adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
49,159 Commits 27 Branches 1,043 Tags
dfd905fdcabdc2fcd30f160b3bf59b1670f4a99c
Commit Graph

25048 Commits

Author SHA1 Message Date
Brent Cook 86469cc5a0 Land #10836, Add Morris worm sendmail debug mode exploit 2018-11-02 11:17:33 -05:00
Brent Cook 1d81f3764f Land #10700, Add Morris worm fingerd exploit and VAX reverse shell 2018-11-02 11:16:46 -05:00
bwatters-r7 114a8127e8 Land #10858, bypassuac_eventvwr optimizations - reduce created processes and artifacts 
Merge branch 'land-10858' into upstream-master
 2018-10-31 16:44:32 -05:00
bwatters-r7 af7a7d586b Add validation check to make sure x64 remote host and a x86 session 
cannot select an x64 target.
 2018-10-31 16:31:52 -05:00
bwatters-r7 08ec8e1ef9 Land #10553, add x86/xor_dynamic and x64/xor_dynamic encoders 
Merge branch 'land-10553' into upstream-master
 2018-10-30 09:56:15 -05:00
Elazar Broad 6fe7bb0bb6 Increase sleep time to 10 seconds 
Increase the wait time before removing the registry key - allows the payload to spawn successfully on slow systems.
 2018-10-29 12:55:03 -04:00
Brendan Coles 1c340f8202 Land #10853, Add universal targeting to Mercury/32 IMAP LOGIN exploit 2018-10-28 18:17:46 +00:00
kr3bz 370bcaf8d8 Update mercury_login.md 2018-10-28 09:49:15 +01:00
Brendan Coles a34310095c Update modules/exploits/windows/imap/mercury_login.md 
Co-Authored-By: kr3bz <44395414+kr3bz@users.noreply.github.com>
 2018-10-28 09:41:29 +01:00
Brendan Coles bfd3a17c0e Update modules/exploits/windows/imap/mercury_login.rb 
Co-Authored-By: kr3bz <44395414+kr3bz@users.noreply.github.com>
 2018-10-28 09:41:14 +01:00
kr3bz 5efbefdaea Update mercury_login.md 2018-10-28 09:37:47 +01:00
kr3bz 2839a73cbd Update mercury_login.rb 2018-10-28 09:35:15 +01:00
kr3bz c61737bb18 Update mercury_login.md 2018-10-27 20:52:54 +02:00
kr3bz 239632ca03 Update mercury_login.md 2018-10-27 20:52:24 +02:00
kr3bz 3cf8a01b55 Update mercury_login.md 2018-10-27 20:51:31 +02:00
Brendan Coles 965c2d5c01 Update modules/exploits/windows/imap/mercury_login.rb 
Co-Authored-By: kr3bz <racic.ivan@gmail.com>
 2018-10-26 13:37:37 +02:00
bwatters-r7 b4c005c4d4 Land #10561, Add Windows local privilege escalation - CVE-2018-0824 
Merge branch 'land-10561' into upstream-master
 2018-10-25 13:22:31 -05:00
William Vu e1a7c35834 Clean up check_banner 2018-10-25 05:20:20 -05:00
Green-m f90992dc08 Fix typo. 2018-10-25 17:55:01 +08:00
Green-m 760b14e71d Update the version match code. 2018-10-25 15:33:54 +08:00
Wei Chen 2ab9a003d4 Land #10864, Add Cisco WebEx RCE Modules 2018-10-24 16:20:00 -05:00
Wei Chen f52cbdf9d7 Change option types 2018-10-24 16:18:17 -05:00
Wei Chen 4ec7e41f9e Change option type 2018-10-24 16:16:03 -05:00
Wei Chen e84ba62740 Cosmetic changes for local/webexec 2018-10-24 16:13:47 -05:00
Elazar Broad 16d633fabd Remove spaces before EOL 2018-10-24 11:04:41 -04:00
Shelby Pace 3729e9ed7b added description, references 2018-10-24 09:46:00 -05:00
kr3bz 2e2d742ae7 Added updated mercury_login 
