31395 Commits

Author	SHA1	Message	Date
Grant Willcox	0e0e3bbcfb	Land #15603, Add Geutebruck CVE_2021_335XX command injection module	2021-09-01 10:59:22 -05:00
adfoster-r7	ded8200396	Land #15537, Add support for ruby 3	2021-09-01 10:30:54 +01:00
bwatters	ff50a94348	Land #15567, Add in Exploit for CVE-2021-3490 ... Merge branch 'land-15567' into upstream-master	2021-08-31 18:46:25 -05:00
Grant Willcox	d83ede6306	Fix up some check method issues and some XML data validation issues identified during review	2021-08-31 18:25:01 -05:00
Your Name	5599929b6a	Fixed Randomization	2021-08-31 18:25:00 -05:00
Grant Willcox	0a57641aa4	Add in documentation and module code cleanness improvements and also make the output easier for readers to understand should something fail midway through.	2021-08-31 18:24:57 -05:00
Your Name	cd74e34e3c	Fixed Authors	2021-08-31 18:24:51 -05:00
Your Name	b5b0b3087a	Fixed References and Description	2021-08-31 18:24:50 -05:00
Your Name	56cde3eaba	Add Geutebruck CVE_2021_335XX command injections module	2021-08-31 18:24:14 -05:00
Grant Willcox	488f58a068	Attempt to fix RuboCop errors	2021-08-31 15:36:00 -05:00
Grant Willcox	3bca3b0bcb	Update exploit code to use & after the command to execute as root so it executes in the background and doesn't hang Metasploit. Also update the logic of the code to check the response from executing the exploit and respond accordingly and update the documentation to match	2021-08-31 15:07:37 -05:00
Grant Willcox	337e80b244	Land #15375, Fix LDAP hashdump crash on null char	2021-08-30 11:55:46 -05:00
Spencer McIntyre	8317a484a3	Land #15548, Overhaul SMB auth capture server	2021-08-30 10:01:55 -04:00
h00die	a5674683f0	remove duplicate autocheck	2021-08-27 20:08:58 -04:00
sjanusz	ab596dc13d	Adds realm, host and service for core credentials	2021-08-27 17:33:17 +01:00
adfoster-r7	4a9a15e638	Run Rubocop layout rules on modules	2021-08-27 17:19:43 +01:00
adfoster-r7	7daec4ab39	Update metasploit payloads version	2021-08-27 12:55:19 +01:00
Grant Willcox	7cf2e66085	Fix up regex to properly match results and not include the 'version' part of the string, which was causing Rex::Version to return incorrect results and therefore make the 'check' method fail	2021-08-26 17:41:41 -05:00
Grant Willcox	415b46d9a7	Fix Rubocop errors	2021-08-26 16:52:58 -05:00
Dimitrie-Toma Furdui	63aaa8f438	fixed version check for docker_credential_wincred	2021-08-26 16:33:45 -05:00
Tim W	6c0b90eabb	Land #15532, add module for CVE-2021-21300 and git mixins	2021-08-26 18:26:04 +01:00
Spencer McIntyre	674628e600	Land #15384, Improve Windows RDLL injection	2021-08-26 12:11:44 -04:00
Grant Willcox	be9a7bc9b9	Fix up error in alpc_taskscheduler.rb where it expected a DLL but we passed it shellcode instead	2021-08-26 09:27:21 -05:00
Grant Willcox	7652a2240e	Add in missing import for modules/exploits/windows/local/ntapphelpcachecontrol.rb to prevent crashes due to execute_dll not being defined	2021-08-25 18:19:58 -05:00
Grant Willcox	6f9b06fb4b	Add in Manfred Paul's original blog post and chompie1337's original PoC to the list of links. Also add in a relatively detailed description of how to add in new targets to this exploit to the documentation in case that helps anyone down the line	2021-08-25 18:09:07 -05:00
space-r7	ab622405de	Land #15593, add WP Learnpress SQLi module	2021-08-25 14:18:51 -05:00
space-r7	17da80163c	fix typo, set COUNT default to 3 as noted in docs	2021-08-25 14:17:47 -05:00
agalway-r7	4bcfe81ddb	replace magic value with constant ... Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>	2021-08-25 14:35:16 +01:00
Grant Willcox	29a230ec72	Improve error handling for module	2021-08-24 17:36:37 -05:00
Grant Willcox	5a80e9678c	Address Spencer's comments and remove changes that don't directly use the DLL injection library API change	2021-08-24 16:34:01 -05:00
A Galway	8f77c6ff8a	adds JTR NTLM constant & improves module options	2021-08-24 12:18:27 +01:00
h00die	b9db47f873	wp_learnpress sqli	2021-08-23 19:45:45 -04:00
Grant Willcox	bd490d35ed	Add support for Linux 5.11.x on Fedora	2021-08-23 15:09:10 -05:00
Grant Willcox	db5ac81ecf	Fix up mistakes bcoles pointed out and also add in a check to ensure we are only targetting x64 systems	2021-08-23 13:23:40 -05:00
Grant Willcox	e46611cffb	Add in support for exploiting Fedora 32 with Linux kernel 5.10.12	2021-08-20 18:04:59 -05:00
Grant Willcox	75ae2b76f5	Add support for Fedora 32 Linux Kernel 5.9.8-100 and also fix an error where the wrong file was being used for Fedora 32 Linux Kernel 5.8.8.	2021-08-20 16:50:20 -05:00
Grant Willcox	5abf407228	Add support for Fedora 32 with Linux Kernel 5.8.8-200	2021-08-20 15:42:34 -05:00
Grant Willcox	dd806a9d61	Add in support for Fedora 32 running kernel 5.7.11-200	2021-08-20 13:37:52 -05:00
sjanusz	8e00c5a188	Add default payload option to targets	2021-08-20 16:38:22 +01:00
Spencer McIntyre	c47efcabfc	Land #15556, Add shell support to enum_unattended	2021-08-19 17:40:51 -04:00
Grant Willcox	b479cb61a4	Add in scenario for Ubuntu 20.04.02 LTS and show that its still working as expected	2021-08-19 15:05:03 -05:00
Grant Willcox	945004ed97	Fix up typo that was breaking the code and also fix RuboCop errors	2021-08-19 14:12:03 -05:00
Grant Willcox	b60ad3ee26	Fix up mistakes I noticed whilst doing edits on the code as well as some mistakes identified during peer review	2021-08-19 13:55:54 -05:00
pingport80	406b152752	add shell support to enum_unattend module ... update registry operations guard against nil when the unattendfile registry key is not present	2021-08-19 23:39:18 +05:30
William Vu	31796c6236	Land #15561, ProxyShell exploit	2021-08-19 10:31:02 -05:00
William Vu	0a06730802	Update contributors	2021-08-19 10:30:21 -05:00
Spencer McIntyre	1519aef539	Land #15570, Fix smb enum gpp module	2021-08-19 09:20:38 -04:00
space-r7	a75b649cf3	Land #15546, properly store UUID URLs	2021-08-18 17:15:14 -05:00
Spencer McIntyre	84f8c44e69	Write to the targeted backend server	2021-08-18 12:34:40 -04:00
Spencer McIntyre	75e63992d6	Write an exploit for ProxyShell	2021-08-18 10:50:34 -04:00