adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
63,472 Commits 27 Branches 1,043 Tags
ef4e7b2165ec317aceca4e58f2a2dee87f9918a5
Commit Graph

16119 Commits

Author SHA1 Message Date
Spencer McIntyre 83b2f5a128 Land #16268, Update check comhijack 2022-03-04 09:59:49 -05:00
adfoster-r7 ad2fab6fee Land #16153, read full response on smtp send/recv 2022-03-04 01:24:46 +00:00
bwatters fb658fbb13 Land #16245, pfSense Authenticated File Write (CVE-2021-41282) 
Merge branch 'land-16245' into upstream-master
 2022-03-03 15:08:34 -06:00
bwatters 3f35524c61 Rubocop fixes 2022-03-03 13:02:55 -06:00
bwatters f0878f4d1a Improve check method and add autocheck 2022-03-03 12:52:05 -06:00
Spencer McIntyre 6be3443680 Land #16103, LPE in polkit's pkexec (CVE-2021-4034) 2022-03-03 09:24:11 -05:00
Spencer McIntyre 0463373756 Simplify finding pkexec 2022-03-03 09:19:45 -05:00
bwatters e649fe3f69 Fix some markdown issues, update docs and add arch check for payloads 2022-03-02 16:30:52 -06:00
bwatters 06e897436c Add Fedora results to docs and some minor final cleanup 2022-03-02 09:12:01 -06:00
bwatters 58aed837b2 Update docs and options 2022-03-01 14:48:48 -06:00
bwatters 0516badd8e Change the way we cd after new session is created 2022-03-01 14:20:07 -06:00
bwatters 0081811c52 Land #16185, Firefox CVE-2020-26950 use after free browser exploit 
Merge branch 'land-16185' into upstream-master
 2022-02-28 14:38:23 -06:00
Jake Baines 65e16a1a72 Initial implementation of pfSense auth file creation bug (CVE-2021-41282) 2022-02-27 18:12:54 -08:00
Tim W 579811418f update documentation with note about Firefox 82.0.1 2022-02-26 12:35:38 +00:00
bwatters ecaf8b1ba9 Land #16204, Hikvision Unauthenticated RCE (CVE-2021-36260) 
Merge branch 'land-16204' into upstream-master
 2022-02-25 16:37:08 -06:00
bwatters b69db83398 Land #16202, Add exploit for CVE-2022-21882 (Win32k LPE) 
Merge branch 'land-16202' into upstream-master
 2022-02-25 15:55:48 -06:00
Grant Willcox 217afa0f3b Land #16190, Axis Camera App RCE (No CVE) 2022-02-25 11:35:03 -06:00
Grant Willcox 1e0db45f1d Add small note about ARMLE stager for future travelers 2022-02-25 11:34:31 -06:00
Jake Baines 2bec5c425f Change CheckCode to Appears 2022-02-25 08:32:06 -08:00
Jake Baines 1facfe4a2f Alter upload filename. 2022-02-25 02:53:52 -08:00
Jake Baines d055a7d811 Altered some randomization, the json extracted by check, and fixed some wording 2022-02-24 18:48:21 -08:00
Jake Baines 48072b6554 Fix rubcop complaint introduced in suggestion commit 2022-02-24 18:28:38 -08:00
Jake Baines 454eba2438 Apply suggestions from code review 
Added changes suggested by @gwillcox-r7

Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com>
 2022-02-24 21:25:09 -05:00
Spencer McIntyre 544f8e161a Land #16164, Create Module For CVE-2021-42321 2022-02-24 11:36:12 -05:00
Spencer McIntyre 2b0002031d Fix the minimum build number 
This particular change looks like a mistake. Build 17134 (v1803) is the
oldest that is supported.
 2022-02-24 11:24:20 -05:00
Jake Baines 9f05a7d11a Removed unneeded custom timeout 2022-02-24 08:13:04 -08:00
Spencer McIntyre 6d325933a9 Remove the default payload options 2022-02-24 10:55:38 -05:00
Jake Baines 3739dad470 Updated to use print_bad instead of fail_with for application removal errors. Also included instructions on how to manually remove the application 2022-02-24 07:44:34 -08:00
Jake Baines e1616a520f Fixed a couple of typos. Changed a CheckCode. Randomized the replaced tmp file name 2022-02-24 06:38:36 -08:00
Grant Willcox fddd3f15c2 Fix up code so that it will not block on attempting to delete the configuration on the folder, just in case the configuration doesn't exist in the first place. Instead print a warning and continue. 2022-02-22 17:52:29 -06:00
Jake Baines 4cd3563bc7 Initial commit of exploit for CVE-2021-36260 2022-02-19 13:13:24 -08:00
bwatters f311bd4fce Remove duplicate warning 2022-02-18 16:31:35 -06:00
bwatters 3ea032472d Updated exploit with better check method, added OnSessionCmd option 
to run a command when a session is bootstrapped, added more
documentation.
 2022-02-18 16:30:47 -06:00
Spencer McIntyre 443bf1249a Remove all the old CVE-2021-1732 data 2022-02-18 15:25:39 -05:00
Spencer McIntyre bcd7cb1122 Writeup the module metadata and docs 2022-02-18 15:23:44 -05:00
Spencer McIntyre d92259f868 One exploit for CVE-2021-1732 and CVE-2022-21882 2022-02-18 15:23:38 -05:00
h00die d5ba1afbec fix URLs not resolving 
fix URLs not resolving

add csv export to references

fix URLs not resolving

pdf not pd

missed a url change

remove extra recirectedfrom fields

remove extra file

fix ovftool url accidental replacement
 2022-02-16 17:22:40 -06:00
Tim W 4e5cd8693d add notes section to placate msftidy 2022-02-16 11:48:55 +00:00
Tim W 480c44e9cb refactor DEBUG_EXPLOIT code into mixin 2022-02-16 11:38:04 +00:00
Tim W 35d122e16d msftidy 2022-02-16 08:35:04 +00:00
Tim W fb53ca0ac2 actually add support for Windows 2022-02-16 08:33:24 +00:00
Tim W 841af2c6e1 add support for Windows 2022-02-16 08:30:07 +00:00
Tim W 6e59efc324 fix evil is undefined on exploit failure 2022-02-16 07:52:42 +00:00
Grant Willcox 6700ed7f3c Update module to use built in error handling within send_request_cgi vs doing it ourselves 2022-02-15 18:18:53 -06:00
bwatters 1086926b2e Land #16159, Add module for CVE-2021-3129 
Merge branch 'land-16159' into upstream-master
 2022-02-15 17:14:01 -06:00
bwatters 0239ef1cc6 Land #16117, Updates for Log4Shell 2022-02-15 16:39:00 -06:00
darrenmartyn 604361b59d Update hp_dataprotector_cmd_exec.rb 
64 bit payloads
 2022-02-15 18:03:13 +00:00
Tim W 2405a040a8 rubocop and msftidy 2022-02-15 09:31:06 +00:00
Heyder Andrade 891387885b Fixed typos 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2022-02-15 08:47:50 +01:00
Heyder Andrade bbb66eba55 Fixed typos 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2022-02-15 08:47:26 +01:00