adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
69,342 Commits 27 Branches 1,043 Tags
f2e5e77e2700a39bf447300e53bb52eeafdcbea3
Commit Graph

670 Commits

Author SHA1 Message Date
bwatters 54cd055276 Land #17286, CVE-2021-22015 vCenter priv esc 
Merge branch 'land-17286' into upstream-master
 2022-12-05 09:31:01 -06:00
h00die 867059efe5 add super to cleanup command 2022-12-01 14:55:43 -05:00
h00die 62b484fdc7 blank over empty 2022-12-01 14:34:09 -05:00
h00die 039b611fae fix enlightenment check method 2022-11-30 17:06:50 -05:00
Ashley Donaldson 25a0d0ff0e Fixes #17227 - polkit_dbus_auth_bypass module when run from a command shell 2022-11-25 15:13:57 +11:00
h00die 6877304bac exploit for cve-2021-22015 vcenter priv esc 2022-11-20 11:29:49 -05:00
h00die 59535b6799 remove 'is' 2022-11-12 16:19:50 -05:00
bwatters 9902e9a1e4 Land #17110, check files exist before doing other things 
Merge branch 'land-17110' into upstream-master
 2022-10-24 14:20:16 -05:00
Ron Bowes dea3f72f6b Resolve feedback - get rid of unnecessary directory, add CVE number, let the user choose the path 2022-10-17 15:00:56 -07:00
Ron Bowes a2a2dcbf6f Check in zimbra_postfix_priv_esc.rb 2022-10-14 13:21:41 -07:00
h00die 4950124ea0 use more Post::File functions 2022-10-08 09:50:25 -04:00
h00die a3eee73efb review comments 2022-10-08 09:16:57 -04:00
h00die 6db9ee743e check files exist before suid checking them 2022-10-05 19:43:07 -04:00
h00die b7073df1e0 review comments 2022-10-03 16:53:14 -04:00
h00die de184226f6 repeatable sessions 2022-10-01 11:30:21 -04:00
h00die e78babea90 cve-2022-37706 2022-10-01 11:24:29 -04:00
bwatters 89ef91c9cd Update ranking for nft_set_elem_init 2022-09-30 09:57:54 -05:00
bwatters e27dbd2787 Land #16794,Add exploit for CVE-2022-34918 
Merge branch 'land-16794' into upstream-master
 2022-09-27 16:37:52 -05:00
Redouane NIBOUCHA 8b601c9b17 If ForceExploit is set, skip calling module_check 2022-09-22 17:33:24 +02:00
Niboucha Redouane 93cad400e8 Update error message if the kernel offsets are not supported 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2022-09-22 17:28:36 +02:00
Spencer McIntyre 6965115c8e Land #16786, Zyxel Firewall LPE (CVE-2022-30526) 2022-08-31 08:40:23 -04:00
Redouane NIBOUCHA b0d5a6bec4 Rubocop fix 2022-08-11 13:22:51 +02:00
Redouane NIBOUCHA e612f02ecb Add MAX_TRIES option, address the feedback of bwatters-r7 2022-08-11 13:21:14 +02:00
Ron Bowes 5d7fb283b7 Capture the command output 2022-08-05 13:55:05 -05:00
Ron Bowes 6564ea9719 Change Vulnerable to Appears 2022-08-05 13:55:05 -05:00
Ron Bowes 2cde5f6364 Typo / compile error 2022-08-05 13:55:05 -05:00
Ron Bowes caff6a53f5 Add a CVE and better description 2022-08-05 13:55:05 -05:00
Ron Bowes ea581482d4 Remove the commented-out CVE, it's making lint sad 2022-08-05 13:55:05 -05:00
Ron Bowes 6e8d04ddc9 Add a note that IOCs show up in logs 2022-08-05 13:55:05 -05:00
Ron Bowes cc27f563ec Small cleanup 2022-08-05 13:55:05 -05:00
Ron Bowes 5e1888ee46 Cleanups 2022-08-05 13:55:05 -05:00
Ron Bowes 0fd61e859d Make lint happy 2022-08-05 13:55:05 -05:00
Ron Bowes bba4a23f65 Add zimbra_slapper_priv_esc module (privilege escalation in Zimbra, currently 0-day) 2022-08-05 13:55:05 -05:00
Spencer McIntyre 0b9e1bbbb3 Fix "can not" to "cannot" 2022-08-03 17:45:06 -04:00
Spencer McIntyre 207862a810 Update module metadata now that it's disclosed 2022-08-02 12:13:34 -04:00
Spencer McIntyre ef8fe215e1 Finish up an exploit for the first bug 2022-08-02 12:13:28 -04:00
Redouane NIBOUCHA ae9932d921 Rubocop fixes, register_dir_for_cleanup instead of register_file_for_cleanup in upload_source 2022-07-25 21:31:20 +02:00
Redouane NIBOUCHA 88d069a77d Add option for compiling the exploit on the target 2022-07-25 01:08:53 +02:00
Niboucha Redouane 9d3a57c2c5 Update the check method 
Co-authored-by: bcoles <bcoles@gmail.com>
 2022-07-23 02:44:26 +02:00
Redouane NIBOUCHA 37f1fdd47b Add module docs, add Ubuntu 22.04 offsets, update check method 2022-07-22 03:30:03 +02:00
Redouane NIBOUCHA 73db035e57 Add more offsets to the exploit, clean up the exploit C source, add check method 2022-07-21 01:22:20 +02:00
Redouane NIBOUCHA fe2e413426 Add exploit for CVE-2022-34918 2022-07-20 13:51:22 +02:00
Jake Baines cf54762191 Initial commit of CVE-2022-30526 LPE 2022-07-19 03:29:11 -07:00
sjanusz bc489fef91 Update PiHole module to not wait for sudo input 2022-05-04 17:24:43 +01:00
Grant Willcox e2c6c36b2b Land #1642, Add module for cve-2022-0995 2022-04-21 09:12:47 -05:00
bwatters 9cba9576cd Keep code reusable and fix some logical complexities 2022-04-21 07:44:40 -05:00
Grant Willcox 69b54c8448 Add in additional validation to check methods to address bcoles's comments and also to prevent issues with fail_with being used inside a check method 2022-04-20 19:50:08 -05:00
Grant Willcox f33e3f45c1 RuboCop compliance for PacketStorm 2022-04-20 19:09:14 -05:00
Grant Willcox 78d4ac8592 Update module reliability and also fix issues from bcoles's review 2022-04-20 19:04:27 -05:00
bwatters 26f9175816 Update c source with argc check and CRASH notes for module 2022-04-20 17:37:48 -05:00