adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
50,028 Commits 27 Branches 1,043 Tags
f4e84da495ffae37cedc008cc0c3aef7619d05f7
Commit Graph

12199 Commits

Author SHA1 Message Date
Shelby Pace 29e7c49332 Land #10444, add Consul rexec RCE module 2018-12-28 09:14:28 -06:00
Shelby Pace fb8f06b2f5 Land #10443, add Consul service RCE module 2018-12-28 08:33:56 -06:00
Quentin Kaiser 18c844623a Remove extra spaces. 2018-12-24 13:48:07 +01:00
Quentin Kaiser e10792f4e6 Remove extra space. 2018-12-24 13:30:03 +01:00
Brent Cook b9742802aa Land #11137, Clean up linux/local/vmware_alsa_config exploit module 2018-12-21 17:04:11 -06:00
Jacob Robles 4bc871c499 Add CmdStager to erlang_cookie_rce 2018-12-21 07:33:37 -06:00
Quentin Kaiser bf2de42077 Now supports all version of Consul. 2018-12-20 18:56:07 +01:00
Quentin Kaiser 2919b970cd Implement execution checks with a timeout limit so we don't leave zombie checks running in background. 2018-12-20 18:41:35 +01:00
Quentin Kaiser ba5c40db77 No need for CVE field. 2018-12-20 18:18:53 +01:00
Jacob Robles 6921b79890 Land #11089, Erlang cookie rce exploit module 2018-12-19 08:02:40 -06:00
Milton-Valencia bb758f9a61 I didn't forget msftidy I swear 2018-12-18 14:55:12 -06:00
Milton-Valencia 8a2a605a99 added targets 2018-12-18 14:50:57 -06:00
Quentin Kaiser ef8601aa71 Bail early if we receive an unexpected response. 2018-12-18 19:42:26 +01:00
Quentin Kaiser 4ee7bdee6c Merge branch 'consul_service_exec' of github.com:QKaiser/metasploit-framework into consul_service_exec 2018-12-18 19:33:51 +01:00
Quentin Kaiser b3563b1bc2 Cleaner version of check function thanks to @bcoles. 2018-12-18 19:33:30 +01:00
Brendan Coles 5e134d7d8d Update modules/exploits/multi/misc/consul_service_exec.rb 
Co-Authored-By: QKaiser <QKaiser@users.noreply.github.com>
 2018-12-18 19:27:19 +01:00
Brendan Coles 5192c081ee Update modules/exploits/multi/misc/consul_service_exec.rb 
Co-Authored-By: QKaiser <QKaiser@users.noreply.github.com>
 2018-12-18 19:27:08 +01:00
Quentin Kaiser 6ad40deac3 print_status will never throw a JSON::ParseError exception. 2018-12-18 19:15:13 +01:00
Quentin Kaiser a52ffbcead Missing disclosure date. 2018-12-18 17:03:09 +01:00
Quentin Kaiser a3d020a7e2 Add support for authorization with X-Consul-Token ACL header. 2018-12-18 16:56:03 +01:00
Quentin Kaiser 1839144978 Cleaner to define this as a Hash, then call .to_json on it. 2018-12-18 16:53:49 +01:00
Quentin Kaiser 177ae2f927 fail_with is not allowed in check method. Use vprint_error and return a CheckCode instead. Cleaner response check in check function. Usage of CheckCode instead of Exploit::CheckCode. 2018-12-18 16:33:53 +01:00
Quentin Kaiser 0feadf636b Define in RPORT and SSL in register_options rather than DefaultOptions. Support for echo and printf command stager flavors + support for curl and wget command stager flavors (hence reactivation of SRVHOST, SRVPORT, URIPATH and SSLCert). 2018-12-18 16:29:36 +01:00
Quentin Kaiser 0acdcd98f2 Merge branch 'master' into consul_service_exec 2018-12-18 16:27:08 +01:00
