adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
64,053 Commits 27 Branches 1,043 Tags
ec9f0b524229ecfbebc4e76c57fa53ebec504afd
Commit Graph

32479 Commits

Author SHA1 Message Date
dwelch-r7 ec9f0b5242 Add log path session config option 2022-04-29 15:04:11 +01:00
Spencer McIntyre c994f8e933 Land #16507, Add WSO2 file upload RCE module 2022-04-29 09:58:55 -04:00
Jack Heysel 2b8ea72e51 Added autocheck fixed execute_payload method 2022-04-28 08:55:17 -07:00
jvoisin f30c797293 Fix two simple typo 2022-04-27 21:58:02 +02:00
Jack Heysel 5b82a978ea Added reference removed default payload 2022-04-27 09:48:21 -07:00
Jack Heysel 253cb8580a Responded to comments added retry_until_true 2022-04-27 09:45:18 -07:00
Jack Heysel a941fea26a Removed unused import added target_uri 2022-04-26 14:11:10 -07:00
Jack Heysel a8ae08d138 Updated authors 2022-04-26 13:55:59 -07:00
Jack Heysel 86ff080d31 Merge branch 'wso2-file-upload-rce' of github.com:jheysel-r7/metasploit-framework into wso2-file-upload-rce 2022-04-26 13:53:17 -07:00
Jack Heysel 1879a7568f Updated authors 2022-04-26 13:52:59 -07:00
jheysel-r7 266d3bb9ca Apply suggestions from @bcoles code review 
Co-authored-by: bcoles <bcoles@gmail.com>
 2022-04-26 13:40:25 -07:00
Jack Heysel 691d9fe001 Added Reliability section to Notes 2022-04-26 13:19:34 -07:00
Jack Heysel 76c8e0b65f Added Notes section to module 2022-04-26 13:01:38 -07:00
Jack Heysel 37c8fff523 Rubocop offenses 2022-04-26 12:51:12 -07:00
Jake Baines 1b119a845c Fixed handling of victim response 2022-04-26 12:34:45 -07:00
Jack Heysel ca0be9c145 Add WSO2 file upload RCE module 2022-04-26 12:29:12 -07:00
Jake Baines ec37ebc617 Update modules/exploits/linux/redis/redis_debian_sandbox_escape.rb 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2022-04-26 14:43:03 -04:00
Jake Baines d20fd996bd Fix spelling mistakes 2022-04-26 03:38:23 -07:00
Jake Baines 71a4023c0d Initial commit of Redis sandbox escape CVE-2022-0543 2022-04-26 03:32:11 -07:00
Jack Heysel 74e69917c6 Land #16450 VNC Keyboard exec fast typing fix 
This PR adds small delays in the VNC Keyboard
Exec to avoid typing long commands too fast.
 2022-04-21 19:45:46 -07:00
Jack Heysel 1e40595c53 Fixed typo in TIME_KBD_THRESHOLD option 2022-04-21 19:32:57 -07:00
Jack Heysel 140c3bfd50 Land #16432 Enumerate Windows AV module 
Post module that will query WMI via shell
or meterpreter session for deployed AV products
from the root\SecurityCenter2 namespace
 2022-04-21 13:07:56 -07:00
Jack Heysel d8542ad2b5 Changed vprint to print update docs 2022-04-21 11:35:33 -07:00
jheysel-r7 841fd12519 Update modules/post/windows/gather/enum_av.rb 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2022-04-21 09:23:11 -07:00
Grant Willcox e2c6c36b2b Land #1642, Add module for cve-2022-0995 2022-04-21 09:12:47 -05:00
bwatters 9cba9576cd Keep code reusable and fix some logical complexities 2022-04-21 07:44:40 -05:00
adfoster-r7 104071e816 Land #16483, fix typo 'MetaSploit' in readme and comment 2022-04-21 10:13:14 +01:00
Jack Heysel d3c9648af0 Land #16438, Fix smtp server auth prompt 
Some smtp servers only give out creds when promted.
Now there exists a mondule option 'AUTHPROMPT' to indicate
whether or not the auth prompt is required by the server.
 2022-04-20 22:21:55 -07:00
Anton Panteleev 9297c0e058 FIX: typo 'MetaSploit' in readme and comment 2022-04-21 14:44:57 +10:00
Grant Willcox 69b54c8448 Add in additional validation to check methods to address bcoles's comments and also to prevent issues with fail_with being used inside a check method 2022-04-20 19:50:08 -05:00
Grant Willcox f33e3f45c1 RuboCop compliance for PacketStorm 2022-04-20 19:09:14 -05:00
Grant Willcox 78d4ac8592 Update module reliability and also fix issues from bcoles's review 2022-04-20 19:04:27 -05:00
bwatters 26f9175816 Update c source with argc check and CRASH notes for module 2022-04-20 17:37:48 -05:00
bwatters d9a241defb Fix overzealous source code edit and some version copy/pasta errors 2022-04-20 14:31:32 -05:00
Spencer McIntyre 8e2bd3c5a9 Land #16475, ManageEngine ADSelfService Plus RCE 2022-04-20 15:22:36 -04:00
Spencer McIntyre bf1f786813 Title case the target name 2022-04-20 15:22:07 -04:00
Jake Baines aba48a6905 Improve JSON cleanup, fix jjs specific wording, and moved JJS_PATH to defaultoptions 2022-04-20 06:27:43 -07:00
Jack Heysel dd0be6cad5 Rubocop fix for arista_tacplus_shell 2022-04-19 22:38:50 -07:00
Jack Heysel 4417a335ff Land #16379, Make SSH defaults widely used 
Refactored a number of modules to use ssh_client_defaults
 2022-04-19 22:08:45 -07:00
Grant Willcox a756df5400 Add in missing RuboCop note sections 2022-04-19 16:40:57 -05:00
Brendan Coles 94ed9ae28b Modules: Prefer CVE references over cve.mitre.org URL references 2022-04-19 20:42:23 +00:00
Jake Baines c77e12e0c5 Fixed the name of the jjs cmd 2022-04-19 11:28:26 -07:00
Jake Baines ae54c8c3d9 Initial implementation of authenticated RCE against ManageEngine ADSelfService Plus (CVE-2022-28810) 2022-04-19 10:33:54 -07:00
ORelio 1fdedebacf Add settings to adjust delay and interval 
TIME_KBD_DELAY: Delay in milliseconds (0 to disable)
TIME_KBD_TRESHOLD: How many keys between each delay
 2022-04-19 17:40:14 +02:00
Heyder Andrade fd6c8aa3d5 Lint msftidy 2022-04-18 23:36:23 +02:00
Heyder Andrade b363a7e403 Merge branch 'fix/ssh_defaults_usage' of github.com:heyder/metasploit-framework into fix/ssh_defaults_usage 2022-04-18 20:19:36 +02:00
Heyder Andrade 4252fe01e6 Rubocop 2022-04-18 20:17:44 +02:00
Heyder Andrade 9e54830f93 Making SSH defaults widely used 2022-04-18 20:16:34 +02:00
Heyder Andrade bdc69d8399 Rubocop 2022-04-18 20:14:57 +02:00
Heyder Andrade 83793b6df7 Making SSH defaults widely used 2022-04-18 20:12:04 +02:00