adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
67,960 Commits 27 Branches 1,043 Tags
e4ed187ec2b4dbf1a2cf600d064c8edf09cefc85
Commit Graph

33191 Commits

Author SHA1 Message Date
cgranleese-r7 8cbcc2f473 Land #17064, Fix beagent sha auth linting 2022-09-27 16:50:23 +01:00
adfoster-r7 a05606ff33 Fix beagent sha auth linting 2022-09-27 16:23:05 +01:00
bwatters 3170eac829 Land #16981, enum_domain_tokens: Cleanup and fix group member retrieval 
Merge branch 'land-16981' into upstream-master
 2022-09-27 09:47:34 -05:00
adfoster-r7 2388f7e6c4 Land #17054, Fix Adapted Single (Unstaged) Payloads 2022-09-27 11:54:04 +01:00
adfoster-r7 c436f42c8c Land #16994, Fix Multiple Registry Related Issues 2022-09-27 11:43:02 +01:00
Grant Willcox a48c2d9e72 Land #17033, hikvision password reset via inproper authorization logic - CVE-2017-7921 2022-09-23 15:01:04 -05:00
Grant Willcox 0908006466 Land #16985, wifi mouse rce - CVE-2022-3218 2022-09-23 14:46:49 -05:00
Grant Willcox 828cdb8862 Fix a typo 2022-09-23 14:20:18 -05:00
Grant Willcox b62f163696 Update documentation on module and exploit a little more to make things a bit clearer 2022-09-23 14:08:18 -05:00
Grant Willcox 2958a43a6a Update to reflect fact that bug is an improper authentication logic bug and to randomize password for auth parameter since it is ignored 2022-09-23 12:19:29 -05:00
Jack Heysel 2b5e85cd27 Land #17012, Veritas Backup Agent RCE 
This module exploits a chain of the vulnerabilities CVE-2021-27876,
CVE-2021-27877 and CVE-2021-27878 in Veritas Backup Exec Agent which
leads to remote code execution with privileges of system or root user
 2022-09-23 12:31:46 -04:00
Grant Willcox edc37835e5 Add more nil checks in, update some of the check code to catch an edge case, update notes to account for indicators of compromise, and fix some extra issues noticed on second round of review 2022-09-23 09:38:35 -05:00
Grant Willcox 9abe1649ff Sanitize XML data prior to adding it to the XML POST request and also change the ID option to an integer from a string to match expectations 2022-09-23 09:38:35 -05:00
Grant Willcox 3ca34568c2 Clean up some of the documentation and module code and descriptions 2022-09-23 09:38:12 -05:00
h00die-gr3y 37caf6dae5 removed exploit information from info section 2022-09-23 09:38:11 -05:00
h00die-gr3y a4a12d06bc improved error handling 2022-09-23 09:38:10 -05:00
h00die-gr3y 5ed7ff7f52 init commit module and documentation 2022-09-23 09:38:05 -05:00
c0rs 425d58dd15 fix check methos output in Veritas BE rce 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2022-09-23 09:46:52 +03:00
c0rs 04c897dbeb Fix description info Veritas BE RCE 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2022-09-23 09:45:18 +03:00
c0rs a8210bfe70 add autocheck to veritas BE RCE 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2022-09-23 09:44:39 +03:00
adfoster-r7 5e2a6c9dba Land #17015, improve http login result checks 2022-09-23 01:28:59 +01:00
space-r7 dd11156922 add new reference to bitbucket module 2022-09-22 16:14:18 -05:00
Jeffrey Martin 96d291121b use model validator instead of setup check 2022-09-22 14:49:09 -05:00
Spencer McIntyre 83de0924f0 Move #generate_stage to #generate for singles 2022-09-22 12:55:41 -04:00
cgranleese-r7 c74f480177 Land #17049, enum_domain_group_users module clean up 2022-09-22 17:51:12 +01:00
cgranleese-r7 0029628db8 Land #17051, wmic_command module cleanup 2022-09-22 16:17:33 +01:00
Jack Heysel 12f3325f3e Land #16732, VIDIdial Multiple SQLi 
This PR adds a module which exploits several
authenticated sqli in VICIdial
 2022-09-22 10:47:42 -04:00
bcoles ce48afd0db wmic_command: Cleanup 2022-09-23 00:25:13 +10:00
bcoles 9eab7eadab enum_domain_group_users: Cleanup 2022-09-22 17:05:19 +10:00
h00die 6d608ea41e vicidial sqli module docs update 2022-09-21 16:57:18 -04:00
h00die 32402c0e6d wifi mouse doc updates 2022-09-21 16:35:08 -04:00
Spencer McIntyre 415383b48d Land #17042, Add exploit for CVE-2022-36804 2022-09-21 13:07:32 -04:00
space-r7 8d2b182c7b add cmd stager flavors and bad characters 2022-09-21 10:54:32 -05:00
space-r7 77d1328c43 add module description 2022-09-21 08:38:18 -05:00
Christophe De La Fuente 4943d86ec6 Land #16989, Unified Remote RCE 2022-09-21 14:06:33 +02:00
space-r7 34a6671c2d update module to support auth & additional target 2022-09-20 18:45:14 -05:00
h00die 9e6c172dd4 unified remote review 2022-09-20 16:44:05 -04:00
Grant Willcox 98aea3f2ae Land #17002, Msf::Post::Windows: Replace load_extapi with ExtAPI capability check 2022-09-20 13:29:45 -05:00
Grant Willcox 3366179697 Add in guard clauses to wmic_command to handle sessions without sysinfo available. 2022-09-20 13:09:36 -05:00
space-r7 9738f23b51 add cmdstager 2022-09-20 10:37:10 -05:00
Grant Willcox bd4a062e5f Land #17023, Fix #16999 by using a compatible default action 2022-09-19 17:33:01 -05:00
Grant Willcox 5d7c7b0a09 Update documentation and change up the code to use action.name vs datastore['ACTION'] since that is no longer populated 2022-09-19 17:31:51 -05:00
space-r7 391e5cc891 add check method, repo search 2022-09-19 17:28:17 -05:00
h00die 5c35a8d3fd remove bad ref 2022-09-19 16:07:52 -04:00
bwatters 88f14950a0 Land #16688, Add Mimipenguin 
Merge branch 'land-16688' into upstream-master
 2022-09-19 12:43:16 -05:00
h00die 7fe4f282e4 add cve 2022-09-18 19:03:54 -04:00
h00die 271171f6d2 unified now with invisible feature 2022-09-18 19:02:59 -04:00
space-r7 664a3eb89c bump mettle to 1.0.20 2022-09-16 18:20:06 -05:00
adfoster-r7 9b59698cbf Land #17029, Add getsystem module docs 2022-09-16 23:46:51 +01:00
Spencer McIntyre eae1adb8bb Add getsystem module docs 2022-09-16 14:59:50 -04:00