adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
58,920 Commits 27 Branches 1,043 Tags
e26d6ca683cf309d255a016de18cafcb66076216
Commit Graph

1147 Commits

Author SHA1 Message Date
William Vu d3f16c7061 Land #14361, COOKIE for sharepoint_ssi_viewstate 2020-11-18 15:55:19 -06:00
chmod750 5ec0556abd Update modules/exploits/windows/http/sharepoint_ssi_viewstate.rb 
CamelCase update

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>
 2020-11-06 23:26:40 +01:00
chmod750 7a968fcd39 Update modules/exploits/windows/http/sharepoint_ssi_viewstate.rb 
CamelCase update

Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>
 2020-11-06 23:20:12 +01:00
chmod750 22b0fae73c Update sharepoint_ssi_viewstate.rb 2020-11-06 16:40:16 +01:00
chmod750 8356b44892 Add cookie header functionnality 2020-11-06 16:16:59 +01:00
Alan Foster 5b438fd933 Preference target values when registering options 2020-11-05 23:16:37 +00:00
William Vu e4fb76d74f Add version check to exchange_ecp_dlp_policy 
And update modules/exploits/windows/http/sharepoint_ssi_viewstate.rb.
 2020-10-20 14:32:43 -05:00
William Vu 3970b69734 Land #14229, Telerik UI for ASP.NET AJAX exploit 
CVE-2017-11317 && CVE-2019-18935
 2020-10-20 13:24:35 -05:00
Spencer McIntyre b58ed7f909 Update the Telerik RAU module metadata and add the TARGETURI option 2020-10-20 13:48:59 -04:00
Spencer McIntyre 57aef4367c Adjust the exploit timeout and set the default RPORT for Telerik RAU 2020-10-19 19:31:14 -04:00
William Vu 253928570b Update module doc 2020-10-19 11:18:00 -05:00
Spencer McIntyre a05f8a721b Print what the web.config loot path is 2020-10-19 10:27:41 -04:00
William Vu 4cb08f7426 Address outstanding issues 2020-10-15 13:24:08 -05:00
William Vu 1a341ae931 Add SharePoint SSI and ViewState RCE 
CVE-2020-16952
 2020-10-14 17:45:15 -05:00
Grant Willcox 443f26410e Fix up disclosure date 2020-10-08 15:30:56 -05:00
Spencer McIntyre 99bd146428 Fix version-related logic for the Telerik RAU module 2020-10-07 15:03:11 -04:00
Spencer McIntyre fb569a24ee Add module documentation for Telerik RAU Deserialization 2020-10-07 13:40:10 -04:00
Grant Willcox a2675c13e8 Land #14213, Add disclosure date rubocop linting rule - enforce iso8601 disclosure dates 2020-10-07 12:09:59 -05:00
Spencer McIntyre 2edf0390f7 Apply rubocop fixes 2020-10-07 11:11:25 -04:00
Spencer McIntyre adfc8f89c4 Implement version enumeration and report CVE-2017-11317 for Telerik 2020-10-07 10:27:50 -04:00
Spencer McIntyre efc8485c86 Fill out module metadata and improve the check method 2020-10-06 18:00:13 -04:00
Spencer McIntyre 4e2093d860 Initial Telerik UI RAU module 2020-10-05 16:42:05 -04:00
bwatters 3a6293357e Land #14190, Add the DOMAIN option to the CVE-2020-0688 Exploit 
Merge branch 'land-14190' into upstream-master
 2020-10-05 12:12:21 -05:00
Alan Foster 30809787c4 Convert disclosure dates to iso8601 2020-10-02 21:00:37 +01:00
Spencer McIntyre e7d2b73600 Add a DOMAIN option to CVE-2020-0688 for consistency with other modules 2020-09-28 09:24:39 -04:00
William Vu 5bda3b4b9d Revert "Make User-Agent consistent across requests" 
This reverts commit 0ec97aa447.
 2020-09-16 13:24:18 -05:00
William Vu da4e960eb0 Revert "Fix HttpUserAgent to UserAgent" 
This reverts commit 3c8390a1c7.
 2020-09-16 13:24:14 -05:00
William Vu 3c8390a1c7 Fix HttpUserAgent to UserAgent 
Payload vs. HttpClient. Whoops.
 2020-09-16 13:03:55 -05:00
William Vu 0ec97aa447 Make User-Agent consistent across requests 2020-09-16 12:59:17 -05:00
William Vu 03e0b9098c Add more words about Exchange role groups 2020-09-16 12:55:08 -05:00
William Vu e118ff1509 Add Microsoft Exchange Server DLP Policy RCE 
CVE-2020-16875
 2020-09-16 02:41:08 -05:00
Shelby Pace 6e2a7001a9 Land #13994, add Dlink Wifi manager rce 2020-08-18 09:34:19 -05:00
Shelby Pace d79ad5efca minor rubocop fix 2020-08-18 09:33:32 -05:00
Niboucha Redouane 0a20a217dc Fix description of the vulnerability 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-08-17 21:06:46 +02:00
Niboucha Redouane 602865ef70 refactor if in check method 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-08-17 21:01:34 +02:00
William Vu a6f7c0c0de Backport miscellaneous fixes to my modules 2020-08-14 13:40:23 -05:00
Niboucha Redouane 1a468fa210 remove unneeded include, left from an attempt to execute native payloads 2020-08-13 15:51:09 +02:00
Niboucha Redouane 66d3b1cd59 Add exploit for CVE-2019-13372 2020-08-13 15:07:11 +02:00
gwillcox-r7 17c26b098b Ninja edit to make sure that if we fail to authenticate to the server, we return CheckCode::Unknown rather than CheckCode::Safe 2020-07-29 16:08:51 -05:00
Spencer McIntyre 4fa657d6eb Fix a bunch of documentation typos and minor code cleanups 2020-07-29 16:30:44 -04:00
Spencer McIntyre 7af4297e86 Add the exploit for CVE-2020-1147 2020-07-29 11:58:38 -04:00
h00die 5a40c6dc00 move config_changes 2020-07-27 15:35:05 -04:00
Shelby Pace bf4d0bf6ee Land #13828, add Zentao Pro rce 2020-07-22 09:42:11 -05:00
Shelby Pace be95c0e17e include autocheck 2020-07-22 09:40:25 -05:00
Shelby Pace 6c066a97ed add bcoles suggestions 2020-07-22 09:39:17 -05:00
Erik Wynter 368adc26ef Update zentao_pro_rce.rb 2020-07-17 18:12:27 -04:00
bwatters eb863048f0 Land #13741, CVE-2020-5741: Plex rce on Windows 
Merge branch 'land-13741' into upstream-master
 2020-07-16 10:20:50 -05:00
Shelby Pace 9c32b45ca2 remove CheckCode returns in login 2020-07-15 20:06:15 -05:00
Tod Beardsley 637b9ab51d Add CVE-2020-7361 reference 2020-07-15 15:40:51 -05:00
kalba-security 2d3588c0ad Add suggestions from code review 2020-07-13 12:51:57 -04:00