop edits and update documentation	2020-10-15 10:58:38 -05:00
Tim W	a3772d43d4	set InitialAutoRunScript to post/windows/manage/priv_migrate	2020-10-15 10:58:08 -05:00
Tim W	cf5ca76b5e	fix check function	2020-10-15 10:58:07 -05:00
Tim W	12c5f4f916	CVE-2019-1458 chrome sandbox escape initial commit	2020-10-15 10:57:46 -05:00
William Vu	1a341ae931	Add SharePoint SSI and ViewState RCE CVE-2020-16952	2020-10-14 17:45:15 -05:00

1 2 3 4 5 ...

29748 Commits