Added additional space for the payload, made recommended changes, msftidy does not produce errors, readded null byte as a badchar.
 2018-10-24 11:08:37 +02:00
William Vu 458f635159 Add supported payloads to module description 2018-10-24 01:30:27 -05:00
William Vu 839c4e0467 Drop rank to AverageRanking for now 2018-10-24 01:30:17 -05:00
William Vu 37560760df Add RequiredCmd for generic and telnet 2018-10-24 01:23:15 -05:00
Elazar Broad ef2854c918 Use in-memory reflection for executing the payload 
Use to_win32pe_psh_reflection() instead of to_win32pe_psh_net() in order to reduce the amount of processes and forensic artifacts created by this module.
 2018-10-23 22:12:10 -04:00
Elazar Broad d75c599929 Use ShellExecuteA to spawn eventvwr.exe 
Use ShellExecuteA from railgun to spawn eventvwr.exe, as opposed to cmd /c. This reduces the amount of processes generated by this module.
 2018-10-23 21:52:36 -04:00
Elazar Broad da4b424780 Fix typo in cleanup message 2018-10-23 21:33:49 -04:00
bwatters-r7 569c2e03c9 Fix exploit relics and documentation 2018-10-23 17:15:34 -05:00
Shelby Pace 34ae9c38f9 added WebEx modules, arch check 2018-10-23 15:51:23 -05:00
bwatters-r7 927a29530b Remove duplicated files 2018-10-23 12:31:18 -05:00
Brent Cook 65c0573738 Land #10848, improve play_youtube post module 2018-10-23 12:26:55 -05:00
Brent Cook e992b63520 Land #10856, add SSL support to php meterpreter 2018-10-23 11:59:09 -05:00
kr3bz be2ec76ed2 Added modified mercury_login.rb 
Modified the script with recommendations.
 2018-10-23 17:17:30 +02:00
William Vu 9c49acb924 Fail scanner instead of returning 2018-10-23 10:07:38 -05:00
William Vu 58a1b65e60 Update Exploit::CheckCode::Unknown 
Brain fart.
 2018-10-23 09:34:48 -05:00
William Vu 899238a4e3 Update libssh_auth_bypass with command output 2018-10-23 09:34:42 -05:00
Spencer McIntyre c71bbc1019 Remove spaces that msftidy caught 2018-10-23 10:13:44 -04:00
Brendan Coles 0e7259040d Update modules/exploits/windows/imap/mercury_login.rb 
Co-Authored-By: kr3bz <racic.ivan@gmail.com>
 2018-10-23 14:32:53 +02:00
Brendan Coles 903f5e9ede Update modules/exploits/windows/imap/mercury_login.rb 
Co-Authored-By: kr3bz <racic.ivan@gmail.com>
 2018-10-23 14:32:44 +02:00
Brendan Coles 0b37e29c9a Update modules/exploits/windows/imap/mercury_login.rb 
Co-Authored-By: kr3bz <racic.ivan@gmail.com>
 2018-10-23 14:32:38 +02:00
Brendan Coles 43dd23042b Update modules/exploits/windows/imap/mercury_login.rb 
Co-Authored-By: kr3bz <racic.ivan@gmail.com>
 2018-10-23 14:32:10 +02:00
Ivan Racic ee3c663baf Upgraded exploit to work on any Windows target 
In short, added egghunter and return address of
the executable file itself, so it should work
on any windows system.

Also, upgraded to modern exploit module requirements.
 2018-10-23 12:11:56 +02:00
Spencer McIntyre 15e67de8fc Add the EMBED option for play_youtube.rb 2018-10-22 19:51:41 -04:00
William Vu 3ca309423a Add check method to detect 4.3BSD fingerd 2018-10-22 18:32:37 -05:00