adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
58,920 Commits 27 Branches 1,043 Tags
e26d6ca683cf309d255a016de18cafcb66076216
Commit Graph

14849 Commits

Author SHA1 Message Date
cgranleese-r7 96c62aea20 Lands #14411 Fixes eternalblue-win8 to run only with python3 2020-12-05 14:22:32 +00:00
A Galway c83c21bcea additional string to byte conversions 2020-12-03 16:21:55 +00:00
Spencer McIntyre a322647913 Change the cookie to PHPSESSID from my_id for the Simple PHP blog exploit 2020-12-02 10:09:05 -05:00
justinopatrny c200a274b2 Corrected headers check for retrieved cookie 
Previous get_cookies method not working properly
 2020-11-29 19:07:44 -06:00
Tim W 6de55b3d79 Land #14433, fix typo in exploits/windows/local/bypassuac_comhijack.rb 2020-11-26 20:13:42 +00:00
Tim W 87eba681e0 Land #14365, Update TP-Link AC1750 Pwn2Own 2019 module 2020-11-26 19:55:00 +00:00
Pedro Ribeiro a99ce581dd Update TP-Link AC1750 Pwn2Own 2019 module 2020-11-26 12:56:02 +00:00
Graeme Robinson f6f78d4710 Make changes suggested in code review 2020-11-26 13:46:02 +01:00
Graeme Robinson 7fa10a0684 Update modules/exploits/multi/http/apache_nifi_processor_rce.rb 
Co-authored-by: cdelafuente-r7 <56716719+cdelafuente-r7@users.noreply.github.com>
 2020-11-26 13:46:02 +01:00
Graeme Robinson 5dc7e8f04e Update modules/exploits/multi/http/apache_nifi_processor_rce.rb 
Co-authored-by: cdelafuente-r7 <56716719+cdelafuente-r7@users.noreply.github.com>
 2020-11-26 13:46:02 +01:00
Graeme Robinson 78c042cbb7 Update modules/exploits/multi/http/apache_nifi_processor_rce.rb 
Co-authored-by: cdelafuente-r7 <56716719+cdelafuente-r7@users.noreply.github.com>
 2020-11-26 13:46:01 +01:00
Graeme Robinson 7894f1eb9a Update modules/exploits/multi/http/apache_nifi_processor_rce.rb 
Co-authored-by: cdelafuente-r7 <56716719+cdelafuente-r7@users.noreply.github.com>
 2020-11-26 13:46:01 +01:00
Graeme Robinson fcde932e1b Update modules/exploits/multi/http/apache_nifi_processor_rce.rb 
Co-authored-by: cdelafuente-r7 <56716719+cdelafuente-r7@users.noreply.github.com>
 2020-11-26 13:46:01 +01:00
Graeme Robinson 2a9898df25 Update modules/exploits/multi/http/apache_nifi_processor_rce.rb 
Co-authored-by: cdelafuente-r7 <56716719+cdelafuente-r7@users.noreply.github.com>
 2020-11-26 13:46:01 +01:00
Graeme Robinson 9a35a5fdee Remove frozen_string_literal directive 
Remove directive that was added by `rubocop -A`, as suggested in review.

