46718e3390
Run Rubocop layout rules on modules
2021-09-10 12:53:39 +01:00
ff50a94348
Land #15567 , Add in Exploit for CVE-2021-3490
...
Merge branch 'land-15567' into upstream-master
2021-08-31 18:46:25 -05:00
488f58a068
Attempt to fix RuboCop errors
2021-08-31 15:36:00 -05:00
3bca3b0bcb
Update exploit code to use & after the command to execute as root so it executes in the background and doesn't hang Metasploit. Also update the logic of the code to check the response from executing the exploit and respond accordingly and update the documentation to match
2021-08-31 15:07:37 -05:00
4a9a15e638
Run Rubocop layout rules on modules
2021-08-27 17:19:43 +01:00
6f9b06fb4b
Add in Manfred Paul's original blog post and chompie1337's original PoC to the list of links. Also add in a relatively detailed description of how to add in new targets to this exploit to the documentation in case that helps anyone down the line
2021-08-25 18:09:07 -05:00
29a230ec72
Improve error handling for module
2021-08-24 17:36:37 -05:00
bd490d35ed
Add support for Linux 5.11.x on Fedora
2021-08-23 15:09:10 -05:00
db5ac81ecf
Fix up mistakes bcoles pointed out and also add in a check to ensure we are only targetting x64 systems
2021-08-23 13:23:40 -05:00
e46611cffb
Add in support for exploiting Fedora 32 with Linux kernel 5.10.12
2021-08-20 18:04:59 -05:00
75ae2b76f5
Add support for Fedora 32 Linux Kernel 5.9.8-100 and also fix an error where the wrong file was being used for Fedora 32 Linux Kernel 5.8.8.
2021-08-20 16:50:20 -05:00
5abf407228
Add support for Fedora 32 with Linux Kernel 5.8.8-200
2021-08-20 15:42:34 -05:00
dd806a9d61
Add in support for Fedora 32 running kernel 5.7.11-200
2021-08-20 13:37:52 -05:00
b479cb61a4
Add in scenario for Ubuntu 20.04.02 LTS and show that its still working as expected
2021-08-19 15:05:03 -05:00
945004ed97
Fix up typo that was breaking the code and also fix RuboCop errors
2021-08-19 14:12:03 -05:00
b60ad3ee26
Fix up mistakes I noticed whilst doing edits on the code as well as some mistakes identified during peer review
2021-08-19 13:55:54 -05:00
d5df47692c
Add in first copy of the exploit along with the supporting source code and binaries. Documentation to come
2021-08-17 18:01:14 -05:00
951809e164
Land #15491 , add module stability notes
2021-07-29 17:24:42 +01:00
809081bc5f
Land #15279 , add Pi-Hole lpe
2021-07-29 11:15:17 -05:00
0561ae978f
fix typos, pihole version in docs
2021-07-29 11:13:58 -05:00
56510a2e8e
Updates some notes on modules that weren't passing tests due to new rubocop rule
2021-07-28 16:20:02 +01:00
570ba091f6
Update some typos in the documentation and also update the exploit module to handle various cases whereby the dbus-send command might end up timing out due to TIMEOUT being too low and to fix some final issues found during testing
2021-07-08 16:24:01 -05:00
9f88ef0954
Fix up review comments
2021-07-08 16:22:29 -05:00
54ee8f7ae7
Added cmd_delay nil check, updated title
2021-07-08 16:20:45 -05:00
0f67dd5212
Fixed get_cmd_delay, reponded to comments
2021-07-08 16:20:38 -05:00
9a07039e7e
Updated docs
2021-07-08 16:09:15 -05:00
fdbf669da2
Fixed check for /bin/su
2021-07-08 16:09:12 -05:00
285a6338fa
Print error instead of failwith when exploit commands unsuccessful
2021-07-08 16:09:12 -05:00
f797f30651
Fixed call to write directory
2021-07-08 16:09:04 -05:00
1a73cfbe25
Updated check method
2021-07-08 16:09:03 -05:00
c5a9ecd45b
WritableDir as advanced opt
2021-07-08 16:09:03 -05:00
f87f831aba
Module updates + Docs
2021-07-08 16:09:02 -05:00
8d2d445699
Send one large command over many of smaller size
2021-07-08 16:08:36 -05:00
e7608d79f6
Polkit authentication bypass
2021-07-08 16:08:33 -05:00
dc9c0035ab
Land #15371 , check if apport-cli is in $PATH
...
Fixes #15370
2021-07-08 09:28:35 -04:00
636b790acb
Update to using the AutoCheck mixin
2021-07-08 09:03:42 -04:00
daa5b32393
Update from review
...
- Remove `MeterpreterTryToFork` option logic
- Add `Prepend` code directly under `Payload` info
- Rebase to use the updated `PrependFork`
- Add logic to verify that shells specified in the options really exist
on the remote host
2021-06-30 18:13:35 +02:00
eca20bec92
Update from code review
...
- Fix documentation typos
- Rename `MeterpreterBackground` Mettle option to `MeterpreterTryToFork`
2021-06-30 11:02:11 +02:00
ccaedd6c9a
Last additions and improvements
...
- add binaries
- add documentation
- backup `runc` binary in the exploit C file
- add `MeterpreterBackground` options to set Mettle `background` option
- add `WsfDelay` logic
- refactor code
- add cleanup logic
- add restore `runc` binary logic
2021-06-30 11:02:11 +02:00
1b59b8c83e
Rebase and fix conflicts in lib/msf/core/post/common.rb
2021-06-30 11:02:11 +02:00
d40656b852
apport_abrt_chroot_priv_esc: check if apport-cli is in $PATH
2021-06-25 11:48:16 +00:00
eb4170678b
use faker
2021-06-06 11:57:23 -04:00
69690ef09e
Fix RuboCop issues with sudo_baron_samedit.rb that were causing failures in some builds
2021-06-04 12:03:13 -05:00
fe8e586b22
fall to shell when meterpreter fails get_processes
...
shift `pidof` to `Msf::Post::Process`
2021-06-01 18:51:39 +05:30
3f1bb4b51e
rename module, add docs
2021-05-30 14:48:39 -04:00
0c3a693bef
working exploit and docs
2021-05-30 14:37:11 -04:00
56388cd696
Land #15146 , Add support for extra OSes for CVE-2021-3156 (Baron Samedit)
2021-05-18 18:02:30 -04:00
a8a1cf75b8
Reorder the Fedora targets to be descending
2021-05-18 18:02:12 -04:00
100da2f1b1
Enforce Style/RedundantBegin for new modules
2021-05-13 04:01:03 +01:00
5dc8d0e684
Added automatic cleanup for exploit scripts that modify /etc/passwd
2021-05-06 21:50:03 +10:00
adfoster-r7