adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
66,967 Commits 27 Branches 1,043 Tags
f1020289fa5912d729bfe7aad8a8061ba464821d
Commit Graph

32690 Commits

Author SHA1 Message Date
Grant Willcox a075c676a6 Fix spacing issue 2022-06-10 08:47:41 -05:00
dwelch-r7 3f06e237b7 Correctly format the notes sections 2022-06-10 14:01:57 +01:00
Jack Heysel 67ea2bc23c Land #16630 Fix duplicate ntlm hash storage 
Net-NTLM (v1 and v2) hashes were being duplicated when
stored in the database due to the unique data in the challenge
dispite being the same. This fixes that issue
 2022-06-08 14:07:34 -04:00
Grant Willcox ab322d9318 Add minor review improvements for code readability and future travelers 2022-06-08 11:53:42 -05:00
Dan Staples a55aa8492c Add SAN support to impersonate_ssl module 2022-06-08 11:22:06 -04:00
bwatters 3875db78ae Land #16644, Add Exploit for CVE-2022-26134 (Confluence RCE) 
Merge branch 'land-16644' into upstream-master
 2022-06-07 16:00:37 -05:00
jheysel-r7 2b99967d0c Merge branch 'master' into fix/duplicate-netntlm 2022-06-07 11:42:51 -04:00
Grant Willcox 8584014af2 Land #16583, Bump payloads version to 2.0.93 2022-06-07 08:58:56 -05:00
Spencer McIntyre 1a06f69f95 Works through v7.18 now too 2022-06-06 22:03:21 -04:00
Spencer McIntyre 45c646afea Refactor #encode_ognl 2022-06-06 18:15:44 -04:00
Spencer McIntyre 2c0e034a18 Fix a couple of typos 2022-06-06 18:14:05 -04:00
bwatters c751ef46c9 Land #16635, Add 0-day MSWord RCE #Follina CVE-2022-30190 
Merge branch 'land-16635' into upstream-master
 2022-06-06 14:41:31 -05:00
Spencer McIntyre f55334f0fe Add version detection 2022-06-03 18:26:04 -04:00
Spencer McIntyre 76ec36a091 Remove the Windows targets for now 2022-06-03 16:50:13 -04:00
Spencer McIntyre 29a9ef686a Finish up a draft of the module 2022-06-03 16:47:02 -04:00
Spencer McIntyre cd6bbeb0ba WIP module 2022-06-03 15:27:13 -04:00
Kert Ojasoo 1dc61d02eb Update php_fpm_rce.rb 2022-06-03 11:23:53 +03:00
Christophe De La Fuente 474116d413 Land #16611, DotCMS File Upload to RCE Module (CVE-2022-26352) 2022-06-02 15:30:10 +02:00
RAMELLA Sébastien 3ab06461af fix. second review 2022-06-02 00:58:20 +04:00
RAMELLA Sébastien dd1814903c fix. SRVHOST default value 2022-06-02 00:07:15 +04:00
RAMELLA Sébastien 8c19a02835 fix. first review 2022-06-01 20:15:08 +04:00
space-r7 6d3ccab1be Land #16435, add Microsoft SQL Server sqli support 2022-06-01 10:27:48 -05:00
jheysel-r7 97caca4f6e Update modules/exploits/multi/http/dotcms_file_upload_rce.rb 
Co-authored-by: cdelafuente-r7 <56716719+cdelafuente-r7@users.noreply.github.com>
 2022-06-01 10:54:02 -04:00
Jack Heysel bea4207c62 Land PR #16607 - MyBB RCE Module (CVE-2022-24734) 
This exploit module leverages an improper input validation
vulnerability in MyBB prior to 1.8.30 to execute arbitrary
code in the context of the user running the application.
 2022-05-31 11:59:53 -04:00
Christophe De La Fuente dac355d9cf Land #16492, nfs_mount more intelligent mountability 2022-05-31 11:56:19 +02:00
RAMELLA Sébastien 7f89e92da3 add more informations about 2022-05-31 00:12:30 +04:00
Jack Heysel 2c02a607ee Responded to PR feedback 2022-05-30 14:46:54 -04:00
RAMELLA Sébastien 97921b4ed9 fix chmod 644 2022-05-30 22:11:35 +04:00
RAMELLA Sébastien dfc226cf5f add. Supposed 0day MSWord RCE 2022-05-30 21:23:18 +04:00
h00die c6936bd42f nfs mount more intelligent 2022-05-30 13:03:03 -04:00
Christophe De La Fuente b996f5ee49 Fixes from code review 2022-05-30 16:24:18 +02:00
Spencer McIntyre 1466506069 Update the docs to be accurate 2022-05-27 14:41:06 -04:00
adfoster-r7 a98f9a69c4 Land #16621, Fix timeout of duplicated sessions 2022-05-27 17:30:56 +01:00
sjanusz 7b75bd6e27 Cache remote Python binary name 2022-05-27 10:21:59 +01:00
Spencer McIntyre 9b36364acd Land #16619, fix of improper neighbor filtering 
Fixes #16618
 2022-05-25 13:03:39 -04:00
Spencer McIntyre 5f5444936f Land #16488, Windows Task Scheduler Mixin 2022-05-25 12:37:03 -04:00
sjanusz 17a37a9d4d Detect more Python binaries & don't run last cmd_exec as channelized 2022-05-25 15:21:40 +01:00
adfoster-r7 d225d4663c Land #16413, update local exploit suggester 2022-05-25 13:24:11 +01:00
Christophe De La Fuente 52a8191821 Fix vss_persistence module and remove Windows 7 target 2022-05-25 13:11:34 +02:00
sjanusz 5d2ab0c55e Sort arch, platforms, session types before outputting 2022-05-25 10:25:32 +01:00
Jack Heysel 44ce4d422e Land #16610, New Print Nightmare Exploit 
Updates existing Print Nightmare module to use the
new SMB Server added in #16481.
 2022-05-24 16:24:47 -04:00
NikitaKovaljov 3eb8f8cf2e fix of improper NA filtering. 2022-05-24 19:01:36 +03:00
sjanusz fbac2ae429 Fix crash on sessions without native_arch support 2022-05-24 16:27:16 +01:00
dwelch-r7 a911a9185a Update cached sizes 2022-05-24 16:04:03 +01:00
dwelch-r7 0df1f58480 Update cached sizes 2022-05-24 16:04:00 +01:00
sjanusz 0e241557e9 Add session type column, refactor to not use post mixin, use native_arch 2022-05-24 14:28:21 +01:00
Spencer McIntyre 1524020643 Use moved_from to deprecate the module 2022-05-24 09:16:30 -04:00
Christophe De La Fuente 63dea932ad Land #16481, Update Msf::Exploit::Remote::SMB::Server::Share 2022-05-24 11:50:06 +02:00
Christophe De La Fuente 1f304ef2c4 Add module exploit for MyBB RCE - CVE-2022-24734 2022-05-23 17:27:20 +02:00
sjanusz 1677dbcf6d Add setting of module target 2022-05-23 14:23:48 +01:00