adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
67,215 Commits 27 Branches 1,043 Tags
fc3b08fb8b97539d016878eb774df28362c444e3
Commit Graph

618 Commits

Author SHA1 Message Date
bcoles bbbec267b6 exploits: Set tftphost option for modules which use Windows TFTP stager 2022-06-29 19:10:52 +10:00
Spencer McIntyre 19a9ff1198 Update a couple of modules for the new SMB server 2022-05-16 14:39:45 -04:00
Grant Willcox bba40bcd21 Add in fixes from code review 2022-04-04 12:05:21 -05:00
Grant Willcox 7e5123cd24 Add initial code from Hajap Zairy Al-Sharif 2022-04-04 11:56:14 -05:00
h00die d5ba1afbec fix URLs not resolving 
fix URLs not resolving

add csv export to references

fix URLs not resolving

pdf not pd

missed a url change

remove extra recirectedfrom fields

remove extra file

fix ovftool url accidental replacement
 2022-02-16 17:22:40 -06:00
darrenmartyn 604361b59d Update hp_dataprotector_cmd_exec.rb 
64 bit payloads
 2022-02-15 18:03:13 +00:00
adfoster-r7 059e39a6f0 Specify meterpreter compatibility command requirements 2021-09-08 22:59:25 +01:00
adfoster-r7 4a9a15e638 Run Rubocop layout rules on modules 2021-08-27 17:19:43 +01:00
Alan Foster 5b3fde7735 Rubocop recently landed modules 2021-02-16 15:08:08 +00:00
Brendan Coles a1c316c679 msftidy: Fix exploit module checks for author and stack buffer overflow 2021-02-13 04:10:13 +00:00
CSharperMantle d99c2ac783 linguistic fixes of 'does not exists' 2020-12-23 11:36:38 +08:00
dwelch-r7 1617b3ec9b Use zeitwerk for lib/msf/core folder 2020-12-07 10:31:45 +00:00
Alan Foster 30809787c4 Convert disclosure dates to iso8601 2020-10-02 21:00:37 +01:00
William Vu a6f7c0c0de Backport miscellaneous fixes to my modules 2020-08-14 13:40:23 -05:00
Adam Galway 1a2bf98222 creates standard elog & updates exisiting usages 2020-06-22 12:48:39 +01:00
Alan Foster 6007e13379 Fix edgecase in rubocop module description rule 2020-06-10 12:11:49 +01:00
Brendan Coles ad05cf7870 Update TinyIdentD 2.2 Stack Buffer Overflow module 2020-05-23 04:43:44 +00:00
William Vu 0bcc473ded Rename option to HOSTINFO_NAME and update doc 2020-05-01 12:59:01 -05:00
William Vu c27269105e Rename CmdStager to psh_invokewebrequest 2020-05-01 12:31:53 -05:00
William Vu 1364b08c4f Make host info name configurable as an option 
Though it has to be recognized by the server.
 2020-05-01 12:19:12 -05:00
William Vu 96f802585a Update dropper payload to stageless 
We're using Invoke-WebRequest now. Or anything similar.
 2020-05-01 12:19:12 -05:00
William Vu 9adaa08ddd Use new PowerShell Invoke-WebRequest CmdStager 2020-05-01 12:19:12 -05:00
William Vu 9bfecbc2aa Print the responses if found but don't bail 
The responses aren't always in sync, causing unexpected failures.
 2020-05-01 12:19:12 -05:00
William Vu bb034acd7c Note reason for SERVICE_RESOURCE_LOSS 2020-05-01 12:19:12 -05:00
William Vu 309475259a Remove doubled-up command prefix from dropper 
The library prefixes "cmd /c" automatically.
 2020-05-01 12:19:12 -05:00
William Vu 84061881b8 Clarify module description 2020-05-01 12:19:12 -05:00
William Vu 9d601b50c2 Note how we trigger the deserialization vuln 2020-05-01 12:19:12 -05:00
William Vu efab4f04f7 Add Veeam ONE Agent .NET deserialization exploit 2020-05-01 12:19:12 -05:00
Alan Foster 3a046f01da Run rubocop -a on subset of files 2020-03-06 10:41:45 +00:00
Alan Foster 6bac1ec2aa Remove executable flags from exploit files 2020-02-26 10:39:50 +00:00
William Vu 4fa3b25788 Correct language in crosschex_device_bof 2020-02-18 23:18:45 -06:00
Brent Cook 8489bcdfd9 This fixes broken links to the community.rapid7.com blog 
Performed mechanically with sed, spot-checked that the new blog can consume these links.
 2020-02-18 09:06:11 -06:00
Adam Galway 2ca2b5c7bb replaces magic numbers with target fields 2020-02-13 14:17:23 +00:00
Adam Galway cbcf8a2a68 adds to_i and removes default options 2020-02-12 12:04:15 +00:00
Adam Galway 8fd3b483d3 improves option descriptions & timeout handling 2020-02-11 15:05:24 +00:00
Adam Galway 946e244c8c Updates docs and adds basic options 2020-02-11 13:40:51 +00:00
Adam Galway a7a80e08a8 Updated docs with platform info 2020-02-11 12:55:07 +00:00
Adam Galway ddec8a58a1 disables payload padding and describes shell code 2020-02-05 18:09:39 +00:00
Adam Galway d76546f8ee clarifies inserted shell code's function 2020-02-04 15:14:36 +00:00
Adam Galway 671f2e9616 msfTidy: set disclosure date to proper format 2020-02-04 11:55:39 +00:00
Adam Galway 37065f5ffe PR Changes: More Cleanup 2020-02-04 10:59:02 +00:00
Adam Galway 4fd865f3a9 PR Changes: Comments, fail_with, and cleanup 2020-02-04 10:57:41 +00:00
Adam Galway 2ce3cb9e86 updated description 2020-02-03 17:09:56 +00:00
Adam Galway 6b229177f1 Add crosschex buffer overflow exploit 2020-02-03 17:02:04 +00:00
h00die 9f29f5f419 fix spelling received 2019-10-05 14:40:27 -04:00
William Vu 32334c2386 Update all module splats from http:// to https:// 2019-08-15 18:10:44 -05:00
Adam Cammack cf9b94a964 Set needs_cleanup flag for exploits that need it 
The `needs_cleanup` flag needs to be set per-module when an exploit
needs an interactive session to clean up. Some `FileDropper` exploits
need additional cleanup to what the mixin provides, but since all
`FileDropper`s already mark themselves as needing cleanup those are not
covered here. A few of these could potentially be refactored to use the
original exploitation method to clean up or to compile the list of
files/commands to clean up ahead of time, but that is out of the scope
of this fix.
 2019-08-02 10:23:53 -05:00
Wietsman 3b08ed88d1 #12095 added version check if vulnerable 
#12095 cleaned up the code
#12095 added more output
#12095 added comments
 2019-07-22 16:43:24 +02:00
Wietsman 71da3b7903 #12095 Added cleaning up of trial account and dropper files. 2019-07-21 03:21:15 +02:00
Wietsman e26b650f31 #12095 Fixed Password complexity generation 
#12095 Fixed trial account creation
#12095 Fixed calling functions
 2019-07-18 13:13:39 +02:00