adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,933 Commits 27 Branches 1,043 Tags
e1f1ad45bcbe34ba01f6a8dde2da275abaedc63a
Commit Graph

455 Commits

Author SHA1 Message Date
gwillcox-r7 d759fbaed3 Land #13259, Miscellaneous fixes for @wvu's modules and documentation 2020-04-16 22:10:10 -05:00
Spencer McIntyre 62a000fe32 Land #13193, add updates to the trusted service path LPE 2020-04-16 11:41:02 -04:00
William Vu 994097b410 Update all my module docs to use "options" 2020-04-15 15:47:51 -05:00
William Vu fbfd47684c Update ManageEngine module doc to new standard 
H3 for option names.
 2020-04-15 15:47:51 -05:00
William Vu 7cf7211b46 Refactor desktopcentral_deserialization check 2020-04-15 15:47:51 -05:00
William Vu 02ba071b84 Punctuate check prints to match CheckCodes 2020-04-15 15:47:50 -05:00
h00die a01d50de38 add windows writable? and update unqouted service path 2020-04-10 14:54:20 -04:00
h00die f339e2e476 doc tidy 2020-04-03 22:02:28 -04:00
h00die 6d8fc1dad6 unquoted service path updates 2020-04-03 22:00:15 -04:00
bwatters-r7 182bd67287 Land #13187, Add LPE Exploit For CVE-2020-0796 (AKA: SMBGhost) 
Merge branch 'land-13187' into upstream-master
 2020-04-03 11:19:50 -05:00
Spencer McIntyre 0316ed7a18 Add module docs for CVE-2020-0796 2020-04-02 17:48:07 -04:00
Adam Galway e8d134fc56 Land #12096, DNN cookie desrialization exploit 2020-04-02 15:57:46 +01:00
bwatters-r7 beb53254c7 Land #13122, Add Exploit Module For CVE-2020-0646 (SharePoint Workflows XOML RCE) 
Merge branch 'land-13122' into upstream-master
 2020-03-25 11:24:15 -05:00
Spencer McIntyre a69f3eb946 Use the correct its instead of it's 2020-03-24 16:44:18 -04:00
Spencer McIntyre a0cd00dac7 Cleanup module doc and comments for CVE-2020-0646 2020-03-24 10:15:58 -04:00
h00die e7da6e77a5 remove and check for instruction text 2020-03-24 09:15:04 -04:00
Spencer McIntyre 0832604131 Finish up the CVE-2020-0646 SharePoint RCE 2020-03-23 18:14:28 -04:00
William Vu 0806e9ef42 Add CmdStager target back in so we can debug it 2020-03-13 11:17:37 -05:00
William Vu 83387212a7 Update language to address different patches 2020-03-12 17:50:13 -05:00
William Vu 0b117849d0 Note specific patch versions 
Hat tip @sranjit-r7.
 2020-03-12 17:40:46 -05:00
William Vu ed5dd4dd20 Add module doc 2020-03-12 17:36:53 -05:00
Spencer McIntyre 77e21de4bd Add additional docs for setting up an environment 2020-03-11 15:05:51 -04:00
Spencer McIntyre 4c004d51a7 Add an exploit for CVE-2020-0618 2020-03-06 16:21:37 -05:00
dwelch-r7 4fe7678b01 Land #12910, Add exploit module for apache activemq traversal 2020-03-05 15:05:13 +00:00
kalba-security cd6c01ae9d Add suggestions from code review. 2020-03-03 20:17:13 +02:00
Spencer McIntyre b3867dc200 Finish up the cve-2020-0688 module 2020-03-02 10:51:25 -05:00
bwatters-r7 c9e4ca34c3 Land #12921, Updating regex in ms16_075_reflection_juicy exploit windows version check 
Merge branch 'land-12921' into upstream-master
 2020-02-20 21:10:37 -06:00
William Vu de6306fa35 Fix message, once more with feeling 2020-02-20 11:26:21 -06:00
William Vu 9c69059a24 Fix DisablePayloadHandler warning once and for all 2020-02-20 10:35:47 -06:00
William Vu 0264802756 Reformat module doc 2020-02-18 23:28:08 -06:00
William Vu a34ffb3694 Fix typos in module doc 2020-02-18 23:27:15 -06:00
William Vu 6ad9956af8 Correct module doc filename 2020-02-18 23:24:46 -06:00
Brent Cook 8489bcdfd9 This fixes broken links to the community.rapid7.com blog 
Performed mechanically with sed, spot-checked that the new blog can consume these links.
 2020-02-18 09:06:11 -06:00
dwelch-r7 0e55e20c9c Land #12902, Add exploit module for crosschex buffer overflow 2020-02-13 15:43:38 +00:00
0x44434241 9e46926a0f Update documentation/modules/exploit/windows/local/ms16_075_reflection_juicy.md 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2020-02-12 08:18:49 +09:00
0x44434241 785dbb6ba3 Update documentation/modules/exploit/windows/local/ms16_075_reflection_juicy.md 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2020-02-12 08:18:27 +09:00
Adam Galway 946e244c8c Updates docs and adds basic options 2020-02-11 13:40:51 +00:00
Adam Galway a7a80e08a8 Updated docs with platform info 2020-02-11 12:55:07 +00:00
0x44434241 9c30250161 Updating documentation for juicy potato exploit. 
Added a link to information on the expiry of the bug, and explicitly
listing which versions of Microsoft Windows were and were not
vulnerable.
 2020-02-10 16:33:45 +09:00
bwatters-r7 7f3c0c9314 Land #12906, Add module for CVE-2019-19363 
Merge branch 'land-12906' into upstream-master
 2020-02-06 15:22:17 -06:00
Shelby Pace e736588795 change method of exploitation for reliability 
This commit changes a few things:
  1. The module first writes the dll to a
     temp location.
  2. The module writes a batch file to a
     temp location.
  3. The batch file copies the dll until
     the copy command fails (presumably
     because the dll is now in use by
     PrintIsolationHost.exe).
  4. The dropped files are deleted.
  5. Docs updated to reflect changes.
 2020-02-06 12:51:36 -06:00
bwatters-r7 9db6b5184b Land #12894, Add Windscribe WindscribeService Named Pipe Privilege Escalation 
Merge branch 'land-12894' into upstream-master
 2020-02-05 12:37:34 -06:00
kalba-security 20386f1aa4 Add apache_activemq_traversal_upload module and documentation 2020-02-04 12:01:41 +02:00
Shelby Pace 772431a29e add documentation 2020-02-03 16:25:16 -06:00
William Vu fa6573f8e7 Note arch in supported target 2020-02-03 11:16:16 -06:00
William Vu e12d993027 Move SMB DOPU module to match new naming scheme 2020-02-03 11:16:16 -06:00
William Vu 4ba0762089 Update module doc with service pack 2020-02-03 11:16:16 -06:00
William Vu 3074e5bece Update module doc once more 2020-02-03 11:16:16 -06:00
William Vu 4d21b0e88e Update prints in check for visibility 
vprint_good should be print_warning, and most vprints should be print,
even if in check, since check is critical functionality.
 2020-02-03 11:16:16 -06:00
William Vu 51ab58f7c9 Add module doc 2020-02-03 11:16:16 -06:00