adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
60,728 Commits 27 Branches 1,043 Tags
e0f6700a7edb71ddb9cda4a2bcf6e065fa485adf
Commit Graph

30857 Commits

Author SHA1 Message Date
William e0f6700a7e Add empty line 2021-05-17 23:10:29 +08:00
William ce4748494a Fix whitespace issue 2021-05-17 23:07:05 +08:00
William 69b1f4bbc7 Bug fix 
Fix bug that prevent the module from working on SSL enabled GitLab server
 2021-05-16 14:23:16 +08:00
Grant Willcox 7a9050c7ea Fix up check method so that it will correctly warn the user that the target might not be vulnerable only cause the DLL hijacking technique doesn't work on certain targets. 2021-05-14 17:47:39 -05:00
Jack Heysel c8b62a1ff9 Fixed check method nil check, update numberd list in docs, added wfsdelay warning when in dll mode 2021-05-14 17:47:31 -05:00
Jack Heysel 950bbad852 Removed nil script check, updated docs 2021-05-14 17:47:15 -05:00
Jack Heysel eb4573164b Addressed comments 2021-05-14 17:46:26 -05:00
Jack Heysel e29dce4f08 Removed comments from powershell script 2021-05-14 17:45:42 -05:00
Jack Heysel d23df37b62 Responded to comments, refactored to remove duplicate code 2021-05-14 17:44:08 -05:00
Jack Heysel d5f2cfb3de Added x86 codepath for uso trigger 2021-05-14 17:44:08 -05:00
Jack Heysel b112aae55c Rubocop offense 2021-05-14 17:44:08 -05:00
Jack Heysel fab3a9afc8 Added wfsdelay, updated docs 2021-05-14 17:44:07 -05:00
Jack Heysel addc1ad601 Replace shelled usoclient call with uso_trigger 2021-05-14 17:44:07 -05:00
Jack Heysel 5640dac24d Fixed sc command, updated check method, moved tokenmagic.ps1 2021-05-14 17:44:07 -05:00
Jack Heysel ca637be0c9 Fixed powershell script, updated authors 2021-05-14 17:44:06 -05:00
Jack Heysel 1eab94cc26 beta draft 2021-05-14 17:43:44 -05:00
bwatters 8792febcf8 Land #15190, Add Exploit For CVE-2021-21551 (Dell DBUtil_2_3 IOCTL) 
Merge branch 'land-15190' into upstream-master
 2021-05-14 13:55:12 -05:00
adfoster-r7 ac2c467121 Land #15011, Enhance analyze command API to understand modules' needs 2021-05-14 14:30:33 +01:00
Spencer McIntyre d990e884af Add and test even more targets 2021-05-13 17:27:58 -04:00
Spencer McIntyre eb89550f85 Clear up some target offset discrepancies 2021-05-13 16:06:15 -04:00
Grant Willcox ad266b4348 Update documentation to clear a few things up and add in additional checks to module to check the file exists and is readable before using it 2021-05-13 13:39:39 -05:00
pingport80 baabd0265f update docs and add a check 2021-05-13 13:39:32 -05:00
pingport80 e475eaa7bd add formatting option back and update docs 2021-05-13 13:39:19 -05:00
pingport80 854b6a4be4 update telegram/send_message to support multiple chat_ids and document 2021-05-13 13:38:50 -05:00
pingport80 b3bd0ee03f add send_document module and docs 2021-05-13 13:38:41 -05:00
Spencer McIntyre 7d841a0f79 Add a target for Windows 7 x64 2021-05-13 14:24:15 -04:00
Spencer McIntyre 4825407d21 Add a target for Windows 8.1 x64 2021-05-13 12:56:47 -04:00
Spencer McIntyre 477749f77f Refactor the code to be reusable and add docs 2021-05-12 16:36:17 -04:00
Spencer McIntyre d3de52da59 The exploit is now functional for Win10 v1803-20H2 2021-05-12 16:14:59 -04:00
adfoster-r7 1a321e3cc1 Land #15164, Converts Cockpit CMS to use new CookieJar API 2021-05-12 19:25:47 +01:00
Alan Foster 5a0360228f Update cockpit cms module 2021-05-12 17:20:31 +01:00
Grant Willcox 5290549cac Land #15185, Add CVE-2021-22204 ExifTool ANT perl injection 2021-05-11 16:41:44 -05:00
Grant Willcox 23bab9405a Land #15175, Change depreciated URI::encode call to URI::encode_www_form_component within rejetto_hfs_exec 2021-05-11 11:21:50 -05:00
Justin Steven acd79d41b7 Appease rubocop 2021-05-11 12:11:22 +10:00
Justin Steven fa73c0af3e Add CVE-2021-22204 ExifTool ANT perl injection 2021-05-11 12:02:12 +10:00
Grant Willcox b9d45af201 Land #15167, Ensure Adobe Sandbox Collab Sync session types is an array 2021-05-10 10:52:55 -05:00
Debjeet Banerjee 54dbedf181 URI.escape is obsolete and needs to be updated 
The current code results in the following error :
```
[*] Started reverse TCP handler on 192.168.1.105:4444 
[*] Using URL: http://0.0.0.0:8080/o6wYorU
[*] Local IP: http://192.168.1.105:8080/o6wYorU
[*] Server started.
[*] Sending a malicious request to /
/usr/share/metasploit-framework/modules/exploits/windows/http/rejetto_hfs_exec.rb:110: warning: URI.escape is obsolete
/usr/share/metasploit-framework/modules/exploits/windows/http/rejetto_hfs_exec.rb:110: warning: URI.escape is obsolete
[*] Server stopped.
[!] This exploit may require manual cleanup of '%TEMP%\jsywNguEzNXZF.vbs' on the target
[*] Exploit completed, but no session was created.
```

This minor edit should fix it.
 2021-05-09 12:40:48 +05:30
Alan Foster 48697625da Ensure adobe sandbox collab sync session types is an array 2021-05-07 18:51:06 +01:00
Shelby Pace b9525c581d Land #15102, add GateKeeper Bypass exploit 2021-05-07 09:10:10 -05:00
A Galway a9859af870 prints all cookies instead of just one 2021-05-07 14:52:26 +01:00
A Galway bf02dea70f rubocop 2021-05-07 13:28:17 +01:00
A Galway ba6584f761 altered login & rce requests to use cookie_jar api 2021-05-07 13:11:17 +01:00
William Vu 637e9cff48 Update vmware_vrops_mgr_ssrf_rce documentation 2021-05-06 18:30:20 -05:00
Tim W 4192e175d2 fix osx-app exe attributes 2021-05-06 18:20:32 +01:00
Spencer McIntyre 00131a666c Land #15096, Add shell support for win checkvm 2021-05-04 17:32:05 -04:00
Tim W f2f631aef0 fix metadata 2021-05-04 20:55:17 +01:00
Shelby Pace 0b5ec2f643 Land #15138, idrac docs and improvements 2021-05-04 11:06:41 -05:00
Christophe De La Fuente 1b0f9519a6 Land #15030, GravCMS Unauthenticated Arbitrary YAML Write/Update RCE (CVE-2021-21425) 2021-05-04 14:23:16 +02:00
Ashley Donaldson a055e9a8b7 Land #11130, Added modules to steal Active Directory credentials 2021-05-04 11:35:38 +10:00
Ashley Donaldson 929197b85e Fix rubocop errors 2021-05-04 11:34:22 +10:00