Note that this results in an additional offense being reported by rubocop
 2020-11-26 13:46:01 +01:00
Graeme Robinson e33a2ca463 Use cleanup method to perform cleanup 2020-11-26 13:46:01 +01:00
Graeme Robinson f6d39147af Removed pointless comment. 2020-11-26 13:46:01 +01:00
Graeme Robinson 2de77b6e8a Refactored code. Primarily line length increased. 2020-11-26 13:46:01 +01:00
Graeme Robinson 012b040fc1 Reformat code layout to satisfy msftidy 2020-11-26 13:46:01 +01:00
Graeme Robinson 41ff86178b Add new module exploit module 
Add new module /exploits/multi/http/apache_nifi_processor_rce.rb
 2020-11-26 13:46:01 +01:00
Jan Bucher 6d6c71bc2a Fix another typo in the bypassuac_comhijack module 2020-11-26 13:14:36 +01:00
Jan Bucher 9757c68f9b Fix typo in modules/exploits/windows/local/bypassuac module 
Correct small typo in the output to the msfconsole.
 2020-11-26 12:55:29 +01:00
Grant Willcox 63a98adff0 Land #14427, phpstudy_backdoor_rce.rb TARGETURI handling and default value modifications 2020-11-25 10:32:53 -06:00
Grant Willcox ca28f59ac4 Update the description of the TARGETURI option to reflect the recent changes 2020-11-25 10:32:17 -06:00
Spencer McIntyre 95665e916c Land #14416, wordpress plugin 'simple file list' rce 2020-11-25 09:58:26 -05:00
Spencer McIntyre 94c157bc95 Tweak the documentation and module output just a little for clarity 2020-11-25 09:58:07 -05:00
cgranleese-r7 31426576e0 Land #14264, Add exploit/multi/http/kong_gateway_admin_api_rce 2020-11-25 11:09:02 +00:00
Grant Willcox efdc7f062e Land #14241, OpenMediaVault 5.5.11 Authenticated Remote Code Execution 2020-11-24 13:42:53 -06:00
Grant Willcox e0a8aff72b Ninja edit in fix to remove support for IN_MEMORY Unix payloads since most of them don't work correctly or return multiple shells if they do work. Will potentially add this in with another PR once fixes are made to make it more reliable 2020-11-24 13:41:57 -06:00
Natto c8fc5b52cf TARGETURI Default value modification 
TARGETURI Default value modification
 2020-11-24 14:05:49 +08:00
Graeme Robinson 8e299de712 Update modules/exploits/multi/http/kong_gateway_admin_api_rce.rb 
Co-authored-by: cgranleese-r7 <69522014+cgranleese-r7@users.noreply.github.com>
 2020-11-22 14:49:51 +00:00
h00die a988e85d90 remove not needed code 2020-11-22 09:07:11 -05:00
h00die 92c92f1573 simple file list rce 2020-11-21 08:51:07 -05:00
Spencer McIntyre 1031b12c57 Land #14206, Rockwell FactoryTalk CVE-2020-12027 RCE 2020-11-20 08:49:39 -05:00
A Galway 5e4e52c619 convert strings to bytes and mandate python3 2020-11-20 12:57:36 +00:00
Spencer McIntyre a5024238d3 Tweak the check method to return detected and fix a typo 2020-11-19 09:24:27 -05:00
adfoster-r7 2eb2fad212 Land #14294, Allow adding details to CheckCodes, and update ms17_010_eternalblue to validate the target is x64 2020-11-19 14:09:55 +00:00
Pedro Ribeiro b56d2e00fe Update modules/exploits/windows/scada/rockwell_factorytalk_rce.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2020-11-19 19:39:59 +07:00
Pedro Ribeiro c635538e9d Update modules/exploits/windows/scada/rockwell_factorytalk_rce.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2020-11-19 19:39:47 +07:00
Pedro Ribeiro 4c8adcfd46 Update rockwell_factorytalk_rce.rb 2020-11-19 17:56:31 +07:00
William Vu d3f16c7061 Land #14361, COOKIE for sharepoint_ssi_viewstate 2020-11-18 15:55:19 -06:00
William Vu 72a6993408 Add patch bypass (CVE-2020-14750) to references 
We were already using it... but now there's a CVE.
 2020-11-18 10:57:05 -06:00
William Vu 78999bb92c Add an exploit from Exploit-DB 
Written by either (Nguyen) Jang or Mohammed Althibyani. Not used by the
module.

https://www.exploit-db.com/exploits/48971
 2020-11-18 10:56:03 -06:00
William Vu 83beae731f Add WebLogic Administration Console Handle RCE 
CVE-2020-14882
CVE-2020-14883
 2020-11-18 10:56:02 -06:00
William Vu f73a88a39c Land #14396, hadoop_unauth_exec clarification 2020-11-16 12:44:13 -06:00
Tod Beardsley 06a0634828 Describe the Hadoop vuln as not-a-vuln clearly 2020-11-16 11:31:59 -06:00
A Galway 0328e3f815 Land #14359, gives preference to default target options 2020-11-13 14:44:13 +00:00
Christophe De La Fuente d6b412c58e Land #14340, Add HorizontCMS 1.0.0-beta exploit module and documentation 2020-11-13 13:03:04 +01:00
Alan Foster 79a3328cd3 Validate that AutoCheck is prepended 2020-11-11 22:15:40 +00:00
William Vu fcb507e412 Fix AutoCheck 
I'm a big dummy.
 2020-11-11 15:57:38 -06:00