adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
69,342 Commits 27 Branches 1,043 Tags
f2e5e77e2700a39bf447300e53bb52eeafdcbea3
Commit Graph

1388 Commits

Author SHA1 Message Date
Christophe De La Fuente aaef7726db Land #17330, Fix enumerating emails via ProxyShell 2022-12-06 14:02:53 +01:00
bcoles c1ff9337c8 dnn_cookie_deserialization_rce: Remove empty 'Payload' Hash key 2022-12-04 17:50:24 +11:00
bcoles 431804ef15 Fix typos: Replace 'the the' with 'the' 2022-12-04 17:41:24 +11:00
Spencer McIntyre 96da805014 Fix enumerating emails via ProxyShell 
The ResolveNames endpoint used to gather emails addresses for targeting
only returns 100 at a time. This updates the module to check if the
search result contains all entries and when it does, it recurses into
itself with a refined search prefix. All results are returned to match
the original functionality instead of enumerating and halting once one
that's suitable for exploitation has been found.
 2022-12-02 15:58:50 -05:00
Spencer McIntyre 264d45e04a Appease rubocop 2022-11-28 10:16:55 -05:00
Spencer McIntyre f24df8a051 Change an exception class and drop DOMAIN passing 2022-11-28 10:06:14 -05:00
Spencer McIntyre 3f58bfe11e Check that the target is Exchange Server 2019 2022-11-23 10:47:10 -05:00
Spencer McIntyre ed99f2f67f Bypass EEMS M1 2022-11-21 11:13:16 -05:00
Spencer McIntyre 29d57dde66 Consolidate into ProxyMaybeShell 2022-11-18 17:01:01 -05:00
Spencer McIntyre fc7594dbc8 Add exploit for CVE-2022-41082 AKA ProxyNotShell 2022-11-18 17:00:27 -05:00
JustAnda7 36f4c702b3 Fixed #16674 2022-10-07 01:59:52 -04:00
Grant Willcox 97bce45e69 Land #16915, Add exploit for CVE-2022-23277 (Exchange RCE) 2022-08-19 11:11:46 -05:00
Christophe De La Fuente d49b74d164 Land #16809, Add exploit module for Advantech iView command injection - CVE-2022-2143 2022-08-18 17:19:14 +02:00
Spencer McIntyre 7c1dd17c86 Add a missing verison, fix typos 2022-08-17 17:36:31 -04:00
Spencer McIntyre 62ab42b797 Update vulnerable version numbers and docs 2022-08-17 08:55:46 -04:00
space-r7 7f02daac5b change default password 2022-08-09 16:12:54 -05:00
Spencer McIntyre 0e148d6ba4 Update and rename the module 2022-08-09 13:32:09 -04:00
Spencer McIntyre 2290b04995 Update the exploit with the new gadget chain 2022-08-08 17:52:53 -04:00
space-r7 0334beada2 Land #16758, add ManageEngine ADAudit Plus exploit 2022-08-05 12:19:42 -05:00
space-r7 4202502992 make some prints vprints, add steps 2022-08-05 11:34:46 -05:00
Ron Bowes 7c21c57564 Merge branch 'master' into manageengine-adauditplus-cve-2022-28219 2022-08-04 14:07:50 -07:00
Ron Bowes 713e476139 Remove 'puts' again 2022-08-04 12:59:11 -07:00
Ron Bowes 7844b8f5f8 Encode usernames containing spaces into 8.3 2022-08-04 12:55:08 -07:00
Ron Bowes 530174c940 Remove an errant puts 2022-08-04 12:42:14 -07:00
Ron Bowes 969c81e41c Improve the FTP reverse connection in two ways - 1-add a terminator so we know when it's done, and 2-don't fail the whole thing if we fail on one name 2022-08-04 11:13:46 -07:00
Ron Bowes 2ec25fc3e5 Add a timeout to the reverse FTP connection 2022-08-03 15:17:02 -07:00
Grant Willcox 6d45320c0c Update exploit title/name 2022-08-02 14:27:27 -05:00
space-r7 175c428ff9 remove on_new_session logic 2022-08-02 13:41:23 -05:00
space-r7 ea1207d6e1 add authentication 2022-08-02 12:31:52 -05:00
Grant Willcox f0e62de46a Add CVE-2022-35405 docs and module 2022-08-02 11:57:56 -05:00
Ron Bowes d86e666e18 Change Platform to 'win' 2022-08-01 15:37:58 -07:00
space-r7 d6d51eecb0 manually delete file 2022-07-27 08:50:00 -05:00
space-r7 24ab27bdfe add x86 arch and additional check for response 2022-07-25 11:16:26 -05:00
Ron Bowes b4d2294255 Use vprint instead of print for some status messages, and clean up some comments 2022-07-22 10:01:27 -07:00
Ron Bowes d63912a1b8 Use better thread synchronization methods 2022-07-22 09:59:04 -07:00
Ron Bowes fe99eb0d0a Whoops, better lint - needed -A instead of -a 2022-07-22 09:52:37 -07:00
Ron Bowes e6282c3ff8 Remove win_cmd 2022-07-22 09:49:33 -07:00
Ron Bowes f3731191a1 Add timeouts for the reverse connections using IO.select() 2022-07-22 09:45:53 -07:00
space-r7 e0a5bfd7b3 remove opts used for debugging 2022-07-21 18:50:23 -05:00
space-r7 e1b0e871b3 add finished module and docs 2022-07-21 18:33:56 -05:00
Ron Bowes 8c729e8414 Add Comm 2022-07-21 08:58:28 -07:00
space-r7 a5cb271b21 add initial module work 2022-07-19 17:25:57 -05:00
Ron Bowes 304d717757 Make the path-traversal depth configurable 2022-07-15 15:41:27 -07:00
Ron Bowes 7468f6ecd8 Remove JAVA Arch 2022-07-15 15:35:14 -07:00
Ron Bowes 6f33ddd867 Remove a broken error check 2022-07-15 13:49:56 -07:00
Ron Bowes 5f3268eae7 Fix the Arch 2022-07-15 13:46:49 -07:00
Ron Bowes 5257de67f9 Style fixes 2022-07-15 13:43:46 -07:00
Ron Bowes 56dd61027f Rubocop 2022-07-08 10:38:42 -07:00
Ron Bowes 8090fdb273 Re-order authors 2022-07-08 10:27:41 -07:00
Ron Bowes 67c60c9c5f Specify the vulnerable version 2022-07-08 10:27:25 -07:00