adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
63,472 Commits 27 Branches 1,043 Tags
ef4e7b2165ec317aceca4e58f2a2dee87f9918a5
Commit Graph

614 Commits

Author SHA1 Message Date
h00die d5ba1afbec fix URLs not resolving 
fix URLs not resolving

add csv export to references

fix URLs not resolving

pdf not pd

missed a url change

remove extra recirectedfrom fields

remove extra file

fix ovftool url accidental replacement
 2022-02-16 17:22:40 -06:00
darrenmartyn 604361b59d Update hp_dataprotector_cmd_exec.rb 
64 bit payloads
 2022-02-15 18:03:13 +00:00
adfoster-r7 059e39a6f0 Specify meterpreter compatibility command requirements 2021-09-08 22:59:25 +01:00
adfoster-r7 4a9a15e638 Run Rubocop layout rules on modules 2021-08-27 17:19:43 +01:00
Alan Foster 5b3fde7735 Rubocop recently landed modules 2021-02-16 15:08:08 +00:00
Brendan Coles a1c316c679 msftidy: Fix exploit module checks for author and stack buffer overflow 2021-02-13 04:10:13 +00:00
CSharperMantle d99c2ac783 linguistic fixes of 'does not exists' 2020-12-23 11:36:38 +08:00
dwelch-r7 1617b3ec9b Use zeitwerk for lib/msf/core folder 2020-12-07 10:31:45 +00:00
Alan Foster 30809787c4 Convert disclosure dates to iso8601 2020-10-02 21:00:37 +01:00
William Vu a6f7c0c0de Backport miscellaneous fixes to my modules 2020-08-14 13:40:23 -05:00
Adam Galway 1a2bf98222 creates standard elog & updates exisiting usages 2020-06-22 12:48:39 +01:00
Alan Foster 6007e13379 Fix edgecase in rubocop module description rule 2020-06-10 12:11:49 +01:00
Brendan Coles ad05cf7870 Update TinyIdentD 2.2 Stack Buffer Overflow module 2020-05-23 04:43:44 +00:00
William Vu 0bcc473ded Rename option to HOSTINFO_NAME and update doc 2020-05-01 12:59:01 -05:00
William Vu c27269105e Rename CmdStager to psh_invokewebrequest 2020-05-01 12:31:53 -05:00
William Vu 1364b08c4f Make host info name configurable as an option 
Though it has to be recognized by the server.
 2020-05-01 12:19:12 -05:00
William Vu 96f802585a Update dropper payload to stageless 
We're using Invoke-WebRequest now. Or anything similar.
 2020-05-01 12:19:12 -05:00
William Vu 9adaa08ddd Use new PowerShell Invoke-WebRequest CmdStager 2020-05-01 12:19:12 -05:00
William Vu 9bfecbc2aa Print the responses if found but don't bail 
The responses aren't always in sync, causing unexpected failures.
 2020-05-01 12:19:12 -05:00
William Vu bb034acd7c Note reason for SERVICE_RESOURCE_LOSS 2020-05-01 12:19:12 -05:00
William Vu 309475259a Remove doubled-up command prefix from dropper 
The library prefixes "cmd /c" automatically.
 2020-05-01 12:19:12 -05:00
William Vu 84061881b8 Clarify module description 2020-05-01 12:19:12 -05:00
William Vu 9d601b50c2 Note how we trigger the deserialization vuln 2020-05-01 12:19:12 -05:00
William Vu efab4f04f7 Add Veeam ONE Agent .NET deserialization exploit 2020-05-01 12:19:12 -05:00
Alan Foster 3a046f01da Run rubocop -a on subset of files 2020-03-06 10:41:45 +00:00
Alan Foster 6bac1ec2aa Remove executable flags from exploit files 2020-02-26 10:39:50 +00:00
William Vu 4fa3b25788 Correct language in crosschex_device_bof 2020-02-18 23:18:45 -06:00
Brent Cook 8489bcdfd9 This fixes broken links to the community.rapid7.com blog 
Performed mechanically with sed, spot-checked that the new blog can consume these links.
 2020-02-18 09:06:11 -06:00
Adam Galway 2ca2b5c7bb replaces magic numbers with target fields 2020-02-13 14:17:23 +00:00
Adam Galway cbcf8a2a68 adds to_i and removes default options 2020-02-12 12:04:15 +00:00
Adam Galway 8fd3b483d3 improves option descriptions & timeout handling 2020-02-11 15:05:24 +00:00
Adam Galway 946e244c8c Updates docs and adds basic options 2020-02-11 13:40:51 +00:00
Adam Galway a7a80e08a8 Updated docs with platform info 2020-02-11 12:55:07 +00:00
Adam Galway ddec8a58a1 disables payload padding and describes shell code 2020-02-05 18:09:39 +00:00
Adam Galway d76546f8ee clarifies inserted shell code's function 2020-02-04 15:14:36 +00:00
Adam Galway 671f2e9616 msfTidy: set disclosure date to proper format 2020-02-04 11:55:39 +00:00
Adam Galway 37065f5ffe PR Changes: More Cleanup 2020-02-04 10:59:02 +00:00
Adam Galway 4fd865f3a9 PR Changes: Comments, fail_with, and cleanup 2020-02-04 10:57:41 +00:00
Adam Galway 2ce3cb9e86 updated description 2020-02-03 17:09:56 +00:00
Adam Galway 6b229177f1 Add crosschex buffer overflow exploit 2020-02-03 17:02:04 +00:00
h00die 9f29f5f419 fix spelling received 2019-10-05 14:40:27 -04:00
William Vu 32334c2386 Update all module splats from http:// to https:// 2019-08-15 18:10:44 -05:00
Adam Cammack cf9b94a964 Set needs_cleanup flag for exploits that need it 
The `needs_cleanup` flag needs to be set per-module when an exploit
needs an interactive session to clean up. Some `FileDropper` exploits
need additional cleanup to what the mixin provides, but since all
`FileDropper`s already mark themselves as needing cleanup those are not
covered here. A few of these could potentially be refactored to use the
original exploitation method to clean up or to compile the list of
files/commands to clean up ahead of time, but that is out of the scope
of this fix.
 2019-08-02 10:23:53 -05:00
Wietsman 3b08ed88d1 #12095 added version check if vulnerable 
#12095 cleaned up the code
#12095 added more output
#12095 added comments
 2019-07-22 16:43:24 +02:00
Wietsman 71da3b7903 #12095 Added cleaning up of trial account and dropper files. 2019-07-21 03:21:15 +02:00
Wietsman e26b650f31 #12095 Fixed Password complexity generation 
#12095 Fixed trial account creation
#12095 Fixed calling functions
 2019-07-18 13:13:39 +02:00
Wietse Boonstra 2b7d6e07b1 #12095 Fixed issue with function naming. 
Added random username and password generating
 2019-07-18 10:54:12 +02:00
Wietsman 26c87b1869 Wrap to 80 columns 2019-07-17 00:21:21 +02:00
Wietsman 73c6a11ccb Apply suggestions from code review 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-07-16 22:38:58 +02:00
Wietsman 2d86312f6c Apply suggestions from code review 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-07-16 22:37:56 +02:00