adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
41,886 Commits 27 Branches 1,043 Tags
f8a94de6710abe3042a26a9dca38dcccff2c93be
Commit Graph

10172 Commits

Author SHA1 Message Date
Rasta Mouse 985838e999 Suggestions from OJ 2014-11-27 21:38:50 +00:00
Rasta Mouse 25ecf73d7d Add configurable directory, rather than relying on the session working 
directory.
 2014-11-27 17:12:37 +00:00
OJ 75e5553cd4 Change to in exploit 2014-11-26 16:53:30 +10:00
jvazquez-r7 9524efa383 Fix banner 2014-11-25 23:14:20 -06:00
jvazquez-r7 16ed90db88 Delete return keyword 2014-11-25 23:11:53 -06:00
jvazquez-r7 85926e1a07 Improve check 2014-11-25 23:11:32 -06:00
jvazquez-r7 5a2d2914a9 Fail on upload errors 2014-11-25 22:48:57 -06:00
jvazquez-r7 b24e641e97 Modify exploit logic 2014-11-25 22:11:43 -06:00
jvazquez-r7 4bbadc44d6 Use Msf::Exploit::FileDropper 2014-11-25 22:00:42 -06:00
jvazquez-r7 7fbd5b63b1 Delete the Rex::MIME::Message gsub 2014-11-25 21:54:50 -06:00
jvazquez-r7 eaa41e9a94 Added reference 2014-11-25 21:37:04 -06:00
jvazquez-r7 2c207597dc Use single quotes 2014-11-25 18:30:25 -06:00
jvazquez-r7 674ceeed40 Do minor cleanup 2014-11-25 18:26:41 -06:00
jvazquez-r7 6ceb47619a Change module filename 2014-11-25 18:09:15 -06:00
jvazquez-r7 1305d56901 Update from upstream master 2014-11-25 18:07:13 -06:00
Joe Vennix 3a5de9970f Update description, rename xnu_ver -> osx_ver. 2014-11-25 12:38:29 -06:00
Joe Vennix 7a3fb12124 Add an OSX privilege escalation from Google's Project Zero. 2014-11-25 12:34:16 -06:00
spdfire 583494c0db use BrowserExploitServer 2014-11-24 18:49:27 +01:00
spdfire 08a67d78c5 module for CVE-2014-6332. 2014-11-24 08:25:18 +01:00
Mark Schloesser 9e9954e831 fix placeholder to show the firmware version I used 2014-11-19 21:23:39 +01:00
Mark Schloesser a718e6f83e add exploit for r7-2014-18 / CVE-2014-4880 2014-11-19 21:07:02 +01:00
Joe Vennix a9cb6e0d2f Add jduck as an author on samsung_knox_smdm_url 2014-11-19 10:18:08 -06:00
Meatballs 1d0d5582c1 Remove datastore options 2014-11-19 15:05:36 +00:00
Meatballs 7004c501f8 Merge remote-tracking branch 'upstream/master' into psexec_refactor_round2 
Conflicts:
	modules/exploits/windows/smb/psexec.rb
 2014-11-19 14:40:50 +00:00
jvazquez-r7 542eb6e301 Handle exception in brute force exploits 2014-11-18 12:17:10 -08:00
Jon Hart 60e31cb342 Allow sunrpc_create to raise on its own 2014-11-18 12:17:10 -08:00
jvazquez-r7 7daedac399 Land #3972 @jhart-r7's post gather module for remmina Remmina 
* Gather credentials managed with Remmina
 2014-11-17 16:44:41 -06:00
Tod Beardsley 286827c6e5 Land #4186, Samsung KNOX exploit. Ty @jvennix-r7! 2014-11-17 13:29:39 -06:00
Tod Beardsley 39980c7e87 Fix up KNOX caps, descriptive description 2014-11-17 13:29:00 -06:00
Tod Beardsley 0f41bdc8b8 Add an OSVDB ref 2014-11-17 13:26:21 -06:00
jvazquez-r7 145e610c0f Avoid shadowing new method 2014-11-17 12:22:30 -06:00
William Vu 91ba25a898 Land #4208, psexec delay fix 2014-11-17 11:35:56 -06:00
Joe Vennix cd61975966 Change puts to vprint_debug. 2014-11-17 10:13:13 -06:00
floyd 9243cfdbb7 Minor fixes to ruby style things 2014-11-17 17:12:17 +01:00
Joe Vennix 2a24151fa8 Remove BAP target, payload is flaky. Add warning. 2014-11-17 02:02:37 -06:00
HD Moore 9fe4994492 Chris McNab has been working with MITRE to add these CVEs 
These CVEs are not live yet, but have been confirmed by cve-assign
t
 2014-11-16 18:42:53 -06:00
Joe Vennix 5de69ab6a6 minor syntax fixes. 2014-11-15 21:39:37 -06:00
Joe Vennix 3fb6ee4f7d Remove dead constant. 2014-11-15 21:38:11 -06:00
Joe Vennix 7a62b71839 Some URL fixes from @jduck and exploit ideas from Andre Moulu. 
The exploit works with the URLs fixed, installs the APK, but hangs at the Installing...
screen and never actually launches. We tried opening the APK in a setTimeout() intent
URI, but the previously launched intent seemed unresponsive. Andre had the bright
idea of re-opening the previously launched intent with invalid args, crashing it and
allow us to launch the payload.
 2014-11-15 21:33:16 -06:00
Christian Mehlmauer 28135bcb09 Land #4159, MantisBT PHP code execution by @itseco 2014-11-15 07:49:54 +01:00
Rich Lundeen 27d5ed624f fix for IE9 exploit config 2014-11-14 17:21:59 -08:00
Rich Lundeen 17ab0cf96e ADD winxpIE8 exploit for MS13-080 2014-11-14 17:16:51 -08:00
sinn3r e194d5490d See #4162 - Don't delay before deleting a file via SMB 
So I was looking at issue #4162, and on my box I was seeing this
problem of the exploit failing to delete the payload in C:\Windows,
and the error was "Rex::Proto::SMB::Exceptions::NoReply The SMB
server did not reply to our request". I ended up removing the sleep(),
and that got it to function properly again. The box was a Win 7 SP1.

I also tested other Winodws boxes such as Win XP SP3, Windows Server
2008 SP2 and not having the sleep() doesn't seem to break anything.
So I don't even know why someone had to add the sleep() in the first
place.
 2014-11-14 15:45:37 -06:00
jvazquez-r7 ee9b1aa83a Manage Rex::ConnectionRefused exceptions 2014-11-14 10:53:03 -06:00
jvazquez-r7 428fe00183 Handle Rex::ConnectionTimeout 2014-11-13 22:34:28 -06:00
Jon Hart 57aef9a6f5 Land #4177, @hmoore-r7's fix for #4169 2014-11-13 18:29:57 -08:00
jvazquez-r7 4a0e9b28a4 Use peer 2014-11-13 19:26:01 -06:00
jvazquez-r7 4a06065774 Manage Exceptions to not wait the full wfs_delay 2014-11-13 19:17:09 -06:00
jvazquez-r7 73ce4cbeaa Use primer 2014-11-13 18:21:19 -06:00
jvazquez-r7 0bcb99c47d Fix metadata 2014-11-13 18:00:11 -06:00