Quentin Kaiser f487f978c2 Merge branch 'consul_exec' of github.com:QKaiser/metasploit-framework into consul_exec 2018-12-18 16:09:18 +01:00
Quentin Kaiser 08541cd7b9 Merge branch 'master' into consul_exec 2018-12-18 16:07:08 +01:00
Quentin Kaiser a1e1e4a4f4 Remove useless comment. 2018-12-18 16:05:50 +01:00
Quentin Kaiser b80e5715d4 Add support for authorization with X-Consul-Token ACL header. 2018-12-18 16:02:39 +01:00
Quentin Kaiser 551f8c5e92 Support for echo and printf command stager flavors + support for curl and wget command stager flavors (hence reactivation of SRVHOST, SRVPORT, URIPATH and SSLCert). 2018-12-18 15:48:58 +01:00
Quentin Kaiser f290221a66 Cleaner response check in check function. Usage of CheckCode instead of Exploit::CheckCode. 2018-12-18 15:36:52 +01:00
Quentin Kaiser aeec5cf23e Cleaner to define this as a Hash, then call .to_json on it. Better support of agent definition in check function. 2018-12-18 15:31:30 +01:00
Quentin Kaiser e51530688b fail_with is not allowed in check method. Use vprint_error and return a CheckCode instead. 2018-12-18 15:09:04 +01:00
Quentin Kaiser 4682cf5796 Define in register_options rather than DefaultOptions. 2018-12-18 15:04:28 +01:00
Brent Cook fc2d217c0a Land #11135, strip comments from source code before uploading it to the target 2018-12-17 21:23:29 -06:00
Shelby Pace 2fc501d260 Land #11112, Fix bpf_priv_esc exploit module 2018-12-17 10:00:50 -06:00
Jacob Robles 7839add2fd Land #11123, Add module windows persistent service 2018-12-17 09:07:21 -06:00
Jacob Robles 88b7b7df4a Fix additional path space issues 2018-12-17 07:00:23 -06:00
Brendan Coles d973a58052 Clean up linux/local/vmware_alsa_config 2018-12-17 08:01:34 +00:00
Green-m 0aa6e5a640 Handle path with spaces correctly. 2018-12-17 10:25:06 +08:00
Brendan Coles fcb512878c Add strip_comments method to Linux local exploits 2018-12-16 14:11:54 +00:00
Wei Chen 5bf28887d2 Land #11127, Fix TARGETURI support in struts2_namespace_ognl 2018-12-15 09:33:48 -06:00
Brendan Coles b8e134b95d Update version check 2018-12-15 05:39:50 +00:00
Jacob Robles 8adfef5730 Remove Version, Fix Whitespace 2018-12-14 13:19:49 -06:00
Jacob Robles e67eaa94c9 Move code to ERB template 2018-12-14 13:13:32 -06:00
William Vu 38bdee19e8 Fix TARGETURI support in struts2_namespace_ognl 2018-12-14 13:08:50 -06:00
Auxilus 6c9fafb9d5 Delete unused variable 
I suppose the variable 'f' was for Name in https://github.com/rapid7/metasploit-framework/blob/06720ee18b2d661aa5ea695ed80e4daa88fbf20c/modules/exploits/linux/smtp/haraka.py#L70

I'm not sure, should it be 'f' at https://github.com/rapid7/metasploit-framework/blob/06720ee18b2d661aa5ea695ed80e4daa88fbf20c/modules/exploits/linux/smtp/haraka.py#L70 or just the way it is atm?
 2018-12-14 22:27:11 +05:30
Jacob Robles 556d182231 Remove code that was replaced 2018-12-14 09:15:01 -06:00
Jacob Robles a057b72bd9 Use argument 2018-12-14 09:14:27 -06:00
Jacob Robles dfa84aa1af Use exploit default exception handling 2018-12-14 09:12:32 -06:00
Jacob Robles 5fd7b82f7a Remove unused parameter 2018-12-14 09:10:29 -06:00