adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
61,759 Commits 27 Branches 1,043 Tags
eeef8a30859dd2840fba685e7b2a8aecccdbcf2e
Commit Graph

31369 Commits

Author SHA1 Message Date
Ashley Donaldson eeef8a3085 Support domain login in WinRM module 2021-09-06 10:25:36 +10:00
Ashley Donaldson 7a75a91dc6 Request stdout on a separate thread, so we are alerted when the shell dies. 2021-09-06 09:33:44 +10:00
Ashley Donaldson 142526904a Moved command shell creation across to winrm_login, rather than winrm_cmd 2021-09-03 13:34:07 +10:00
Ashley Donaldson b50a1aa988 Moved reusable functionality into separate file 2021-09-02 21:58:07 +10:00
Ashley Donaldson a530336630 Fix segfault apparently caused by using the Rex HTTP client in a finalizer 2021-09-02 19:08:25 +10:00
Ashley Donaldson 1138a5bba7 Better messages in the session info table 2021-09-02 17:31:57 +10:00
Ashley Donaldson fdfac2212f Cleanup up old socket-based approach 2021-09-02 16:58:07 +10:00
Ashley Donaldson f16d91f8b4 Coerce failure immediately on bad password when setting up a session 2021-09-02 15:00:48 +10:00
Ashley Donaldson 6648a47ce7 Check stdin repeatedly 2021-09-02 13:23:26 +10:00
Ashley Donaldson b78b7413ef Use stdin rather than separate commands 2021-09-01 17:05:42 +10:00
Ashley Donaldson 3192f9b4f7 Neatness improvements 2021-08-31 22:30:31 +10:00
Ashley Donaldson 3839bc5dea Use rex sockets for WinRM transport 2021-08-31 21:36:25 +10:00
Ashley Donaldson 8d047dca59 Basic command shell operational. Does not yet utilise Rex sockets. 2021-08-31 15:34:04 +10:00
Ashley Donaldson 3dc1b22cdc Created WinRM command shell type 2021-08-31 11:00:53 +10:00
h00die a5674683f0 remove duplicate autocheck 2021-08-27 20:08:58 -04:00
adfoster-r7 4a9a15e638 Run Rubocop layout rules on modules 2021-08-27 17:19:43 +01:00
adfoster-r7 7daec4ab39 Update metasploit payloads version 2021-08-27 12:55:19 +01:00
Grant Willcox 7cf2e66085 Fix up regex to properly match results and not include the 'version' part of the string, which was causing Rex::Version to return incorrect results and therefore make the 'check' method fail 2021-08-26 17:41:41 -05:00
Grant Willcox 415b46d9a7 Fix Rubocop errors 2021-08-26 16:52:58 -05:00
Dimitrie-Toma Furdui 63aaa8f438 fixed version check for docker_credential_wincred 2021-08-26 16:33:45 -05:00
Tim W 6c0b90eabb Land #15532, add module for CVE-2021-21300 and git mixins 2021-08-26 18:26:04 +01:00
Spencer McIntyre 674628e600 Land #15384, Improve Windows RDLL injection 2021-08-26 12:11:44 -04:00
Grant Willcox be9a7bc9b9 Fix up error in alpc_taskscheduler.rb where it expected a DLL but we passed it shellcode instead 2021-08-26 09:27:21 -05:00
Grant Willcox 7652a2240e Add in missing import for modules/exploits/windows/local/ntapphelpcachecontrol.rb to prevent crashes due to execute_dll not being defined 2021-08-25 18:19:58 -05:00
space-r7 ab622405de Land #15593, add WP Learnpress SQLi module 2021-08-25 14:18:51 -05:00
space-r7 17da80163c fix typo, set COUNT default to 3 as noted in docs 2021-08-25 14:17:47 -05:00
Grant Willcox 5a80e9678c Address Spencer's comments and remove changes that don't directly use the DLL injection library API change 2021-08-24 16:34:01 -05:00
h00die b9db47f873 wp_learnpress sqli 2021-08-23 19:45:45 -04:00
sjanusz 8e00c5a188 Add default payload option to targets 2021-08-20 16:38:22 +01:00
Spencer McIntyre c47efcabfc Land #15556, Add shell support to enum_unattended 2021-08-19 17:40:51 -04:00
pingport80 406b152752 add shell support to enum_unattend module 
update registry operations

guard against nil when the unattendfile registry key is not present
 2021-08-19 23:39:18 +05:30
William Vu 31796c6236 Land #15561, ProxyShell exploit 2021-08-19 10:31:02 -05:00
William Vu 0a06730802 Update contributors 2021-08-19 10:30:21 -05:00
Spencer McIntyre 1519aef539 Land #15570, Fix smb enum gpp module 2021-08-19 09:20:38 -04:00
space-r7 a75b649cf3 Land #15546, properly store UUID URLs 2021-08-18 17:15:14 -05:00
Spencer McIntyre 84f8c44e69 Write to the targeted backend server 2021-08-18 12:34:40 -04:00
Spencer McIntyre 75e63992d6 Write an exploit for ProxyShell 2021-08-18 10:50:34 -04:00
adfoster-r7 d9baaed0ba Fix smb enum gpp module 2021-08-18 11:44:03 +01:00
William Vu 521ca14773 Add Lucee Administrator CVE-2021-21307 exploit 2021-08-16 10:09:34 -05:00
Tim W 5acd0ee5d6 Fix #15480, fix IgnoreUnknownPayloads for stageless reverse_http payloads 2021-08-13 16:57:04 +01:00
Jack Heysel 5aa56b303a Land #15539, Fix cve_2018_8453_win32k_priv_esc 
Fixes the check method for the above module, prior
to this change the module was not running against 1703.
 2021-08-13 11:01:58 -04:00
space-r7 c9bdd96c76 remove GIT_HOOK option 
post-checkout is the only hook that will work
with this exploit, so no option is needed. Also update
the documentation to reflect that.
 2021-08-12 10:18:13 -05:00
space-r7 31cbcb7774 add notes to updated modules 2021-08-12 10:18:13 -05:00
space-r7 70f304a548 change modules to use hash in build_commit_object 2021-08-12 10:18:13 -05:00
Shelby Pace d0c0372596 add request / response classes 2021-08-12 10:18:12 -05:00
Shelby Pace a4cc95448f remove namespace 2021-08-12 10:18:12 -05:00
Shelby Pace 0fe761b838 modify options and add documentation 2021-08-12 10:18:12 -05:00
Shelby Pace 98ef499351 add git lfs and smart http changes 2021-08-12 10:18:11 -05:00
Shelby Pace 53187648c1 add module 
also includes packfile obj metadata changes
 2021-08-12 10:18:11 -05:00
Shelby Pace d7161d0b90 add packfile, pkt line, and module code 2021-08-12 10:18:11 -05:00