adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
69,342 Commits 27 Branches 1,043 Tags
f2e5e77e2700a39bf447300e53bb52eeafdcbea3
Commit Graph

236 Commits

Author SHA1 Message Date
h00die 0ac4d3d2e6 doc how to set permissions on service 2023-01-13 17:07:17 -05:00
Spencer McIntyre 3ddcf73c2b Remove the QUICK option altogether 
Use blocks to check whether each service is exploitable as they are
enumerated. With this change, it is the service and path enumeration
halts once an exploitable one is found that yields a session.

Also all files are registered for cleanup.
 2023-01-13 17:06:42 -05:00
h00die 90a12cf3b0 unquoted service path tweaks 2023-01-13 17:06:42 -05:00
h00die c52eb09cbb unquoted service path tweaks 2023-01-13 17:06:42 -05:00
Ron Bowes 3ac3fa6c32 Move the Zimbra Slapper doc to the right folder (Windows -> Linux) 2022-10-25 09:51:27 -07:00
bcoles 666a3efcfd ms10_092_schelevator: Cleanup 2022-08-19 15:19:28 +10:00
Ron Bowes be25e1fc77 Add documentation 2022-08-05 13:55:05 -05:00
Grant Willcox 51df37de87 Add in documentation and also update the module to handle NarratorQuickstart.exe which sometimes comes up and can lead to visual indicators 2022-03-28 17:53:53 -05:00
bwatters b4de9fa92a Land #16344, Add module for CVE-2022-21999 and More Railgun Definitions 
Merge branch 'land-16344' into upstream-master
 2022-03-16 08:37:05 -05:00
space-r7 4a8707982a fix module name in output 2022-03-14 09:35:56 -05:00
space-r7 c646d01671 add systems tested 2022-03-14 09:17:43 -05:00
space-r7 99664efed7 use full user name, add test output to docs 2022-03-14 09:15:36 -05:00
space-r7 07e6eef201 rename module, modify check 2022-03-10 17:02:58 -06:00
space-r7 f116f9e701 add docs 2022-03-04 15:54:58 -06:00
Spencer McIntyre 443bf1249a Remove all the old CVE-2021-1732 data 2022-02-18 15:25:39 -05:00
Spencer McIntyre bcd7cb1122 Writeup the module metadata and docs 2022-02-18 15:23:44 -05:00
Grant Willcox 3af93cbacc Fix up changes from timwr's review so long 2021-11-09 10:36:50 -06:00
Grant Willcox 780a9370a2 First draft of code, documentation, and exploit DLL plus exploit code 2021-11-09 10:36:40 -06:00
Spencer McIntyre 674628e600 Land #15384, Improve Windows RDLL injection 2021-08-26 12:11:44 -04:00
Grant Willcox 5a80e9678c Address Spencer's comments and remove changes that don't directly use the DLL injection library API change 2021-08-24 16:34:01 -05:00
Grant Willcox 5fdf990f24 Land #15519, Lexmark Universal Print Driver Local Privilege Escalation 2021-08-11 15:03:53 -05:00
Grant Willcox 92327461d3 Add in driver installation instructions to documentation 2021-08-11 14:40:21 -05:00
Grant Willcox 7b25bd366f Update documentation and fix a few typos so that it reflects latest changes 2021-08-11 12:25:36 -05:00
Jacob Baines afa3d92774 Switched to upnp implementation 2021-08-10 18:17:18 -04:00
Grant Willcox 55404ff29f Further fixes from review and further touch up edits 2021-08-09 14:23:05 -05:00
Grant Willcox f8d838bba2 Fix first round of comments from the review process 2021-08-09 12:13:27 -05:00
Grant Willcox 838142362c Apply first round of updates from review comments to improve explanations of the vulnerability and fix some minor issues 2021-08-09 09:59:09 -05:00
Jacob Baines 0e41a0e81e Addressed all but one review items 2021-08-07 06:46:49 -04:00
Jacob Baines 8d699c0c4e Addressed various review comments 2021-08-06 14:55:50 -04:00
Jacob Baines f851faf2e4 Initial commit for Canon driver exploit 2021-08-05 11:17:45 -04:00
Jacob Baines e6c48db072 Initial version of CVE-2021-35449 2021-08-04 16:08:43 -04:00
Grant Willcox 2fb379374f Update documentation where possible for changed exploits 2021-07-23 12:34:12 -05:00
Grant Willcox fabc566402 Improve process.rb's execute_dll to now automatically detect the architecture of the target and of the DLL and then appropriately decide if it needs to launch a WoW64 process to inject into. 2021-07-23 12:33:41 -05:00
Grant Willcox bc0439fc47 Improve the list of potential processes to spawn and inject into to be more believable 2021-07-23 12:33:16 -05:00
agalway-r7 410493f729 Land #15318, NSClient priv esc post module 2021-07-06 16:07:30 +01:00
Yann Castel ebc8dba921 intial commit 2021-06-09 15:10:03 +02:00
Shelby Pace 8e4a33f2a2 Land #15223, move TokenMagic validation logic 2021-05-24 14:51:13 -05:00
bwatters a89fffade1 Update check method and move it to earlier in the module to prevent crashing 
on windows 7 sp0 targets.
 2021-05-19 15:58:40 -05:00
Spencer McIntyre 78d47b11f2 Add targeting for Windows 10 v21H1 2021-05-18 12:56:02 -04:00
Grant Willcox 24352567e7 Add final touches to documentation for code highlights and minor fixes 2021-05-14 17:47:38 -05:00
Jack Heysel c8b62a1ff9 Fixed check method nil check, update numberd list in docs, added wfsdelay warning when in dll mode 2021-05-14 17:47:31 -05:00
Jack Heysel 950bbad852 Removed nil script check, updated docs 2021-05-14 17:47:15 -05:00
Jack Heysel eb4573164b Addressed comments 2021-05-14 17:46:26 -05:00
Jack Heysel d23df37b62 Responded to comments, refactored to remove duplicate code 2021-05-14 17:44:08 -05:00
Jack Heysel fab3a9afc8 Added wfsdelay, updated docs 2021-05-14 17:44:07 -05:00
Jack Heysel 1eab94cc26 beta draft 2021-05-14 17:43:44 -05:00
Spencer McIntyre d990e884af Add and test even more targets 2021-05-13 17:27:58 -04:00
Spencer McIntyre 7d841a0f79 Add a target for Windows 7 x64 2021-05-13 14:24:15 -04:00
Spencer McIntyre 477749f77f Refactor the code to be reusable and add docs 2021-05-12 16:36:17 -04:00
Pedro Ribeiro 62ba64375c fix typos and add default rport 2021-04-23 17:38:06 +07:00