adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
58,518 Commits 27 Branches 1,043 Tags
e4a3cd630d4bb48ea2d77cd7db3599a30f4970b3
Commit Graph

1652 Commits

Author SHA1 Message Date
Spencer McIntyre 43b1497cf6 Remove some debug info and mark bind payloads as being incompatible 2020-12-17 16:36:20 -05:00
Spencer McIntyre 2a2694ef16 Apply rubocop changes and precompute the encryption key 2020-12-07 14:59:40 -05:00
Spencer McIntyre d208e441ba Update the documentation 2020-12-07 10:54:20 -05:00
Spencer McIntyre 811de07e7a Add logout functionality and cleanup HTTP session management 2020-12-07 10:41:42 -05:00
Spencer McIntyre b968cf9183 Cleanup the payload delivery mechanism 2020-12-07 09:40:29 -05:00
Spencer McIntyre 7612845714 Add the initial Ruby port for CVE-2020-8260 2020-12-04 17:56:38 -05:00
h00die 020e90543d IOS -> IOC 2020-11-11 17:43:16 -05:00
h00die 6880376c61 add reliability, stability, side effects to pulse_secure_gzip_rce 2020-11-11 17:19:10 -05:00
h00die b0b9ace606 Revert "remove ruby pulse_secure_cmd_exec" 
This reverts commit efb8557e43.
 2020-11-09 20:09:12 -05:00
h00die da70b74954 fix version numbers 2020-11-08 22:38:53 -05:00
h00die 3c4962e9b0 working and clean 2020-11-08 22:31:26 -05:00
h00die 9f936038e5 cleanup rnd1 2020-11-08 08:42:19 -05:00
h00die 0e62e7793d working session on linux/x86/shell/reverse_tcp 2020-11-08 08:27:55 -05:00
h00die f39e4d62e2 working but needs cleanup 2020-11-04 17:59:04 -05:00
h00die bacc0f78ed permissions solved 2020-11-04 14:17:16 -05:00
h00die 8a936a07f0 stuck in read only mode 2020-11-03 18:33:40 -05:00
h00die 1e0ea16173 runs, needs cleanup 2020-11-03 15:25:49 -05:00
h00die efb8557e43 remove ruby pulse_secure_cmd_exec 2020-11-01 14:46:46 -05:00
Grant Willcox 2c391e9edc Fix up last of the module that had incorrect disclosure dates 2020-10-07 12:09:35 -05:00
Alan Foster 30809787c4 Convert disclosure dates to iso8601 2020-10-02 21:00:37 +01:00
Alan Foster 26ff912291 Fix invalid disclosure date formats 2020-10-02 12:20:05 +01:00
Christophe De La Fuente 2d1b378a18 Land #14122, Jenkins Deserialization RCE (CVE-2017-1000353) 2020-09-22 12:32:09 +02:00
Shelby Pace 2ae50e9304 Land #14025, add Artica Proxy auth bypass / rce 2020-09-21 15:27:53 -05:00
Shelby Pace 18fa28f96b change date format / default payload 2020-09-21 15:26:39 -05:00
Shelby Pace 74669f4052 Land #14135, add tp-link command injection 2020-09-18 09:47:02 -05:00
Pietro Oliva 5f204257a5 Remove unnecessary comma, fix docs 2020-09-18 10:15:23 -04:00
Pietro Oliva e2c169d7d3 Remove unnecessarily setting SSL via datastore 2020-09-18 09:32:45 -04:00
0xsysenter 3144a1aede Add SSL in DefaultOptions 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-09-18 15:31:23 +02:00
Pietro Oliva d3f68d0fe4 Fix double shell issue 2020-09-18 09:23:02 -04:00
Shelby Pace 09c5b906af change notes and primary command stager flavor 2020-09-17 13:25:14 -05:00
Shelby Pace 8c1968e01c use more generic regex for versioning 
Co-authored-by: cdelafuente-r7 <56716719+cdelafuente-r7@users.noreply.github.com>
 2020-09-17 09:12:20 -05:00
Pietro Oliva 072f35c270 -Updated module to work using CmdStager 
-Updated documentation accordingly
-Removed unnecessary includes and simplified code
 2020-09-16 19:51:15 -04:00
Pietro Oliva c396ad0436 Fix compatibility issue resulting in no shell on some devices 2020-09-16 13:38:34 -04:00
Pietro Oliva c6b6021df3 Tidy up code with rubocop and msftidy 2020-09-14 21:13:09 -04:00
Pietro Oliva 963a4d29ec Removed unnecessary "begin, end" 2020-09-14 19:53:18 -04:00
Niboucha Redouane 3a09337935 Remove AUTH_BYPASS target 2020-09-15 01:51:34 +02:00
0xsysenter 201385f111 Update modules/exploits/linux/http/tp_link_ncxxx_bonjour_command_injection.rb 
Remove unnecessary comma

Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-09-15 01:23:00 +02:00
0xsysenter a9e45dc0a1 Update modules/exploits/linux/http/tp_link_ncxxx_bonjour_command_injection.rb 
remove unnecessary comma

Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-09-15 01:17:01 +02:00
0xsysenter 9c5f64d692 Update modules/exploits/linux/http/tp_link_ncxxx_bonjour_command_injection.rb 
fix disclosure date format

Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-09-15 01:15:53 +02:00
Pietro Oliva f10ed189e9 Add module for TP-Link Cameras Command Injection (CVE-2020-12109) 2020-09-14 14:20:42 -04:00
Niboucha Redouane ca32a15f8d Remove trailing comma after the URL reference 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-09-14 19:03:57 +02:00
Niboucha Redouane 69ed4be81d Remove trailing comma after :auth_bypass 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-09-14 19:03:37 +02:00
Brendan Coles febe38e1ce resolve qa comments 2020-09-11 17:16:10 +00:00
Shelby Pace d86f9427c9 change version check and add sleep 2020-09-11 11:49:14 -05:00
Shelby Pace e5c9439974 rubocop and metadata additions 2020-09-10 18:32:30 -05:00
Shelby Pace 8474462458 add command stager usage 2020-09-10 18:02:07 -05:00
Shelby Pace 4d9f5e14e8 remove pry statement and comments 2020-09-02 13:41:33 -05:00
Shelby Pace 1e90d10531 add functionality for channel setup 2020-09-02 13:37:41 -05:00
Niboucha Redouane 314fb755c0 update comment on Author metadata 2020-09-02 19:43:06 +02:00
Niboucha Redouane 1b09ecfd04 make auth_bypass return a checkcode 2020-09-02 17:50:09 +02:00