adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
57,293 Commits 27 Branches 1,043 Tags
dac3cbcbcdfd0064ef4337abc5b6ab91015e0a0a
Commit Graph

29180 Commits

Author SHA1 Message Date
h00die dac3cbcbcd more options, more optimizations 2020-08-03 13:08:39 -04:00
h00die 498a94a9c0 bloodhound cleanup 2020-08-03 13:08:39 -04:00
Spencer McIntyre a32d4c2a20 Land #13875, CVE-2020-8010 & CVE-2020-8012 2020-07-31 09:08:36 -04:00
gwillcox-r7 2ef43ab7d0 Land #13920, CVE-2020-1147 SharePoint Deserialization RCE 2020-07-29 16:10:32 -05:00
gwillcox-r7 17c26b098b Ninja edit to make sure that if we fail to authenticate to the server, we return CheckCode::Unknown rather than CheckCode::Safe 2020-07-29 16:08:51 -05:00
Spencer McIntyre 4fa657d6eb Fix a bunch of documentation typos and minor code cleanups 2020-07-29 16:30:44 -04:00
Spencer McIntyre a886177b96 Land #13837, Add FreeBSD ip6_setpktopt Use-After-Free Privilege Escalation module 2020-07-29 15:40:47 -04:00
Spencer McIntyre 7af4297e86 Add the exploit for CVE-2020-1147 2020-07-29 11:58:38 -04:00
Shelby Pace 18b5ddbfdc Land #13891, add Baldr file upload rce 2020-07-28 17:20:21 -05:00
Shelby Pace 768d104f12 randomize os, delete payload 2020-07-28 17:19:26 -05:00
gwillcox-r7 d7a27b7cd8 Land #13878, Add Telegram Message Client 2020-07-28 16:58:05 -05:00
Shelby Pace 99cf54977f rubocop 2020-07-28 16:48:32 -05:00
Shelby Pace c79c9fc280 reverse xor arguments 2020-07-28 16:47:35 -05:00
gwillcox-r7 e89bae5b51 Apply RuboCop module changes. Also update documentation file to remove some extra small sections that are not needed, and also to move the documentation from the module to the proper documentation file. 2020-07-28 16:14:29 -05:00
gwillcox-r7 50853fe109 Make improvements from recommendation and also update the module's documentation so its more intutitive for people not familiar with Telgram's bots 2020-07-28 15:41:05 -05:00
Ege Balcı 26f869f860 Update modules/exploits/multi/http/baldr_upload_exec.rb 2020-07-28 11:07:46 +03:00
Ege Balcı fb745f78cc Update modules/exploits/multi/http/baldr_upload_exec.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-07-28 10:53:16 +03:00
Ege Balcı 5d49367726 Update modules/exploits/multi/http/baldr_upload_exec.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-07-28 10:52:37 +03:00
Ege Balcı fef9a23692 Update modules/exploits/multi/http/baldr_upload_exec.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-07-28 10:51:03 +03:00
h00die 5a40c6dc00 move config_changes 2020-07-27 15:35:05 -04:00
William Vu c6fd9a4b08 Land #13895, SAP RECON CVE-2020-6287 improvements 2020-07-27 08:51:16 -05:00
Brendan Coles 95b99ce5cf Use Msf::Exploit::Remote::AutoCheck 2020-07-26 08:04:37 +00:00
Brendan Coles 476281d4bd Use Msf::Post::Unix.is_root? 2020-07-26 08:04:37 +00:00
Brendan Coles fbc77f7576 Add FreeBSD ip6_setpktopt Use-After-Free Privilege Escalation module 2020-07-26 08:04:37 +00:00
wetw0rk 8421b1a956 fixes, and format 2020-07-24 15:50:00 -05:00
Ron Wills 2e84c6ea18 Used more appropriate api 2020-07-24 10:28:07 -06:00
Ron Wills 6592a0cc53 Clean up the temperary script with the clear text password in it 
Removed the old unused clean up code
 2020-07-24 10:16:52 -06:00
Ege Balcı 7985eafda0 Add Baldr Botnet Panel RCE Module 2020-07-24 07:45:43 +03:00
Spencer McIntyre 13d7c5445a Address rubocop complaints 2020-07-23 18:10:07 -04:00
Spencer McIntyre ff4db5daea Add the REMOVE action to the exploit for CVE-2020-6287 2020-07-23 17:59:40 -04:00
Spencer McIntyre 68614bcc3b Add check functionality for CVE-20220-6287 2020-07-23 14:46:06 -04:00
William Vu 13a4339274 Land #13861, intel_sysret_priv_esc AutoCheck && cc 2020-07-23 11:34:30 -05:00
William Vu a89c966bbc Land #13852, SAP "RECON" CVE-2020-6287 aux module 2020-07-23 10:30:36 -05:00
Spencer McIntyre e0046ef8f2 Randomize unnecessary values and set the secure attribute 2020-07-23 10:47:53 -04:00
wetw0rk 938342793e removed vuln-confirmation 2020-07-23 09:46:13 -05:00
wetw0rk dbd6129ec4 if-vuln-check 2020-07-23 09:32:04 -05:00
Spencer McIntyre d108cd0da9 Address feedback for consistency within CVE-2020-6287 2020-07-23 10:31:46 -04:00
Spencer McIntyre 593ddd8ac4 Add module docs for CVE-2020-6287 2020-07-23 09:47:22 -04:00
Ron Wills 6be25a00b6 Replaced file creation from shell script to the Msf::Post::File native API 
Cleanup of the previous commit
 2020-07-23 07:04:20 -06:00
Ron Wills 14d484aac0 Replaced file creation from shell script to the Msf::Post::File native API 2020-07-23 06:21:17 -06:00
Ron Wills eff9c9b914 Fixed shell script creation with passwords with special characters 2020-07-22 20:09:15 -06:00
Spencer McIntyre 2364b3f46c Fix the remaining rubocop issues for CVE-2020-6287 2020-07-22 19:18:42 -04:00
Spencer McIntyre 7b781ca12f Report a vuln in the CVE-2020-6287 module and fix xpath comparisons 2020-07-22 18:29:55 -04:00
Spencer McIntyre 2d43da2a39 Apply rubocop fixes for CVE-2020-6287 2020-07-22 18:04:11 -04:00
Spencer McIntyre ec9ee2baa7 Complete the exploit with privilege escalation through a role 2020-07-22 17:57:39 -04:00
William Vu f601c49ba9 Default to LDAPS in vCenter Server vmdir modules 2020-07-22 15:40:10 -05:00
William Vu f736b0192f Add LDAPS support and update vCenter vmdir modules 2020-07-22 14:23:00 -05:00
Shelby Pace 3dbb63241c Land #13853, bpf signed ext privesc improvements 2020-07-22 14:09:17 -05:00
William Vu 41457b21d9 Land #13868, vCenter vmdir CVE-2020-3952 hash dump 2020-07-22 14:00:44 -05:00
William Vu 903abd2110 Print the cleaned password and lockout policy 
Don't be lazy!
 2020-07-22 12:33:33 -05:00