adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
69,996 Commits 27 Branches 1,043 Tags
e2e8568860e381fc09e1ecedd5ddfc6fdfa3ce99
Commit Graph

2883 Commits

Author SHA1 Message Date
adfoster-r7 236de61130 Land #17583, Enhances info -d with references to AttackerKB 2023-03-21 12:38:36 +00:00
Tod Beardsley de58b96d2a Add "a good example" of a LastPass password 
When setting a new master password, LastPass helpfully suggests "r50$K28vaIFiYxaY" as a good example.

Sure, sounds good to me.
 2023-03-07 13:32:50 -06:00
Spencer McIntyre 025ba6775d Add a README file with some basic information 2023-02-09 15:09:50 -05:00
Spencer McIntyre 126e3a9c9a Add larger 256KiB DLL templates 2023-02-09 15:09:50 -05:00
Spencer McIntyre 2608852d8c Consolidate gdiplus build code 
This references the main dll/template.c code as the mixed-mode variant
already does. This will make future changes easier as we won't need to
copy them from the main to this one.

See https://github.com/rapid7/metasploit-framework/pull/8509 for the
origin of these files.
 2023-02-09 15:09:50 -05:00
h00die 34b1e66f90 tomcat 8 priv esc on ubuntu prebuilt so file 2023-02-04 18:17:41 -05:00
h00die 2b09af78e1 tomcat 8 priv esc on ubuntu 2023-02-04 18:17:41 -05:00
cgranleese-r7 80dbbca020 Land #17371, Lenovo Diagnostics Driver Privilege Escalation (CVE-2022-3699) 2023-02-03 13:43:04 +00:00
cgranleese-r7 b789e00ea7 Enhances info -d with references to AttackerKB 2023-02-03 10:15:55 +00:00
Jack Heysel af2ef53462 Land #17415, macOS dirty cow priv esc 2023-02-02 12:15:19 -05:00
Jack Heysel 1f224fd2d3 Rapid7 compiled binary 2023-02-02 11:11:06 -05:00
adfoster-r7 6870efc34a Land #17426, Update all references to old Wiki to point to new docs site 2023-02-01 23:49:20 +00:00
Jack Heysel 690d22f759 Rapid7 compiled binary 2023-02-01 10:08:13 -05:00
h00die 2c72cc145a updates to module 2023-01-31 20:05:33 -05:00
h00die fa687d3614 argv instead of hardcoded payload path 2023-01-31 16:02:25 -05:00
h00die 8d58eb6279 cve-2022-1043 2023-01-31 16:02:25 -05:00
Jack Heysel 2306736383 Land #17300, the latest commit in PR 17300 
I made a mistake and was not up to date with the latest commit
in the PR before I landed, this fixes that mistake.
 2023-01-31 14:18:01 -05:00
Jack Heysel 022760d24a Land #17300, linux LPE cve-2022-22942 module 
This PR adds a linux priv esc against VMWare virtual machines
 with kernel 4.14-rc1 - 5.17-rc1 due to a VMWare driver bug.
 2023-01-31 14:07:55 -05:00
Jack Heysel e99407fe26 Updated pre_compiled binary 2023-01-31 13:37:45 -05:00
Spencer McIntyre 902eaa2562 Add new queries and attributes for ldap_query 2023-01-30 16:24:23 -05:00
Grant Willcox 6043d0ffba Update all links from Wiki site to new docs site. 2023-01-27 09:58:53 -06:00
Jack Heysel 4da94325f3 Rubocop 2023-01-19 13:52:58 -05:00
Christophe De La Fuente 1e94adc3ab Land #17479, Wordpress paid membership pro unauthenticated sqli (CVE-2023-23488) 2023-01-19 15:36:00 +01:00
Jack Heysel 63d9445911 Fix for Win Server 2022 and 2019 2023-01-19 00:52:38 -05:00
Grant Willcox 82fe7120d4 Update ADCS to be AD CS so we have appropriate spelling 2023-01-18 17:07:48 -06:00
Jack Heysel 2c2bfec4a0 Tested on Windows Build 19044, 19045 and 22000 2023-01-18 01:41:30 -05:00
bwatters 0dbb0dc8c9 Fix margins for readability and delete file 2023-01-17 17:28:27 -05:00
h00die be7ca91a8f cve-2022-22942 2023-01-17 15:30:36 -05:00
h00die 1888264d4d wordpress paid membership pro 2023-01-14 08:34:10 -05:00
Jack Heysel 145589f7a2 Add GetPteBaseW10 2023-01-12 01:15:23 -05:00
Christophe De La Fuente 6758c8313f Land #17258, Update sharphound 2022-12-21 14:04:09 +01:00
Christophe De La Fuente d6a5590c06 Land #17265, Add Exploit for CVE-2020-25736 2022-12-13 18:49:56 +01:00
Jack Heysel 2fa7e7b2d5 Lenovo Diagnostics Driver Privilege Escaltion (CVE-2022-3699) 2022-12-12 21:53:53 -05:00
space-r7 cf9e54909c use 2021 helper name in objective-c code too 2022-12-12 15:55:36 -06:00
Spencer McIntyre 024fc87b4c Land #17272, Add F5 MCP post module 
Add F5 MCP post module
 2022-12-12 14:20:31 -05:00
Christophe De La Fuente aaef7726db Land #17330, Fix enumerating emails via ProxyShell 2022-12-06 14:02:53 +01:00
Grant Willcox 1fec75621c Fix up documentation from review 2022-12-05 14:04:22 -06:00
Spencer McIntyre 96da805014 Fix enumerating emails via ProxyShell 
The ResolveNames endpoint used to gather emails addresses for targeting
only returns 100 at a time. This updates the module to check if the
search result contains all entries and when it does, it recurses into
itself with a refined search prefix. All results are returned to match
the original functionality instead of enumerating and halting once one
that's suitable for exploitation has been found.
 2022-12-02 15:58:50 -05:00
Christophe De La Fuente d3057f15b2 Land #17275, Add Exploit For CVE-2022-41082 (ProxyNotShell) 2022-11-30 18:16:19 +01:00
Ron Bowes e981dde15f Move the mcp-objects out of the class and into a data/ file (per Jeffrey's request) 2022-11-23 12:49:00 -08:00
h00die b866917ee1 review 2022-11-22 16:57:01 -05:00
h00die 637ad5f809 make ducky more psh friendly 2022-11-21 17:55:48 -05:00
h00die 29b7fa5336 ducky_script format for msfvenom 2022-11-18 17:02:52 -05:00
Spencer McIntyre 29d57dde66 Consolidate into ProxyMaybeShell 2022-11-18 17:01:01 -05:00
Spencer McIntyre fc7594dbc8 Add exploit for CVE-2022-41082 AKA ProxyNotShell 2022-11-18 17:00:27 -05:00
space-r7 d8f2b50b07 add compiled exploit and source 2022-11-17 17:16:08 -06:00
space-r7 ea486169b4 use erb template for objective-c code 2022-11-17 11:55:19 -06:00
space-r7 27d4f45e09 add documentation and exploit file 2022-11-15 12:55:00 -06:00
h00die f6eba6a836 updated bloodhound module 2022-11-13 14:29:28 -05:00
h00die 7abbdbe567 bloodhound module working with exe with sharphound v4 2022-11-13 10:26:15 -05:00