adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
69,996 Commits 27 Branches 1,043 Tags
e2e8568860e381fc09e1ecedd5ddfc6fdfa3ce99
Commit Graph

704 Commits

Author SHA1 Message Date
cgranleese-r7 ec7347cd49 Land #17509, tomcat 7 priv esc on rhel based systems (cve-2016-5425) 2023-03-14 10:16:18 +00:00
h00die 8dfe58e617 review comment 
Co-authored-by: cgranleese-r7 <69522014+cgranleese-r7@users.noreply.github.com>
 2023-03-13 14:42:26 -04:00
adfoster-r7 656ded4b86 Add module notes 2023-02-08 15:46:07 +00:00
adfoster-r7 25ee41df68 Run rubocop on exploit modules 2023-02-08 15:20:32 +00:00
h00die a5a7d5dd10 correct cleanup and stabilization 2023-02-05 08:15:38 -05:00
h00die 561b42f105 use exploit retry function 2023-02-04 18:17:42 -05:00
h00die aff14e8e46 tocat to tomcat 2023-02-04 18:17:42 -05:00
h00die e30cae2e40 uncomment needed code 2023-02-04 18:17:42 -05:00
h00die 34b1e66f90 tomcat 8 priv esc on ubuntu prebuilt so file 2023-02-04 18:17:41 -05:00
h00die 2b09af78e1 tomcat 8 priv esc on ubuntu 2023-02-04 18:17:41 -05:00
Jack Heysel 6ab7e177f4 Land #17392, add F5 Big-IP priv esc module 
Add a privilege escalation module for F5 that uses
the unsecured MCP socket to create a new root account
 2023-02-02 15:10:33 -05:00
adfoster-r7 952a4fe37a Land #17581, modules: Check datastore ForceExploit before checking if session is root 2023-02-02 10:19:07 +00:00
bcoles ef87a63bde modules: Check datastore ForceExploit before checking if session is root 2023-02-02 18:17:02 +11:00
Grant Willcox 48a27ab555 Fix the remaining references to the old wiki site. 2023-02-01 21:25:06 -06:00
Ron Bowes cf172d22c8 Get rid of #String.hash in favour of UnixCrypt 2023-02-01 11:02:04 -08:00
Ron Bowes 1094221468 Merge branch 'rapid7:master' into f5-createuser-privesc 2023-02-01 10:20:43 -08:00
Ron Bowes 34d93e862c Update modules/exploits/linux/local/f5_create_user.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2023-02-01 10:16:03 -08:00
Ron Bowes e90b47fd17 Update modules/exploits/linux/local/f5_create_user.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2023-02-01 10:15:00 -08:00
Ron Bowes d89c193db2 Update modules/exploits/linux/local/f5_create_user.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2023-02-01 10:14:38 -08:00
Jack Heysel 690d22f759 Rapid7 compiled binary 2023-02-01 10:08:13 -05:00
h00die 2c72cc145a updates to module 2023-01-31 20:05:33 -05:00
h00die fa687d3614 argv instead of hardcoded payload path 2023-01-31 16:02:25 -05:00
h00die 5a374533af cve-2022-1043 2023-01-31 16:02:25 -05:00
h00die 8d58eb6279 cve-2022-1043 2023-01-31 16:02:25 -05:00
h00die 62d43a6e96 use exploit retry function 2023-01-28 07:44:53 -05:00
h00die 633c58a0ff tomcat on rhel priv esc 2023-01-19 15:28:10 -05:00
h00die 3a0b694790 better engrish 2023-01-18 20:12:49 -05:00
h00die c823295915 cleanup better 2023-01-18 16:19:48 -05:00
bwatters 158c557d58 Update LICENSE file and location of source file 2023-01-17 17:28:22 -05:00
h00die e28ff3b160 minor fixes 2023-01-17 15:30:36 -05:00
h00die be7ca91a8f cve-2022-22942 2023-01-17 15:30:36 -05:00
Ron Bowes 2ec77e6d95 Merge branch 'master' into f5-createuser-privesc 2022-12-15 13:11:26 -08:00
bwatters 54cd055276 Land #17286, CVE-2021-22015 vCenter priv esc 
Merge branch 'land-17286' into upstream-master
 2022-12-05 09:31:01 -06:00
h00die 867059efe5 add super to cleanup command 2022-12-01 14:55:43 -05:00
h00die 62b484fdc7 blank over empty 2022-12-01 14:34:09 -05:00
h00die 039b611fae fix enlightenment check method 2022-11-30 17:06:50 -05:00
Ashley Donaldson 25a0d0ff0e Fixes #17227 - polkit_dbus_auth_bypass module when run from a command shell 2022-11-25 15:13:57 +11:00
h00die 6877304bac exploit for cve-2021-22015 vcenter priv esc 2022-11-20 11:29:49 -05:00
Ron Bowes 93cba95170 Add URLs 2022-11-16 12:23:47 -08:00
Ron Bowes fc579fe3f4 Add a privesc module for F5, using the MCP protocol 2022-11-16 12:12:16 -08:00
h00die 59535b6799 remove 'is' 2022-11-12 16:19:50 -05:00
bwatters 9902e9a1e4 Land #17110, check files exist before doing other things 
Merge branch 'land-17110' into upstream-master
 2022-10-24 14:20:16 -05:00
Ron Bowes dea3f72f6b Resolve feedback - get rid of unnecessary directory, add CVE number, let the user choose the path 2022-10-17 15:00:56 -07:00
Ron Bowes a2a2dcbf6f Check in zimbra_postfix_priv_esc.rb 2022-10-14 13:21:41 -07:00
h00die 4950124ea0 use more Post::File functions 2022-10-08 09:50:25 -04:00
h00die a3eee73efb review comments 2022-10-08 09:16:57 -04:00
h00die 6db9ee743e check files exist before suid checking them 2022-10-05 19:43:07 -04:00
h00die b7073df1e0 review comments 2022-10-03 16:53:14 -04:00
h00die de184226f6 repeatable sessions 2022-10-01 11:30:21 -04:00
h00die e78babea90 cve-2022-37706 2022-10-01 11:24:29 -04:00